Better Data Security for Google BigQuery
Migrating to GCP’s serverless cloud data warehouse?
Use data responsibly with Okera and Google BigQuery.
Okera authorizes and audits every query to prevent people and systems from inappropriately accessing company confidential, personally identifiable, or regulated data.
We do this without copies or extracts. All data stays at the source in full fidelity for privileged users and use cases.
Okera makes sure that unauthorized data is hidden or transformed on-the-fly with each query.
Column Level Enforcement
- Hide / NULL / zero / REDACT
- Mask: 01108 → 011xx-xxxx
- Hash: firstname.lastname@example.org → 8356759451531201983
- Tokenize (for referential integrity): email@example.com → firstname.lastname@example.org
Row Level Enforcement
Dynamically filter data the user shouldn’t see based on real-time user attributes such as geography or level of responsibility.
Cell Level Enforcement
Conditional logic hides, transforms (e.g. round or randomize), or obfuscates data if a cell value exceeds a threshold, such as a person’s age or a student’s test score.
Big Data is Sensitive Data
Data lakes are teeming with PII, PHI, confidential, regulated, and other sensitive information. With Okera, you can confidently give data scientists and analysts on-demand access to the Google Storage data lake. Okera operates at massive scale and extreme elasticity to enforce universal data access policies.
Data Usage Intelligence
Know who has access to sensitive data, and how and when they use it.
Unified audit and reporting make it easier to demonstrate regulatory compliance, and APIs integrate live data requests with your SIEM or Fusion Center for near real-time alerts and digital forensics.
Learn more about how you can get fine-grained access control for the Google Cloud Platform.