Cloud Data Loss Prevention’s Sensitive Data Intelligence Service Is Now Available In Security Command Center

Our Cloud Data Loss Prevention (Cloud DLP) discovery service can monitor and profile your data warehouse to bring awareness of where sensitive data is stored and processed. Profiling is also useful for confirming that data is not being stored and processed where you don’t want it. 

But how can you make use of this intelligence within your existing security and governance workflows so you can reduce risk? Starting today, we have integrated Cloud DLP’s sensitive-data discovery service with Security Command Center, our platform-native security and risk management solution. By bringing together sensitive data intelligence with your security controls, security teams can identify and act quickly on the vulnerabilities and help address threats that matter for your organization.

Partner with aster.cloud
for your next big idea.
Let us know here.

Data sensitivity and risk prioritization

Not all security threats, vulnerabilities, and misconfigurations generate an equal degree of risk. Some affect only test data or development environments. But others can place your organization’s sensitive information at risk of exposure or misuse. Understanding what to prioritize is often a big challenge for security professionals.

When this awareness is fed into Security Command Center, it allows your team to prioritize the Security Command Center findings that are driving greater security and compliance risk, and to help make informed decisions as to how to address those issues.

https://storage.googleapis.com/gweb-cloudblog-publish/images/1_Cloud_Data_Loss_Prevention.max-1400x1400.png
An example query in SCC listing all BigQuery tables with high sensitivity

Understanding BigQuery data exfiltration threats

Security Command Center’s threat detection capability can analyze access and copy behavior of BigQuery data to help detect potential risk of exfiltration. With Cloud DLP intelligence on where sensitive data lives in BigQuery tables and datasets, you can now focus and prioritize on the exfiltration findings tied to your sensitive assets.

https://storage.googleapis.com/gweb-cloudblog-publish/original_images/2_Cloud_Data_Loss_Prevention.gif
Listing exfiltration threats targeting highly sensitive BQ data.

Remediation and data security posture management

The intelligence from Cloud DLP’s sensitive-data discovery service helps you take a data-first approach to securing your assets.  Use insights like Cloud DLP’s predicted infoType to apply column-level, fine-grained access or dynamic masking policies and consider de-identification to further help reduce the risk of data use operations and improve your overall security, privacy, and compliance posture.

https://storage.googleapis.com/gweb-cloudblog-publish/images/3_Cloud_Data_Loss_Prevention.max-1100x1100.png
Automatic data security policy tags on table schema

Get started

To get started with richer sensitive data intelligence, enable the connection between Cloud DLP’s discovery service and Security Command Center.  There is no additional cost to enable the integration for users of both products.  

Read More  What's Google Talking About? Google-y Podcast Weekend Listening

As soon as it’s enabled, you can begin to use your sensitive data intelligence to supercharge your security and support your compliance teams’ work.

Read more about how the sensitive data discovery service can meet your organization’s needs, and how you can get started managing your security posture with Security Command Center.

By Jordanna Chord, Senior Staff Software Engineer | Scott Ellis, Senior Product Manager
Originally published at Google Cloud

Source: Cyberpogo

For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!
Our humans need coffee too! Your support is highly appreciated, thank you!

Related Topics
You May Also Like