This topic provides information about Cloud Data Loss Prevention and data security, including certifications, compliance (including GDPR), and encryption. For additional information about data security and Google Cloud, see Google Cloud Security.
Certifications
Cloud DLP is listed in the following certifications and documents:
- ISO/IEC 27001
- ISO/IEC 27017:2015
- ISO/IEC 27018:2014
- Payment Card Industry Data Security Standard (PCI DSS)
- HIPAA business associate agreement (BAA)
- Multi-Tier Cloud Security (MTCS) Singapore Standard (SS) 584
For more, see Standards, regulations & certifications.
GDPR
Compliance with the European Union General Data Protection Regulation (GDPR) is a top priority for Google Cloud and our customers.
While Cloud DLP offers several built-in infoType detectors that may be applicable to GDPR compliance, you may need to build your own custom infoType detectors, and should test thoroughly to ensure that the tool fits your specific needs.
You are encouraged to read the Google Cloud and GDPR overview to learn more about the available resources for GDPR compliance with Google Cloud.
Encryption
For information about encryption in transit and Google Cloud services, see Encryption in Transit in Google Cloud.
For information about encryption at rest and Google Cloud services, see Encryption at Rest in Google Cloud.
Next steps
For information about the security measures in place for Google's Cloud Services, please see the Google Cloud Security page.