BigQuery Protector
Encryption Consulting’s BigQuery Protector allows you to access and store data in your BigQuery database while maintaining encryption. This tool provides the option to decrypt data when extracting information and encrypt data when inserting it, adding an essential layer of security. With BigQuery Protector, you can utilize the powerful BigQuery Data Analytics Platform while ensuring your data remains protected.
Trusted By
Common Components
Platform
BigQuery Protector operates based on a flexible configuration file that specifies which datasets, tables, and columns to secure.
Data Masking
Protects BigQuery tables while preserving data format and enables protection of sensitive fields like SSNs, credit card numbers, or emails without impacting query performance or schema compatibility.
Integration
Designed to work with BigQuery and other GCP services like Data Loss Prevention (DLP) API and Cloud KMS.
Key Management
Supports encryption key management via Google Cloud KMS or CloudHSM and also maintains a metadata JSON file.
Compliance
Enables secure analytics by protecting sensitive data without disrupting queries or reporting, and staying compliant with regulations like PCI-DSS, HIPAA, GDPR, and more.
Provided
Features
| Features | Open Source | Enterprise Features |
|---|---|---|
| Redaction |
|
|
| Replacement |
|
|
| Masking |
|
|
| Format Preserving Encryption |
|
|
| Software-based Key generation |
|
|
| Key Management in Google Cloud Platform |
|
|
| Logging |
|
|
| 24*7 Customer Support |
|
|
| FIPS 140-2 Level 3 Compliant |
|
|
How does it work?
BigQuery Protector allows you to interact with your encrypted BigQuery database seamlessly through the Google Cloud Shell. Users can query the encrypted database directly without the need for full decryption, and even decrypt specific data points without decrypting the entire database.
BigQuery Protector ensures that your database remains encrypted while providing the capability to perform powerful data analytics operations. When new, sensitive data is inserted, Format Preserving Encryption (FPE) is applied, protecting the information while still allowing it to be queried effectively through BigQuery.
How can we use BigQuery Protector?
BigQuery Protector offers flexible deployment options like a containerized service or integrated as a library within other services. This allows for seamless access to encrypted data on the fly without compromising either performance or security.
