You are employed at a financial institution that facilitates online registration for its customers. As part of this registration process, new customer data is sent to Google Pub/Sub before being ingested into Google BigQuery for storage and analysis. Considering the need for enhanced security, you have decided to redact the Government Issued Identification Numbers (GIIN) of the customers in your database. However, it is essential to allow customer service representatives access to the original GIIN values when necessary. What steps should you take to ensure this?

Exam-Like

Use BigQuery's built-in AEAD encryption to encrypt the SSN column. Save the keys to a new table that is only viewable by permissioned users.

9.1%

Use BigQuery column-level security. Set the table permissions so that only members of the Customer Service user group can see the SSN column.

20.5%

Before loading the data into BigQuery, use Cloud Data Loss Prevention (DLP) to replace input values with a cryptographic hash.

11.4%

Before loading the data into BigQuery, use Cloud Data Loss Prevention (DLP) to replace input values with a cryptographic format-preserving encryption token.

59.1%

Google Professional Data Engineer

Get started today

Comments