BT

Your opinion matters! Please fill in the InfoQ Survey!

Google Data Loss Prevention API Offers New Ways to Manage Sensitive Data

| by Steef-Jan Wiggers Follow 0 Followers on Nov 06, 2017. Estimated reading time: 2 minutes |

Google has updated the beta version of its Data Loss Prevention (DLP) API, which is designed to help organizations better manage sensitive and personal identity data. The beta version of the DLP API was introduced in March.

The new features enable users to find, classify, and protect 50 different types of sensitive data elements, including names, credit card numbers, phone numbers, and ID numbers. The added de-identification capabilities and transformations can obfuscate information in a dataset. It increases the difficulty in associating the remaining data with an individual, thus reducing the risk of exposure. With the enhanced DLP API, end users can classify and mask sensitive elements in structured data and unstructured data.

Image source: https://cloudplatform.googleblog.com/2017/10/new-ways-to-manage-sensitive-data-with-the-Data-Loss-Prevention-API.html

The new transformation options in the DLP API are:

  • Redaction and suppression remove entire values from a dataset.
  • Partial masking hides parts of the data, leaving some data visible.
  • Tokenization or secure hashing replaces sensitive data with a key.
  • Dynamic data masking applies de-identification and masking techniques in real time.
  • Bucketing, K-anonymity, and L-diversity help businesses understand and transform data.

The Google DLP API applies the principle of least privilege to expose the minimum data necessary to complete a business process. The API classifies raw data by using a set of predefined detectors to identify patterns, formats, and checksums. The API can even understand contextual clues. The resulting redacted data is suitable for an application, storage, or analysis.

Image source: https://cloud.google.com/dlp/

The DLP API can be pointed to any data source or storage system. It offers native support and scalability for large datasets in Google’s Cloud Storage, Cloud Datastore, and Enterprise Cloud Data Warehouse BigQuery. The Google DLP API is available for a free trial, with production pricing based on data volume of content and storage inspection.

Companies will be subject to stricter regulations to protect corporate and customer data. For example, the EU General Data Protection Regulation (GDPR), which takes effect May 25, 2018, will force companies to plug any possible data leakage. Failure to protect personal financial and medical data will result in hefty fines.

Companies can use a DLP cloud solution such as the Google ALP API to enhance data protection and, combined with other security measures, to meet compliance standards such as the upcoming GDPR. Google provides the DLP API; Microsoft has a DLP solution inside Office 365 and AWS offers a DLP service, Amazon Macie.

DLP solutions can be API-driven or provided via a cloud access security broker (CASB) service or software tool. A CASB service or tool can ensure that the network traffic between on-premises devices, and systems and cloud providers will comply with the enterprise’s security policies. Enterprises can choose between DLP API-driven or CASB services. Sateesh Narahari, VP of products at Managed Methods, which uses the DLP API, said:

Google Cloud DLP API enables our security solutions to scan and classify documents and images from multiple cloud data stores and email sources. This allows us to offer our customers critical security features, such as classification and redaction, which are important for managing data and mitigating risk. Google’s intelligent DLP service enables us to differentiate our offerings and grow our business by delivering high quality results to our customers.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT