Bucket Protector


Bucket Protector reduces the surface area for cybersecurity attacks, reducing the risk to the organization using this utility function

while ensuring FIPS, PCI DSS, and HIPPA compliance when migrating workloads from other Cloud Service Providers onto Google Cloud.

Bucket Protector - A Utility Function

This Cloud Utility Function allows users to import data to Google Cloud Storage either from

The sensitive data uploaded to the storage bucket is then protected via data protection methods such as FPE, Masking, replacement, or redaction.

Using Bucket Protector allows users to choose which methods of data protection they wish to utilize to ensure PII and sensitive data are in a protected format throughout the entire lifecycle of data.


Migrate data to the Cloud and have it automatically deidentified or encrypted.

Developed in Java for Google Cloud Platform.​

Deidentifies or encrypts data to ensure PII data security.​


encryption consulting Open Source Download Software Enterprise Features Request a demo
Format Preserving Encryption
Software-based Key generation
Key Management in Google Cloud Platform
Enhanced Key Protection using Cloud HSM services
24×7 Customer Support
FIPS 140-2 Level 3 Compliant
Download Software Request a demo

How does it work?

The user transfers files from another Google Cloud Platform project, or another Cloud Service Provider, to Google Cloud Storage. This triggers the Google Cloud Function, which ensures the user has access to the DLP and KMS APIs. The data is then deidentified or encrypted based on user input and returned to Google Cloud Storage.

Bucket Protector - Working


Our experts are here to answer

Request a consultation