Overview

Google Cloud Data Lake Protection

This suite of Utility functions is designed with data protection on the Google Cloud Platform in mind. We aim to protect data at all levels of the data lifecycle, from data ingestion to data storage to data processing.

Our goal is to ensure users of these tools reduce the risk to their organization while meeting data compliance standards and regulations during the process of migrating PII data to the Cloud.

Cloud Data Protector

Cloud Data Protector can be used for multiple reasons:

  • It securely migrates data from on-premises to the cloud. Data can be encrypted using FPE or masked
  • Cloud Data Protector can also help customers achieve compliance with PCI-DSS, HIPAA/HITECH, GPDR, CCPA, NYDFS along with other regulations.

Securely migrate to the cloud, transfer files between buckets, apply data analytics, while the data remains encrypted helping with all regulations and compliance

Bucket Protector

The next step in securing data in the cloud is at the Data Storage level. Bucket Protector is a Google Cloud Utility Function we have created that utilizes the KMS, DLP, and Cloud Build APIs to:

  • Protect data within Google Cloud Storage Buckets
  • Assist in achieving compliance with PCI-DSS, HIPAA/HITECH, GPDR, CCPA, NYDFS and other regulations.
  • Streamline the encryption of data to Google Cloud Storage from any other outside source

Protecting PII data with methods such as Format Preserving Encryption while transferring the data to Google Cloud Storage has never been easier!

Cloud Data Lake Lifecycle

BigQuery Protector

BigQuery Protector provides a way to access and store data into the database while keeping the database encrypted. The tool offers the option to decrypt the data while extracting information from the database or encrypting data while inserting it into the database.

BigQuery Protector can be used for multiple reasons:

  • Keep the database encrypted while having the option to query the database and perform other data analytics operations on the encrypted database. Format Preserving Encryption is used when inserting new data, which protects any sensitive data in the database while still allowing the data to be queried through BigQuery.
  • Big Query Protector can be deployed as containerized service or as a library embedded with other services, which provides a way to access the encrypted data on the fly without compromising performance or security.