Cloud Data Loss Prevention
Gain visibility into the data you store and process
Create dashboards and audit reports. Automate tagging, remediation, or policy based on findings. Connect DLP results into Security Command Center, Data Catalog, or export to your own SIEM or governance tool.
Configure data inspection and monitoring with ease
Enable DLP across your entire BigQuery footprint to automatically discover, inspect, and classify your data. DLP runs continuously, picking up new data tables as they are added, so you can focus on analysis.
Reduce risk to unlock more data for your business
Protection of sensitive data, like personally identifiable information (PII), is critical to your business. Deploy de-identification in migrations, data workloads, and real-time data collection and processing.
De-identification of PII in large-scale data using Cloud DLP
Learn how to use Cloud DLP to create an automated transformation pipeline to de-identify sensitive data like personally identifiable information (PII).
Automating the classification of data in Cloud Storage
Learn how to implement an automated data quarantine and classification system using Cloud Storage and other Google Cloud products.
Relational database import to BigQuery with Dataflow
This proof of concept uses Dataflow and Cloud DLP to securely tokenize and import data from a relational database to BigQuery.
Using a Cloud DLP proxy to query a database
This concept architecture uses a proxy that parses, inspects, and then either logs the findings or de-identifies the results by using Cloud DLP.
Inspecting storage and databases for sensitive data
Instructions for setting up an inspection scan using Cloud DLP in the Cloud Console, and (optionally) for scheduling periodic repeating inspection scans.
Cloud DLP Client Libraries
Learn how to get started with the Cloud Client Libraries for the Cloud Data Loss Prevention API.
Create a Cloud DLP inspection template
This quickstart shows you how to create and use a Cloud Data Loss Prevention (DLP) inspection template that lets you create and persist configuration information.
Schedule a Cloud DLP inspection scan
Learn how to: enable DLP in a project, create a job trigger to scan a public dataset, choose input data to customize your scan and configure detection parameters.
Inspect sensitive text by using Node.js
Learn how to scan a sample string for sensitive information by using the Cloud Data Loss Prevention API (DLP API), the Google Cloud CLI, and Node.js.
Understand and manage your data risk across your organization automatically with Cloud DLP (available now for BigQuery). Continuous visibility into your data can help you make more informed decisions, manage and reduce your data risk, and help stay in compliance. Data profiling can be configured easily in the Cloud Console with no jobs or overhead to manage, letting you focus on the outcomes and your business.
Cloud DLP can help classify your data on or off cloud giving you the insights you need to ensure proper governance, control, and compliance. Save detailed findings to BigQuery for analysis or publish summary findings to other services like Data Catalog, Security Command Center, Cloud Monitoring, and Pub/Sub. Audit and monitor your data in Cloud Console or build custom reports and dashboards using Looker Studio or your tool of choice.
Unblock more workloads as you migrate to the cloud. Cloud DLP enables you to inspect and classify your sensitive data in structured and unstructured workloads. De-identification techniques like tokenization (pseudonymization) let you preserve the utility of your data for joining or analytics while reducing the risk of handling the data by obfuscating the raw sensitive identifiers.
|Automatic discovery, inspection, and classification||Automatic DLP can be configured directly in the Cloud Console and runs continuously for you.|
|Flexible classification||150+ pre-defined detectors with a focus on quality, speed, and scale. Detectors are improving and expanding all the time.|
|Simple and powerful redaction||De-identify your data: redact, mask, tokenize, and transform text and images to help ensure data privacy.|
|Serverless||Cloud DLP is ready to go, no need to manage hardware, VMs, or scale. Just send a little or a lot of data and Cloud DLP scales for you.|
|Detailed findings with on-demand inspection||Classification results can be sent directly into BigQuery for detailed analysis or export into other systems. Custom reports can easily be generated in Looker Studio.|
|Secure data handling||Cloud DLP handles your data securely and undergoes several independent third-party audits to test for data safety, privacy, and security.|
|Pay-as-you-go pricing||Cloud DLP is charged based on the amount of data processed, not based on a subscription service or device. This customer-friendly pricing allows you to pay as you go and not in advance of demand.|
|Easy workload integration||Efficiently deploy Cloud DLP with reusable templates, monitor your data with periodic scans, and integrate into serverless architecture with Pub/Sub notifications.|
|Custom rules||Add your own custom types, adjust detection thresholds, and create detection rules to fit your needs and reduce noise.|