Best practice rules for GCP BigQuery
- Check for Publicly Accessible BigQuery Datasets
Ensure that Google Cloud BigQuery datasets are not publicly accessible.
- Enable BigQuery Dataset Encryption with Customer-Managed Encryption Keys
Ensure that BigQuery datasets are encrypted using Customer-Managed Encryption Keys (CMEKs).
- Enable BigQuery Encryption with Customer-Managed Keys
Ensure that BigQuery dataset tables are encrypted using Customer-Managed Keys (CMKs).
- Enable Column-Level Data Masking for BigQuery Tables with Sensitive Data
Ensure that your Google Cloud BigQuery tables implement column-level data masking policies to protect sensitive data by selectively obscuring it based on user roles and permissions.