Masking

{"x":230, "y":25, "w":270, "h":100, "texts": [
"It's your move",
	"But you're white",
"That's ok, you go first",
	"But where's your King, Queen and all the pieces?",
"I took them away",
	"So how can we play?",
"You still have all you pieces, and I can use my pawns to defend and attack",
	"But I can't win! There's no King!",
"That's right",
	"So what's the point of the game?",
"There is no point. You won't be able to take my King (data) or any of the valueable pieces",
	"#@$&%@#$#",
	"I don't want to play!",
"Good",
	"I'm gonna look for someone I can actually play with",
"Good luck",
	"I'm going",
"Bye bye",
	"..",
	"but I work here. I need this job",
"Then do your job. Don't try to steal data",
	"a girl needs some extra cash..",
"Not from stealing my data",
	"..",
	"I'm gonna play anyways",
"Well.."
 ]
}

The best way to win is not to play

Data Masking – Take sensitive data out of the game

Many organizations use production data in test and development systems. Such usage creates a massive and unnecessary security risk. Data masking allows you to remove the sensitive data from the non-production systems while retaining or enhancing the test quality.

Product capabilities

  • Remove sensitive data
    Static data masking permanently removes sensitive data from non-production systems by replacing it with masked data. The solution also includes a unique Masking Evaluation Tool to help you quantify the effectiveness of the masking and ensure no sensitive data is exposed.
  • Retain data usability
    The masked data must retain data validity and integrity in order to be usable by the application. That means that fields must contain valid values and in some cases a checksum. It also means that primary keys need to be unique and maintain their relationship with foreign keys, that consistency inside the database or across databases needs to be maintained, that relationships between city, state, and zip code needs to be kept, and much more.
  • Retain test quality
    The quality of the testing and development performed with the masked data must not diminish. Invalid or unusual data should be retained along with special characters. The frequency of repeating values should be maintained to retain statistical properties. Invalid or unusual relationships within the data should be maintained, and more. By manipulating some of these attributes, test quality can even be improved by creating complex test scenarios.
  • Choose the methodology
    Based on the security and testing requirements, different methodologies may be appropriate. These include masking the data, synthetic data generation, automatic data profiling for data generation, manual adjustments to automatic profiles, and more.
  • Flexibility
    Ultimately, data masking is all about the data, and the ability to manipulate any type of data while maintaining its properties. This means that there’s a vast number of features that drives the product to support any situation. These include: character replacement, data generation (names, emails, addresses, etc), numbers, noise infusion, texts, dates, LOBs, patterns, limited data sets, unique values, consistency, constraints, weights, composites, foreign character sets, external CSV dictionaries, sensitive data discovery, reporting, and much more.

Business Value

  • Test Quality
    Testing and development teams believe that using production data will improve the quality of their work. This production data usually contains sensitive information that is often covered by various regulations and needs to be protected. Using production data outside of the secured production environment increases the security exposure and the risk. Data masking allows you to gain the benefits of developing and testing with data that looks like production data but without the risks associated with using such data.
  • Flexibility
    Data masking is all about the data. The ability of a data masking solution to mask the specific type of data you have and maintain its unique properties is what would make the solution valuable to you. If the data wouldn’t retain its unique properties, it would lose its value and render the solution useless. The most important aspect of a data masking solution is it’s ability to mask any data that you need masked both today and in the future.
  • Compliance
    Compliance is a time consuming and costly effort that companies are forced to adhere to. One of the easiest ways to reduce the scope of this effort is by eliminating systems and individuals from it. Systems that don’t contain sensitive data, and individuals that don’t have access to it, are not subjected to those compliance efforts. Using masked data in non-production systems is an important step in reducing the scope and cost of compliance. This includes PCI, SOX, HIPAA, and more.
  • Security
    Every security initiative starts with reducing the exposure of the sensitive data. The first step in reducing this exposure is to limit the systems that contain it, and the individuals that have access to it. An unnecessary security exposures is non-production systems containing sensitive data. There is no imperative in having production data in testing or development systems, or for that data to be accessed by the individuals who have access to those systems. Data masking can eliminate sensitive data from non-production systems while maintaining the benefits of having it there.
  • Time and Cost
    Security and compliance are time consuming and costly efforts. Reducing the number of systems and individuals that are subject to those requirements is an important step in lowering costs. At the same time, testing and developing with production data is an important step in improving software quality, minimizing production problems, and maintaining SLAs. The earlier production data is introduced into development and testing cycles, the shorter those cycles are, and the less cycles are required before a successful deployment. Data masking will allow you to achieve all these cost and time savings simultaneously without compromising either security or software quality.