Google has unveiled an API (application programming interface) to help businesses manage sensitive data, without locking it away from those that need access.
Data Loss Prevention (DLP) automatically identifies up to 50 different types of sensitive data, such as credit card numbers, phone numbers and national security IDs from datasets and masks the information, preventing it from being accessed by those not authorised to do so.
Because it's an API, DLP can be integrated into almost any data source or storage platform to hide data that needs to be protected.
"These new data de-identification capabilities help you to work with sensitive information, while reducing the risk of sensitive data being inadvertently revealed," said Scott Ellis, product manager at Google.
"If like many enterprises you follow the principle of least privilege or need-to-know access to data (only use or expose the minimum data required for an approved business process) the DLP API can help you enforce these principles in production applications and data workflows."
Dynamic data masking hides certain parts of the data when viewed by certain groups at a certain point in time, but at the time they really need access, it will be revealed. Bucketing, K-anonymity and L-Diversity are also supported by the API.