shutterstock_1161500566.jpg

HASHMAP SOLUTION PROFILE

MULTINATIONAL CONSUMER CREDIT REPORTING AGENCY

Automated data access control and policy management in GCP with Privacera

CHALLENGE
  • Migrating Privacera from multiple services on the Cloudera Data Hub platform to GCP cloud

  • Ensuring discovery functionality is fully tested and operational post migration

  • Validating that data movement is reflected in the Privacera UI for GCS objects and Big Query datasets

  • Lowering the maintenance and operational cost by moving to the cloud from the on-premise CDH environment

  • Templatizing the deployment process to allow for deployment across multiple projects in GCP

OUTCOME
  • Ability to scan PII, GDPR & HIPAA data as per compliance policies & track the movement of the data between multiple GCP projects

  • All incoming data (GCS objects & Big Query datasets/tables) were scanned in real-time to generate the tags for sensitive data such as email-ID, SSN, Phone, DOB, etc.

  • Ability to trigger an offline or manual scan for any historical data to generate sensitive tags as needed

  • Used the tags generated for access management and leveraged tag-based policies to meet organizational security guidelines.

  • Provided comprehensive monitoring and alerting

APPROACH
  • Leveraged GCP’s GKE service to deploy Privacera components

  • Used GCR as internal repository for Privacera component’s images

  • Helmified all the K8s resources for customization of values 

  • Deployed multiple security policies at the K8s cluster & namespace level

  • Delivered training sessions with hands-on demonstrations of using Privacera on GCP

SOLUTION
  • Privacera - Automated data access control and policy management across multiple cloud services from a single, unified interface

  • Google cloud services including: GKE, GCR, Google Cloud-SQL, Big Query, Cloud Storage, Bigtable, IAM, Pub/Sub

  • Stackdriver

  • Hashmap Data & Cloud Consulting Services including Cloud Data Security Migration, Cloud Data Security Design & Architecture, Cloud Data Security Engineering, Cloud & Data Security Automation