CHALLENGE

• Migrating Privacera from multiple services on the Cloudera Data Hub platform to GCP cloud

• Ensuring discovery functionality is fully tested and operational post migration

• Validating that data movement is reflected in the Privacera UI for GCS objects and Big Query datasets

• Lowering the maintenance and operational cost by moving to the cloud from the on-premise CDH environment

• Templatizing the deployment process to allow for deployment across multiple projects in GCP

OUTCOME

• Ability to scan PII, GDPR & HIPAA data as per compliance policies & track the movement of the data between multiple GCP projects

• All incoming data (GCS objects & Big Query datasets/tables) were scanned in real-time to generate the tags for sensitive data such as email-ID, SSN, Phone, DOB, etc.

• Ability to trigger an offline or manual scan for any historical data to generate sensitive tags as needed

• Used the tags generated for access management and leveraged tag-based policies to meet organizational security guidelines.

• Provided comprehensive monitoring and alerting

APPROACH

• Leveraged GCP’s GKE service to deploy Privacera components

• Used GCR as internal repository for Privacera component’s images

• Helmified all the K8s resources for customization of values 

• Deployed multiple security policies at the K8s cluster & namespace level

• Delivered training sessions with hands-on demonstrations of using Privacera on GCP

SOLUTION

• Privacera - Automated data access control and policy management across multiple cloud services from a single, unified interface

• Google cloud services including: GKE, GCR, Google Cloud-SQL, Big Query, Cloud Storage, Bigtable, IAM, Pub/Sub

• Stackdriver

• Hashmap Data & Cloud Consulting Services including Cloud Data Security Migration, Cloud Data Security Design & Architecture, Cloud Data Security Engineering, Cloud & Data Security Automation