Jump to Content
Cloud
Blog
Contact sales Get started for free
Cloud
Blog
Contact sales Get started for free
Data Analytics

Scan BigQuery for sensitive data using Cloud DLP

May 31, 2019
https://storage.googleapis.com/gweb-cloudblog-publish/images/GOOGLE_BQ_A_Rnd1_T0T6yuj.max-2600x2600.jpg
Adam Gavish

Product Manager, VPC Service Controls

Michael Saunders

Product Manager, BigQuery

Preventing the exposure of sensitive data is critically important for many businesses—particularly those that operate in industries with substantial compliance needs, such as finance and healthcare. Cloud Data Loss Prevention (DLP) can help meet those needs and protect sensitive data through data discovery, classification, and redaction. But in some cases, you might need more awareness and quick access to Cloud DLP capabilities in the context of other GCP services such as BigQuery. Today, we’re making it easier to discover, and classify sensitive data in BigQuery with the Scan with DLP button. This new feature makes it possible to run DLP scans with just a few clicks, directly from the BigQuery UI.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Cloud_DLP_in_action.max-1300x1300.png
Cloud DLP in action

Here’s what you can do:

  • Detect common sensitive data types such as credit card numbers or custom sensitive data types to highlight intellectual property or proprietary business information.
  • Create triggers for automatic Cloud DLP scan scheduling.
  • Publish Cloud DLP scan findings to BigQuery and Cloud Security Command Center for further analysis and reporting.
  • De-identify and obfuscate sensitive data.
  • Use the Cloud DLP UI (Beta) to create, manage, and trigger DLP scans across multiple GCP services, such as BigQuery, Cloud Storage, and Datastore.
  • Scan a subset of your entire dataset using the sampling feature to keep your Cloud DLP costs under control.

Today, BigQuery customers can start using Cloud DLP to scan for sensitive data with a few clicks, following these simple steps:

1. Browse to a particular BigQuery table and choose Scan with DLP from the Export menu.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Scan_with_DLP.max-1900x1900.png

2. Complete the Cloud DLP scan job creation with a click, or specify custom configurations such as information types to scan, sampling versus full scanning, post-scan actions, and more.

https://storage.googleapis.com/gweb-cloudblog-publish/images/choose_input_data.max-1900x1900.png

3. Once a Cloud DLP scan is completed, you will receive an email with links to the scan details page where you can analyze findings and take further actions.

You can also quickly scan your other cloud-based data repositories with the Data Loss Prevention (DLP) user interface, now available in beta. Through this new interface, you can run DLP scans with just a few clicks—no code required, and no hardware or VMs to manage. Get started today in the GCP console.

To learn more, check out our Cloud DLP documentation.

Posted in
Related articles
https://storage.googleapis.com/gweb-cloudblog-publish/images/DO_NOT_USE_CUxs9oC.max-700x700.jpg
Data Analytics

Introducing LLM fine-tuning and evaluation in BigQuery

By Vaibhav Sethi • 5-minute read

https://storage.googleapis.com/gweb-cloudblog-publish/images/Hero_Blog_Image_AI_and_Certs_Launch.max-700x700.jpg
Training and Certifications

Google Cloud offers new AI, cybersecurity, and data analytics training to unlock job opportunities

By Erin Rifkin • 6-minute read

https://storage.googleapis.com/gweb-cloudblog-publish/images/Next24_Blog_blank_8b.max-700x700.jpg
Data Analytics

Introducing multimodal and structured data embedding support in BigQuery

By Vaibhav Sethi • 6-minute read

https://storage.googleapis.com/gweb-cloudblog-publish/images/Next24_Blog_blank_2-05.max-700x700.jpg
Data Analytics

Announcing Delta Lake support for BigQuery

By Silvian Calman • 4-minute read