Data Masking Checklist



Similar documents
Selecting the Right Service Virtualization Tool. E: UK: US:

Datamaker - the complete Test Data Management solution

Test Data Management. Services Catalog

Datamaker for Skytap. Provide full-sized environments filled with up-to-date test data in minutes

data express DATA SHEET OVERVIEW

DBKDA 2012 : The Fourth International Conference on Advances in Databases, Knowledge, and Data Applications

Providing Secure Representative Data Sets

Realizing the Benefits of Data Modernization

Data Masking: A baseline data security measure

IBM InfoSphere Discovery: The Power of Smarter Data Discovery

Data Quality Assessment. Approach

QlikView 11.2 SR5 DIRECT DISCOVERY

IBM InfoSphere Optim Test Data Management

CA Configuration Automation

IBM InfoSphere Optim Test Data Management Solution

In-memory Tables Technology overview and solutions

Cost Effective Data Management for Oracle Utilities Applications

Overview Western Mariusz Gieparda

can you simplify your infrastructure?

Integrated Data Management: Discovering what you may not know

Why Add Data Masking to Your IBM DB2 Application Environment

Big Data-Challenges and Opportunities

A Road Map to Successful Data Masking

A TECHNICAL WHITE PAPER ATTUNITY VISIBILITY

Data Masking Secure Sensitive Data Improve Application Quality. Becky Albin Chief IT Architect

4D and SQL Server: Powerful Flexibility

Response Time Analysis

Oracle Database 11g Comparison Chart

Securing Data in Oracle Database 12c

MDM and Data Warehousing Complement Each Other

Test Data Management Concepts

A new Breed of Managed Hosting for the Cloud Computing Age. A Neovise Vendor White Paper, Prepared for SoftLayer

TF04 - Leveraging SQL Server Business Intelligence Tools

Debunking The Myths of Column-level Encryption

Real-time Data Replication

Test Data Management in the New Era of Computing

The Data Warehouse ETL Toolkit

Relational Databases for the Business Analyst

Data Integration Checklist

Data Warehouse as a Service. Lot 2 - Platform as a Service. Version: 1.1, Issue Date: 05/02/2014. Classification: Open

Credit Cards and Oracle E-Business Suite Security and PCI Compliance Issues

ORACLE DATABASE 10G ENTERPRISE EDITION

Making Database Security an IT Security Priority

API Architecture. for the Data Interoperability at OSU initiative

Data Virtualization and ETL. Denodo Technologies Architecture Brief

THE DATA WAREHOUSE ETL TOOLKIT CDT803 Three Days

LITERATURE SURVEY ON DATA WAREHOUSE AND ITS TECHNIQUES

LEARNING SOLUTIONS website milner.com/learning phone

Compuware Solutions and Services Facilitate Data Privacy Compliance in the Application Testing Environment

SAP HANA PLATFORM Top Ten Questions for Choosing In-Memory Databases. Start Here

SafeNet DataSecure vs. Native Oracle Encryption

Oracle Database - Engineered for Innovation. Sedat Zencirci Teknoloji Satış Danışmanlığı Direktörü Türkiye ve Orta Asya

PCI Compliance in Oracle E-Business Suite

Response Time Analysis

BUSINESSOBJECTS DATA INTEGRATOR

Analytic Applications With PHP and a Columnar Database

Test Data Management Best Practice

How To Use Hp Vertica Ondemand

CA XCOM Data Transport- Secure, Reliable File Transfer for Heterogeneous Environments

Test Data Management. Representative data, compliant for test environments

IBM InfoSphere Optim Data Masking solution

Oracle Enterprise Manager 12c New Capabilities for the DBA. Charlie Garry, Director, Product Management Oracle Server Technologies

Advantages of Implementing a Data Warehouse During an ERP Upgrade

SQL Server Upgrading to. and Beyond ABSTRACT: By Andy McDermid

SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them?

ENZO UNIFIED SOLVES THE CHALLENGES OF OUT-OF-BAND SQL SERVER PROCESSING

Data Masking with Delphix. Services Catalog

Data Warehouse and Business Intelligence Testing: Challenges, Best Practices & the Solution

Efficient Data Access and Data Integration Using Information Objects Mica J. Block

SQL Server Master Data Services A Point of View

How To Retire A Legacy System From Healthcare With A Flatirons Eas Application Retirement Solution

ETL-EXTRACT, TRANSFORM & LOAD TESTING

A Data Collection Revolution?

What s New with Informatica Data Services & PowerCenter Data Virtualization Edition

GOVERNANCE OVERVIEW. A QlikView Technology White Paper. qlikview.com. December 2011

Top 10 Oracle SQL Developer Tips and Tricks

White Paper 6 Steps to Enhance Performance of Critical Systems

Facilitating Efficient Data Management by Craig S. Mullins

ORACLE BUSINESS INTELLIGENCE, ORACLE DATABASE, AND EXADATA INTEGRATION

ENZO UNIFIED SOLVES THE CHALLENGES OF REAL-TIME DATA INTEGRATION

Oracle Warehouse Builder 10g

Technical White Paper. Automating the Generation and Secure Distribution of Excel Reports

APPLICATION MANAGEMENT SUITE FOR ORACLE E-BUSINESS SUITE APPLICATIONS

Building a Reporting and Analytics System Connected Enterprise Seminar

Response Time Analysis

Big Data Use Case. How Rackspace is using Private Cloud for Big Data. Bryan Thompson. May 8th, 2013

Copyright 2011 Sentry Data Systems, Inc. All Rights Reserved. No Unauthorized Reproduction.

Advanced Big Data Analytics with R and Hadoop

Transcription:

Data Masking Checklist Selecting the Right Data Masking Tool

Selecting Your Masking Tool Ensuring compliance with current data protection regulations and guidelines has become a mandatory operation. Non-compliance not only carries the risk of heavy fines and damages public relations, but also fails to adequately secure your sensitive data against data breaches. Traditionally, many organizations have used manual techniques to mask (see also de-sensitize, de-identify, or obfuscate) full copies of production data for use in development and testing. However, this is a labour-intensive, time-consuming and costly process that is prone to human error and inconsistency. As a result, teams are often provided with poor quality data that is both inefficient and expensive to create. This lengthens your test cycles as testers wait for data and reduces quality, resulting in more potentially costly defects making production. Therefore, organizations are increasingly beginning to look towards implementing data masking tools to improve the quality of the data and reduce the length and cost of their test cycles. However, there are a number of data masking tools on the market, so how do you choose the right one for your project? Below, we have set out a matrix containing a comprehensive list of all the features you need to consider when ensuring that your testing and development teams are provided with high quality, compliant test data that can increase the quality and reduce the cost of your project. In each case, we ve noted how important these are, and how they can help solve the probable problems you might face in the real world.

Masking Features Weighting In The Real World Y/N Application and Database Mandatory Consistent masking across multiple applications is essential for integration and end Integrity to end testing. Cross-Platform Integrity Mandatory Most large enterprises feed data across multiple platforms and technology stacks. Cross-System Data Relationship Discovery and Definition PII and Financial Discovery Scanning Vendor-Provided Apps Packs of Rules Medium Mandatory Low Consistent masking across multiple platforms is essential for integration and end to end testing. This is usually part of the set-up and understanding of applications. In our experience, this can quickly be derived from pattern matching inside the data, naming standards inside the catalogue and documentation. These relationships are interesting, however, more focused PII and Financial Discovery Scanning (see below) is far more important as it takes far more time, is more prone to error and is subject to changes over time. The ability to scan all or percentages of the data across multiple systems and automatically identify which data is potentially problematic is essential. Relying on users interpretation of reports and screens is not good enough to discover where hidden data exists in the system. The alternative is to use a double blind manual approach, where multiple users arrive at the same conclusion about which data needs to be masked. However, this process is extremely time-consuming and results in a project failure. Relying on a pre-defined set of rules provided by a vendor means that you are relying on their knowledge of a specific ERP. This is fraught with danger; remember, it is you who is liable if there is a data leakage!

Also, these app packs don t consider local customizations within your applications the way you use the system as well as the normal usage of flex fields etc. It is better to use a robust PII scanning tool to guarantee nothing is missed when masking. Masking Features Weighting In The Real World Y/N Integration into BAU Development Structures The ability to easily fit the processes into existing DBA data provisioning procedures in a timely manner. Masking Repeatability The ability to consistently mask data using either deterministic masking functions or cross-reference tables means the data can be masked in a similar manner across applications Multiple Database and Platform Support Support for masking on single platform or single database types will result in different, inconsistent masking being set up across the enterprise. Being able to mask data in legacy systems, such as IMS and VSAM as well as SQL Server, for example, is essential. Multiple Masking Technology Stacks One size definitely does not fit all. Some vendors provide a single method of masking, for example, in-place masking, extract into files-mask-and return etc. In reality, to mask very large or complex applications across multiple platforms means that different technologies need to be used. This could include native database utilities, in-database functions, or native mainframe masking etc. Reporting and Auditing Reporting on what has been masked is required, however, a more important consideration is who chose what needs to be masked, why it does and when. In addition, there needs to be an audit of exactly what technology was used to perform the masking. Flexible Masking Engines and Methodologies The masking product needs to provide multiple methods for the data team. Based on the size, urgency and potential risk, having simple-to-complex technology available means that teams will be much more reactive.

Technology should include: In-place masking, extract and mask in flight, build shadow tables, as well as dynamic masking via views and message layers. Masking Features Weighting In The Real World Y/N Dynamic Masking In some cases, ad hoc queries need to be made against real data. Access to this real data can be controlled by creating a masked transparency layer. This uses a set of views which mask certain fields consistently across databases. These views can also be adjusted to identify which users have access to which data. In addition, development applications can be set up to use the masked transparency layer so that data used by developers appears masked. Dynamic masking can also be deployed at the message or SOAP level. This can be extremely useful for TDM teams as they can quickly provide access to web services via a proxy. The proxy masks the data in-flight. No SQL Masking engine Some dynamic masking engines try and interpret the SQL and mask the data returned from and to the database. All RDBMS support the concept of views and synonyms, so using the native RDBMS own built-in functions is a much more sensible and standard approach. Subsetting in Conjunction with Masking A lot of current data legislation refers to minimal data being used. Adding subsetting to a masking project should be easy and is highly recommended. It can also quickly improve the run times of data provisioning and agility of teams. Complex Flat File Structures Medium Being able to verify that flat file structures are valid (see Data Quality) as well as fully understood is key. Many enterprise systems will contain multiple definitions of files and messages; being able to verify these and mask effectively is essential. Being able to Mask Isolates Dependent on the level of masking required, being able to mask isolated values, for example high numbers with decimal places (134345567.12), is very important. You

do not want one piece of information being able to be used to trace back to a specific user or account. Masking Features Weighting In The Real World Y/N Being able to Mask Trends Medium If an entire masked database is lost, then the general trends of the data have commercial value. Being able to mask these trends, so that application integrity is still maintained, is essential for fully secure masking. Subsetting can help with this issue, as can using data constellations to provide the essence of all the data without data trends. Data Constellations For very highly regulated markets, shipping masked data offshore is very problematic. The inability to send data offshore can result in increasing costs. Using a data constellation that looks for data dimensions that exist in production (basically transaction major attributes), linked with synthetic and/or masked PII data, allows production-like data to be provisioned with none of the real content. Richness of Functions, as well as Custom Masking Routines Advanced Masking Functionality Most masking tools allow addresses and names to be masked. However, more complex types of masks, such as IBAN numbers, check sums etc. need to be included. In addition to this, the ability to build local custom masking routines or integrate existing masking should to be included. As a project develops, more complex types of masking requirements are often discovered. The masking tool must be able to handle these complex needs. A typical example would be multi value multi column cross referencing. For instance, the names Adam Smith, A Smith and ASMITH need to be masked consistently. Many vendors do this by simply hand-building SQL to be run prior to the mask.

Integration with a Test Data on Demand Strategy and Platform Medium Masking can be time-consuming and tedious. Being able to use this work to provide a better approach to test data delivery will improve the quality of development and reduce the number of bugs that make it into production. Masking Features Weighting In The Real World Y/N Performance Mandatory The masking technology stack needs to be able to mask medium to large databases very rapidly. Being able to fit a run into a nightly or on-demand window is essential; developers and testers cannot wait days for production refreshes. In some cases, we have seen our technology run 100 times faster than competitors technology. This is particularly important in databases with multiple billions of rows. Mainframe Support Local support on the mainframe is essential. Using ETL processes or ODBC layers will not perform and does not fit in with normal mainframe batch estates. Reversible Masking Low Being able to work your back from a masked value can be useful, and thus can be set up in a number of different ways. Agile Development Support Masking tools that do not allow data to be delivered to Agile teams at the beginning, middle and end of a sprint with multiple database and meta model changes should not be considered. No ETL required Mandatory Some products require that all data is transformed into another database, flat file or platform before it can be masked. This causes very long delays and introduces a high level of complexity that is not required for masking projects. In addition, a high level of CPU usage is needed to move data back and forward. Data Quality Management When masking data the quality of data must be considered. If production data contains bad data then consideration should be given to retaining that bad data in development. Masking tools should be able to identify these outliers and then be configured to pass on the data. For ETL projects, this is a must as the migration code must be able to check for non-standard data. Consulting Services Med to Low Products should be stand-alone and usable after training. Having consulting services to bulk up local teams can be useful.

For more information about how Fast Data Masker from Grid- Tools can benefit you, contact us: UK: +44 01865 884 600 US: +1 866 563 3120 E: sales@grid-tools.com www.grid-tools.com Subscribe to our blog Find us on Facebook Follow us on Twitter Connect with us on LinkedIn

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information