Various application feeds log with customer’s PII data
Our Approach & Solution
Business
At an organization level, a standard process was rolled out for not logging any PII or any other sensitive information to the log feeder
All the existing PII data in the log will be obfuscated using the Data Protection Service
A random check will be performed in the log data to see if any un obfuscated PII data is present
Technical
4 Microservice API using Spring Boot was developed for obfuscating the customers PII data from the message log feed
Integration of APIs with GCP CloudSQL and BigQuery
Deployed to Google Cloud App Engine platform with Cloud Endpoint as API management tool
A report dashboard along with the email alert process implemented
Benefit
A new process which validates the PII entries in the log data and takes corrective steps to obfuscate the sensitive information to be compliant with regulations.