Cloud Data Loss Prevention

Automatically discover and redact sensitive data everywhere.

View documentation for this product.

Classify and redact sensitive data

Classify and redact sensitive data

Cloud DLP helps you better understand and manage sensitive data. It provides fast, scalable classification and redaction for sensitive data elements like credit card numbers, names, social security numbers, US and selected international identifier numbers, phone numbers, and GCP credentials. Cloud DLP classifies this data using more than 90 predefined detectors to identify patterns, formats, and checksums, and even understands contextual clues. You can optionally redact data as well, using techniques like masking, secure hashing, tokenization, bucketing, and format-preserving encryption. Try Cloud DLP in this demo application.

Discover and classify sensitive data

One of the first steps to properly managing your sensitive data is knowing where it exists. Cloud DLP gives you the power to scan, discover, classify, and report on data from virtually anywhere. Cloud DLP has native support for scanning and classifying sensitive data in Cloud Storage, BigQuery, and Cloud Datastore and a streaming content API to enable support for additional data sources, custom workloads and applications.

Automatically mask your data to safely unlock more of the cloud

Today your data is your most critical asset. Cloud DLP provides tools to classify, mask, tokenize, and transform sensitive elements to help you better manage the data that you collect, store, or use for business or analytics. For example, features like format-preserving encryption or tokenization allow you to preserve the utility of your data for joining or analytics while obfuscating the raw sensitive identifiers.

Built to easily fit into your workloads

Cloud DLP architecture includes several features to make it easy to use in small or large operations. Templates for inspection and de-identification allow you to define configurations once and use them across requests. DLP job triggers and actions allow you to kick off inspection jobs periodically and generate Cloud Pub/Sub notifications when jobs are complete. See this tutorial on using DLP with Cloud Functions to automatically classify data in Cloud Storage.

Enhance your understanding of data privacy risk

Quasi-identifiers are partially identifying or elements or combinations of data that may link to a single person or a very small group. Cloud DLP allows you to measure statistical properties such as k-anonymity and l-diversity, expanding your ability to understand and protect data privacy.

Features

Flexible classification

90+ pre-defined detectors with a focus on quality, speed, scale. Detectors are improving and expanding all the time. A full list of detectors is available in the documentation.

Pay-as-you-go pricing

Cloud DLP is charged based on the amount of data processed, not based on a subscription service or device. This customer-friendly pricing allows you to pay as you go and not in advance of demand.

Secure data handling

Cloud DLP handles your data securely and undergoes several independent third-party audits to test for data safety, privacy, and security. Read more on our compliance page.

No hardware or deployments to manage

Cloud DLP is ready to go, no need to manage hardware, VMs, or scale. Just send a little or a lot of data and Cloud DLP scales for you.

Custom detectors

Extend the power of Cloud DLP with custom-defined detection, including custom dictionaries that can scale to millions of entries, pattern recognition, exclusion rules, and context rules.

Detailed findings

Classification results can be sent directly into BigQuery for detailed analysis or export into other systems. Custom reports can easily be generated in Cloud Data Studio.

Easy workload integration

Efficiently deploy DLP with reusable templates, monitor your data with periodic scans, and integrate into serverless architecture with Cloud Pub/Sub notifications.

Simple and powerful redaction

De-identify your data: redact, mask, tokenize, and transform text and images to help ensure data privacy.

Likelihood scores

Customize the sensitive data detection threshold to fit your needs and reduce noise.

REST API

The DLP API is an HTTP REST API that can be used on data inside or outside of GCP and from mobile devices, IoT devices, and browsers.

Customers

Pricing

Pricing for Cloud DLP is available on our pricing page.

Google Cloud

Get started

Learn and build

New to GCP? Get started with any GCP product for free with a $300 credit.

Need more help?

Our experts will help you build the right solution or find the right partner for your needs.

Visszajelzés küldése a következővel kapcsolatban:

Cloud Data Loss Prevention