Google Cloud said today it’s enabling Automatic Data Loss Prevention in Google BigQuery to help users find, classify and protect sensitive information that may have inadvertently been scattered around their cloud deployments.

In a blog post, Google Cloud Product Manager Scott Ellis explained that sensitive data has a knack for appearing in all kinds of unexpected places — “for example, in logs that services generate when customers inadvertently send it in a customer support chat, or when managing unstructured analytical workloads,” he said.

As a result of not knowing where sensitive data resides, some companies struggle to preserve the privacy of their customers’ personally identifiable information. It also means they may fall afoul of compliance regulations and struggle to control their data, Ellis explained. “We really feel that one of the challenges they are facing is really early awareness or visibility into their data,” he said.

One of the problems is that the manual processes many companies have set up to control sensitive data are simply no longer able to deal with the sheer volume of information their systems generate. Therefore, companies need an automated system for personally identifiable information to ensure such data is not inadvertently exposed.

Automatic DLP is a fully managed service within BigQuery, which is Google Cloud’s serverless data warehouse offering. Generally available starting today, Automatic DLP works by continuously scanning data across an entire organization to provide users with general awareness of what data they have and specific visibility into where sensitive data is stored and processed. That awareness is the first and most critical step to ensuring companies can protect and govern their data, Ellis said.

To ensure users can get started with Automatic DLP easily, Google said, it has created a number of new dashboard templates for Google Data Studio, giving customers an advanced summary of their data environments and easy access to graphical testing tools. Customers can also use the Google Cloud Console to drill down into their data or do the same with a business intelligence tool such as Looker.

Google has also created a tool for customers to determine the frequency and conditions for profiling their data. When Automatic DLP was being tested in beta, Google set the default. However, it said many customers found they needed to run their data profiler at different intervals. For instance, if someone changes the schema of a database, the company may want to profile their data immediately to check if there are any knock-on effects.

One final new feature is integration with Google Cloud’s security analytics service Chronicle. The service is now able to sync risk scores automatically for each table within BigQuery.

Image: Google