Google Cloud’s BigQuery Gets Automatic Data Loss Prevention Feature
Google Cloud today said it is enabling automatic data loss prevention in Google BigQuery to help users find, classify and protect sensitive information that may have been inadvertently scattered across their cloud deployments.
In a blog post, Google Cloud product manager Scott Ellis explained that sensitive data has a knack for showing up in all sorts of unexpected places – “for example, in the logs that services generate when customers inadvertently send them into a customer support chat, or when managing unstructured analytical workloads,” he said.
Not knowing where sensitive data resides, some companies struggle to keep their customers’ personally identifiable information private. It also means they can breach compliance regulations and struggle to control their data, Ellis explained. “We really think that one of the challenges they face is very early awareness or visibility of their data,” he said.
One problem is that the manual processes that many companies have in place to control sensitive data are simply no longer able to handle the sheer volume of information generated by their systems. Therefore, companies need an automated system for personally identifiable information to ensure that this data is not inadvertently exposed.
Automatic DLP is a fully managed service within BigQuery, which is Google Cloud’s serverless data warehouse offering. Generally available starting today, Automatic DLP works by continuously analyzing data across an entire organization to provide users with general knowledge of the data they have and specific visibility into where sensitive data is stored and processed. This awareness is the first and most important step in ensuring businesses can protect and manage their data, Ellis said.
To ensure users can easily get started with Automatic DLP, Google has created a number of new dashboard templates for Google Data Studio, giving customers an advanced summary of their data environments and easy access to graphics testing. Customers can also use Google Cloud Console to dig deeper into their data or do the same with a business intelligence tool like Looker.
Google has also created a tool for customers to determine the frequency and conditions of profiling their data. When Automatic DLP was beta tested, Google set the default. However, he said that many customers need to run their data profiler at different intervals. For example, if someone changes the schema of a database, the company may want to profile their data immediately to see if there are any repercussions.
A final new feature is integration with Google Cloud’s security analytics service, Chronicle. The service is now able to automatically sync risk scores for each table in BigQuery.