Workspace-grade email & file protection

Full-fidelity protection for Gmail and Google Drive

Check Point Harmony Email analyzes messages and files in real time to stop phishing, malware, and data-loss incidents before they reach your users – while giving security teams precise, auditable control.

App owner: sara@charlesyadigital.com Built for Google Workspace environments

View required Google scopes Read how we handle your data

Live threat surface

Gmail + Drive insights

Check Point Harmony Email

Gmail coverage

Full mailbox

Read, classify, remediate

Drive coverage

All files

Scan, label, restrict

Deep inspection of message headers, body, attachments and links to detect phishing, malware and BEC-style attacks.
Real-time remediation: move or delete malicious items, adjust labels, and apply hardened security policies.
Drive inspection to identify risky sharing, sensitive content, and suspicious collaboration patterns.

Product overview

How Check Point Harmony Email works

Check Point Harmony Email connects to your Google Workspace tenant via OAuth and domain-wide delegation. It uses the Gmail and Google Drive APIs to continuously analyze, classify, and remediate threats – without changing your users’ workflow in Gmail or Google Drive.

1. Ingest

Safe access to Gmail & Drive

After an administrator grants access, Check Point Harmony Email uses restricted Google scopes to read messages and files strictly for security purposes, according to your configured policies.

2. Analyze

Signal-rich detection engine

Headers, content, attachments, URLs and file metadata are analyzed to identify phishing, malware, compromised accounts and data-loss signals.

3. Respond

Automated remediation

Depending on policy, Check Point Harmony Email can move messages to spam, delete malicious items, adjust labels, or flag content for manual review by your security team.

Security & data handling

Designed for security-conscious organizations

Check Point Harmony Email is built around the principle of least privilege from an implementation perspective, while requesting broad scopes in order to give administrators full control over detection and remediation capabilities.

What we access

Gmail messages, including headers, body content and attachments, for threat detection and remediation.
Gmail settings such as filters, forwarding configuration and labels to enforce security policies.
Google Drive files and metadata to identify malware, sensitive data and risky sharing behavior.

How we use this data

To detect and block malicious messages and files, and to help administrators investigate suspicious activity.
To apply organization-defined policies (for example, enforcing stricter controls for sensitive users or groups).
To maintain audit logs of security events and administrative actions for compliance and troubleshooting purposes.

Google API access

Gmail & Drive scopes requested by Check Point Harmony Email

The application uses restricted Google scopes to provide comprehensive protection for Gmail and Google Drive. An administrator must explicitly review and approve these scopes before Check Point Harmony Email has access to any data.

Gmail scopes

https://mail.google.com/ – full Gmail access for security processing and remediation.
https://www.googleapis.com/auth/gmail.readonly – read messages for analysis.
https://www.googleapis.com/auth/gmail.metadata – read message metadata and headers.
https://www.googleapis.com/auth/gmail.modify – move, label and delete messages based on policy.
https://www.googleapis.com/auth/gmail.insert – insert messages when needed for remediation workflows.
https://www.googleapis.com/auth/gmail.compose – create and send messages and drafts related to security alerts.
https://www.googleapis.com/auth/gmail.settings.basic – manage filters and basic Gmail settings.
https://www.googleapis.com/auth/gmail.settings.sharing – manage advanced Gmail sharing and forwarding settings.

Google Drive scopes

https://www.googleapis.com/auth/drive – full access to Google Drive files for security scanning and policy enforcement.
https://www.googleapis.com/auth/drive.readonly – read-only access for content inspection.
https://www.googleapis.com/auth/drive.activity – view and manage Drive activity for investigation and analytics.
https://www.googleapis.com/auth/drive.activity.readonly – read activity history on files.
https://www.googleapis.com/auth/drive.metadata – manage file metadata and sharing state.
https://www.googleapis.com/auth/drive.metadata.readonly – read file metadata.
https://www.googleapis.com/auth/drive.scripts – manage scripts associated with files where required by policy.
https://www.googleapis.com/auth/drive.meet.readonly – read Drive items created by Google Meet.

These scopes are used solely to provide email and file security functions as described on this page and in the Privacy Policy. They are not used for advertising or unrelated data processing.