Google Cloud Platform > Bucket Protector
Bucket Protector
Bucket Protector reduces the surface area for cybersecurity attacks, reducing the risk to the organization using this utility function while ensuring FIPS, PCI DSS, and HIPAA compliance when migrating workloads from other Cloud Service Providers onto Google Cloud.
Trusted By
Backup Components
Platform
Bucket Protector is developed in Java and migrates data to the Cloud for automatic deidentification or encryption.
Data Masking
Offers a range of data protection techniques, including FPE, character masking, replacement, and redaction.
Integration
It allows users to import data from GCP, any Cloud Service, or a local computer and integrates with services like Cloud Storage, Cloud DLP API, and Cloud KMS or CloudHSM.
Key Management
Manages encryption keys securely using Cloud KMS or CloudHSM, with key metadata captured in a JSON file.
Compliance
Helps enforce data protection policies consistently and stay compliant with regulations like FIPS, PCI-DSS, HIPAA, and GDPR.
Provided
Features
| Features | Open Source | Enterprise Features |
|---|---|---|
| Redaction |
|
|
| Replacement |
|
|
| Masking |
|
|
| Format Preserving Encryption |
|
|
| Software-based Key generation |
|
|
| Key Management in Google Cloud Platform |
|
|
| Logging |
|
|
| Enhanced Key Protection using nCipher, Thales , Utimaco and Futurex HSM |
|
|
| 24*7 Customer Support |
|
|
| FIPS 140-2 Level 3 Compliant |
|
|
How does it work?
When a user transfers files to a designated Google Cloud Storage bucket, it triggers the Bucket Protector Google Cloud Function. This function automatically accesses the Google Cloud Data Loss Prevention (DLP) and Key Management Service (KMS) APIs. Based on the pre-configured settings, the data is then deidentified (using methods like masking, redaction, or replacement) or encrypted using Format Preserving Encryption (FPE). Finally, the protected data is stored back into the Google Cloud Storage bucket, ensuring your sensitive information is secured seamlessly.
Discover Our
Latest Resources
- Blogs
- White Papers
- Videos
Hardware Security Module
Deep-Dive: Encryption Consulting's On-Demand Entrust nShield HSM Training
Deep-dive Entrust nShield HSM training covering Security World, key management, PKCS#11, HSM Pool, CodeSafe, and post-quantum cryptography.
Read more
White Paper
The PQC Signature Selection Playbook
Which NIST post-quantum signature fits your code-signing workflow? Compare ML-DSA, SLH-DSA, and draft FN-DSA variants in one practical reference.
Read more
Video
From 50 to 9: NIST's Post-Quantum Signature Survivors (Part-2)
Explore expert insights on cybersecurity, PKI, and post-quantum readiness, with practical guidance to strengthen security and future-proof cryptography.
Watch Now
