Google’s Cloud Data Loss Prevention System Makes it Easy to Secure Customer Information

Your customers do not trust you with their data. In an era where brands want their customers to part with more information than ever, people want to give less and less. 

The more brands break the trust of their customers, the more critical people will be of other businesses. For example, a study by the Ponemon Institute found that only 28% of Facebook users trust the social network to manage its data correctly. Before the data breach, that figure was 79%. When customer trust is broken, it is hard – if not impossible – to rebuild.

When it comes to secure data, an ounce of prevention is worth a pound of cure. Google is providing that prevention, and much more. Our data team at Trinity Insight was recently accepted into the closed beta of Google’s Cloud Data Loss Prevention services. This DLP can help companies of all industries and sizes identify and secure sensitive data. If you aren’t using this system (or one like it) here is what your brand is missing out on.

Cloud Data Loss Prevention

How Google’s Cloud Data Loss Prevention Service Came to Be

Ivan Medvedev, who came to Google as a privacy engineering manager about six years ago, is to credit for this DLP. In 2013, companies were experiencing mass customer data breaches left and right (this was the year of the massive Target data breach) and Google started to realize just how much customer data it had on its hands. Even if the data was stored securely, there was no guarantee that sensitive information wouldn’t pop up in unexpected fields. 

Lily Hay Newman at Wired uses the example of information from an old tax form popping up in an autofill form on Google or data getting pulled from a baby’s ultrasound photo. Google needed to be able to find sensitive data quickly and take action to hide it, lest they have a crippling data breach that costs them the trust of their customers.  

Medvedev set to work. He developed an internal tool within Google that would identify sensitive information, redact it, and then tokenize it so it could still be used as a marker. In 2017, Google launched this internal tool as an external privacy service, where it continues to grow in value as more brands take steps to protect their data. 

Top Features Of Google’s Cloud DLP

Like most tools offered by Google, the strength of the DLP lies in its multiple features and flexibility. A few of the top resources offered by this social network include:

  • Extensive search criteria. If you can think of the type of information you want hidden, Google can scan for it. 
  • Custom detectors. If Google doesn’t have the criteria you need, you can create your own and teach the system how to search for it. 
  • Secure data handling. You don’t have to worry about Google exposing your data or putting it at risk. The system undergoes several independent third-party audits to maintain compliance.  
  • Tokenization and masking available. You can do whatever you want to protect your data while still being able to use tokens to sort and analyze customers. 
  • Scalable systems. You can use the Cloud Data Loss Prevention system for small-scale scans of datasets or for massive enterprises with various tools, contractors, and sources of data.  
  • Easy integration and no hardware. You can easily set up the system and schedule regular scans and audits of your data. 

Google has developed its DLP for non-tech savvy companies. It is meant to be used by organizations that are worried about their data, but can’t afford a full-time security team. Companies can easily scan, identify, and secure any at-risk data that could potentially leak. 

Why This Cloud DLP is Effective

Google’s Cloud Data Loss Prevention API can be applied to any data set or storage system. It is increasingly flexible and constantly adds new information and criteria that can be secured. In 2017, the system could identify more than 50 different types of information, from social security numbers to job titles. Today, there are more than 90 possible detectors. 

Google’s DLP API uses two of the search giant’s strongest features: image recognition and machine learning to protect user data. Google’s system can scan images and identify potential sources of sensitive data, while its machine learning system constantly adds new data points that need to be protected. If this system doesn’t offer what you need today, it likely will in the near future.

How Your Business Could Benefit from a DLP System

If you aren’t sure whether a DLP is right for your brand, let us assure you that it is. Almost every organization in the modern economy collects data from customers or users and needs to protect it. A few examples of companies using a DLP API include:

  • Hiding patient identifying information in a medical office.
  • Protecting patient credit card data within an eCommerce company.
  • Limiting what information customer service reps can see when helping people. 
  • Blocking out resume information (including points like graduation year) to prevent hiring bias and human resources liability. 

Your company likely experiences the same liability risks as Google did in 2013. You might be collecting data and hiding it away, but that doesn’t mean it’s stored properly or removed at necessary times. You could be putting yourself at risk of a data breach because of a band-aid solution that turned into a long-term (and long-since forgotten) problem. 

Additionally, this tool can outlast any employees on your team that leave. While your existing IT department might be careful with data, they might have certain information hidden in what they consider a secure spot. When they leave, that data could be discovered unexpectedly – and it could be a lot less secure than your team thinks.

Make the Most of Your Data With Trinity Insight

Just because you have sensitive data doesn’t mean you have to hide it away or keep your content in silos. You can still identify customers through tokens and use these identifiers to create a strong, connected data platform. 

Start by taking our free, five-minute assessment of your current data ecosystem. We can review your data to let you know what information is at risk and how you can better connect your systems to get the insights you need. By making your data analysis more mature you can, you can take steps to improve your business in ways that were previously hidden from your team.