Unified Data Security for Google

Privacera partners with Google to provide unified data security and access control to the Google Cloud Platform

Supercharge your data security and access governance with Google and Privacera

Privacera, in partnership with Google, delivers a superior data security and access governance solution by allowing organizations using Google data and analytic services advanced data security capabilities that allow:

  • Greater data security.
  • Easier creation and management of compliance rules.
  • Ability to federate data security in order to allow data stewards to determine who can access what data for what purpose to remove IT bottlenecks, while having global data access and protection controls to maintain consistent data security and compliance.
  • Faster on-boarding of data and users.
  • Unified data security and access governance to build data security policies once, and deploy them to your multi-cloud and hybrid-cloud environments and data sources, simplifying and consistently applying data security governance policies across your entire data estate.

Increase your data security across your Google Cloud Platform

Data security and access control policies built in Privacera are natively enforced in Google Cloud data and analytics services, such as GCS and Big Query to take advantage of Privacera’s advanced data security capabilities. Privacera delivers Attribute-Based Access Control (ABAC), Tag-Based Access Control (TBAC), Resource-Based Access Control (RBAC) with fine-grained access down to the table, column, and row level.

Privacera’s Unified Data Security Platform also delivers integrated data discovery and protection, allowing organizations to scan, identify, and tag or classify sensitive data that resides within Google data and analytics services and apply appropriate data masking and encryption, which can be integrated and used with ABAC, TBAC, and RBAC policies.

In addition, Privacera, data security and access control policies can be built with user attributes, which can be synced with IAM and active directory solutions, which allows organizations to define user attributes in a single system and use them with tag-based and resource-based data security and access controls, providing greater automation and security for your Google services. For instance, location attributes can be used to meet data residency rules or for geo-fencing data access, or if an data consumer changes functions or takes on more responsibilities, changes to their business function, department, or sensitive data access authorization can be immediately synced and captured in Privacera. Thus providing near instant updates to what data users have access to and what masking/encryption protections are applied to sensitive data that they are authorized to access.

Simplify creation and management of data compliance rules

Privacera allows for data privacy and compliance rules to be created once using our compliance workflows and applied across your Google services, greatly simplifying implementation of regulations, such as GDPR, RTBF, CCPA, and HIPPA. And as rules evolve and modifications to security and access policies are needed, just update the relevant compliance workflow once and it is immediately applied across your entire data estate.

Federate data security and access governance

To remove IT bottlenecks and to streamline data security and access, Privacera supports a shared approach to data security and access governance, between security teams, data infrastructure owners and the business teams that have deep knowledge about the data. With the Privacera and Google partnership, this federated approach to data security and access governance can be implemented in Privacera and applied to your Google data services.

Virtual business data domains can be created in Privacera, for instance a virtual marketing data domain. The benefits of a virtual business domain is that data does not need to be duplicated or moved, greatly eliminating the need for data proliferation, while Privacera working natively with Google services ensures proper security, access, and ownership is enforced. Data security and access responsibilities can be delegated to business data stewards or owners, thus allowing the business to implement business or functional specific security and access controls, as well as approval workflows, removing IT bottlenecks to data access and greatly enhancing data availability.

In addition, Privacera allows global data security and access controls to be centrally implemented, typically leveraging a combination of Attribute-Based Access Controls (ABAC), Tag-Based Access Controls (TBAC), and Resource-Based Access Controls (RBAC), which provide security and access guardrails to ensure that all corporate level data security and access policies are automatically enforced independently of the actions of data owners and stewards.

For instance, a data classification policy that only individuals with a certain classification level can access certain sensitive data in the clear, while it will be masked or encrypted for everybody else, can be created at a global level, ensuring that the sensitive data is always protected from unauthorized access. This applies even if a data steward grants access to an unauthorized data consumer. The Privacera Google solution provides a secure federated approach to data security and access, allowing organizations to get the most value out of their data, while maintaining a robust data security framework.

Support for multi-cloud and hybrid-cloud environments

Privacera delivers greater data security and access governance to your Google Cloud Platform environment, but many organizations have complex data and analytics ecosystems that may include multi-cloud and hybrid-cloud environments. Privacera as a Unified Data Security Platform supports all 3 major cloud providers with over 50 data, governance, and security connectors and integrations, which allow you to create data security and access policies once and apply them across your entire multi or hybrid-cloud data ecosystem, simplifying data security and access management, while ensuring consistent application of data security and access controls across your entire data estate.

Global policies using user attributes and data attributes (tags and classifications) can be applied no matter what source or cloud ecosystem the data resides in and data stewardship virtual business data domains can be created across diverse data ecosystems, allowing a data stewardship model to be applied no matter where the data resides.

And Privacera Data Discovery and masking/encryption works across diverse data services and environments as well, allowing consistent data tagging and classification rules to be applied consistently, as well as consistent application of data protection rules. With Privacera’s Unified Data Security Platform you can manage data security and access governance easily across your entire data estate.

On-board new data and users into Google

When you are using Privacera to manage data security and access governance across your entire data estate, on-boarding new data and users into Google services is greatly accelerated, since existing data security and access policies can simply be applied to the new data and users, no need to create new policies or controls.

New data can also be automatically scanned for sensitive data, and tagged or classified, allowing for sensitive data policies to be applied. In addition, since Privacera is based on open standards, any legacy systems that manages data access via Apache Ranger can simply lift and shift data access policies from Apache Ranger to Privacera, removing access policy migration out of the critical path for any data modernization, migration, or on-boarding initiative.

Privacera can even accelerate on-boarding or migration of data and users from one cloud environment into the Google Cloud Platform, since existing data policies for data services in one cloud environment can be simply applied to data services in the Google Cloud Platform environment. When new users are added, Privacera accelerates their time to insights, by allowing existing data security and access controls to be applied to the new user, which can be automated using user attributes synced directly with IAM or active directory solutions.