Skip to main content
Admins, and co-admins with requisite permissions, have the option to enforce watermarks and tie them to specific classification labels. This provides the option to limit watermarking to sensitive content. If enabled, end users no longer have the ability to apply their own watermarking to affected content.

Watermarking sources

Watermarking has two sources:
  1. Admin-controlled classification, enforced through an access policy.
  2. User-created, where the user has sufficient privileges.
Custom watermarking can be switched off by navigating to the Admin Console > Enterprise Settings > Content & Sharing > Watermarking. If watermarking customization is switched off for end users in the Admin Console, it is still available in the access policy configuration.

Create, edit, and remove access policies which enforce watermarking

Enterprise admins and co-admins (who have Create, edit, and delete Shield configuration for your company permissions) can create and change watermarking access policies: 
  1. Navigate to the Admin Console.
  2. Select Shield.
  3. Select the Access Policies tab.
  4. Enter a Policy Name and, optionally, a Description.
  5. Select the Content Type you want this to apply to. See more about Classification Labels.
  6. Select Watermarking from the dropdown Security Controls menu.
  7. Ensure the Enable Watermarking toggle is turned on.
    • To customize the applied watermark, select the Customize Watermark button, then select and configure your watermark’s properties before clicking Save.
  8. Select Next, then Start Policy.
This will be automatically enabled for all affected content. To edit or remove the access policy, select the name of the access policy then click either Edit or Delete.
Note: Users should not include personal or sensitive information in customized watermarks.

Customization conflicts

If an end user tries to create or edit watermarking for a file or folder which has security controls with watermarking customization applied, they will be unable to do so:
  • Customization enforced via the access policy takes precedence over user-enforced watermarking
  • When end users try to override watermarking customization enforced via an access policy, the user will see a message explaining that the setting is disabled because of the access policy that is in place
  • If existing watermarking user settings are overridden, they will be restored after the access policy is removed