Protecting Data in a Spooky world Data Masking Technologies DAMA RMC Oct. 29, 2014



Similar documents
Magic Quadrant for Data Masking Technology, Worldwide

Building Confidence in Big Data Innovations in Information Integration & Governance for Big Data

Why Add Data Masking to Your IBM DB2 Application Environment

DBKDA 2012 : The Fourth International Conference on Advances in Databases, Knowledge, and Data Applications

Data-Centric Security vs. Database-Level Security

INSERT COMPANY LOGO HERE North American Big Data Analytics Product Leadership Award

FREQUENTLY ASKED QUESTIONS

Data Sanitization Techniques

Integrated Data Management: Discovering what you may not know

Streamlining Information Protection Through a Data-centric Security Approach

Data-Centric security and HP NonStop-centric ecosystems. Andrew Price, XYPRO Technology Corporation Mark Bower, Voltage Security

HP Atalla. Data-Centric Security & Encryption Solutions. Jean-Charles Barbou Strategic Sales Manager HP Atalla EMEA MAY 2015

Business Glossary. Data Governance; Yet there is a ton of Technology. Aspen Information Solutions, Inc Castle Rock

Beyond the Single View with IBM InfoSphere

Understanding and Selecting Data Masking Solutions: Creating Secure and Useful Data

Big Data, Meet Enterprise Security

Market Guide for Data-Centric Audit and Protection

Mainframe Data Protection in an Age of Big Data, Mobile, and Cloud Computing

IBM AND NEXT GENERATION ARCHITECTURE FOR BIG DATA & ANALYTICS!

Big Data Technologies Compared June 2014

HIPAA and HITECH Compliance Simplification. Sol Cates

Sophos Acquires Cyberoam

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

The Informatica Solution for Data Privacy

IBM Software Four steps to a proactive big data security and privacy strategy

InfoSphere Governance Solutions Maximizing your Information Supply Chain

Ensure PCI DSS compliance for your Hadoop environment. A Hortonworks White Paper October 2015

Where Data Security and Value of Data Meet in the Cloud

Synergic Partners: Spanish big-data pioneer

IBM Software Five steps to successful application consolidation and retirement

Test Data Management in the New Era of Computing

Data Security: Strategy and Tactics for Success

Oracle Identity Management Securing The New Digital Experience

Introduction to Datawarehousing

Industry Models and Information Server

Best practices for protecting Enterprise Information in BigData & Datawarehouse. Anwar Ali, Senior Solution Consultant, Information Management

How to Choose the Right Security Information and Event Management (SIEM) Solution

<Insert Picture Here> Oracle Identity And Access Management

Data Governance and Big Data - A Necessary Convergence. Richard Goldberg Chief Data Governance Officer Citibank Global Consumer Bank

Ragy Magdy Regional Channel Manager MEA IBM Security Systems

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Data Masking: A baseline data security measure

Data Masking. Cost-Effectively Protect Data Privacy in Production and Nonproduction Systems. brochure

Klarna Tech Talk: Mind the Data! Jeff Pollock InfoSphere Information Integration & Governance

Enabling Single Sign-On for Oracle Applications Oracle Applications Users Group PAGE 1

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

All Things Oracle Database Encryption

Analytics framework: creating the data-centric organisation to optimise business performance

Luncheon Webinar Series May 13, 2013

Expert Oracle Application. Express Security. Scott Spendolini. Apress"

VORMETRIC DATA SECURITY PLATFORM ARCHITECTURE

IBM InfoSphere Optim Data Masking solution

Big Data Management and Security

Automatic Encryption With V7R1 Townsend Security

8 Steps to Holistic Database Security

Big Data Multi-Platform Analytics (Hadoop, NoSQL, Graph, Analytical Database)

Obtaining Value from Your Database Activity Monitoring (DAM) Solution

Key New Capabilities Complete, Open, Integrated. Oracle Identity Analytics 11g: Identity Intelligence and Governance

Effective Data Governance

Informatica and our product strategy

IMS Test Data Management. Virtual IMS User Group 4 February 2014

IBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop

How To Use Vormetric.Com To Protect Your Data From Hackers

Parallel Data Warehouse

Protecting Enterprise Data In Hadoop HPE SecureData for Hadoop

Big Data, Integration and Governance: Ask the Experts

IBM Software Top tips for securing big data environments

Contents. Pentaho Corporation. Version 5.1. Copyright Page. New Features in Pentaho Data Integration 5.1. PDI Version 5.1 Minor Functionality Changes

Voltage Secure Stateless Tokenization

Data Integration Checklist

Integrating Netezza into your existing IT landscape

End to End Solution to Accelerate Data Warehouse Optimization. Franco Flore Alliance Sales Director - APJ

Securing and protecting the organization s most sensitive data

Data-Centric Security Key to Cloud and Digital Business

Encryption is Fundamental: A Technical Overview of Guardium Data Encryption October 2014

Washington State s Use of the IBM Data Governance Unified Process Best Practices

Paxata Security Overview

Transcription:

Business Glossary Business Intelligence Data Architecture Master Data Management Protecting Data in a Spooky world Data Masking Technologies DAMA RMC Oct. 29, 2014 Aspen Information Solutions, Inc Lowell W. Fryman 720 352-8575 www.aspensolscom

Agenda What is Data Masking How do we Mask data What is the Value What are the different types of Data Masks Discuss some of the leading Technologies 2

What is Data Masking Data Masking is used to help protect sensitive data at rest and in transit from insiders and outsiders abuse Helps protect from abuse and negligence sensitive data such as Credit card numbers Social Security numbers Sensitive Personal data (PSI/PSI) Health data (diagnoses/ treatments) Other financial data Adapting data masking technology and processes helps raise the level of security and privacy assurance Data Masking is also called data obfuscation, sanitization, scrambling, deidentification, or deauthenticiation 3

How do we use the technology Data Masking should be used as an integrated portfolio of data security technologies Data Masking helps meet compliance requirements imposed as audit, security and privacy standards Data Masking prevents abuse by hiding data. Data Masking techniques include Substitution: Replacing characters with similar looking characters (@#$%^&) Masking: Replacing characters with masking characters ( x ) Replacing last names with fictional last names (Konabi) Shuffling: Reshuffling data in the database columns (random shuffle of characters) Number and Date variance: Apply variance algorithm Null out: Null or delete data in certain columns Encryption 4

Current Environment Data Breaches Could Data Masking have helped Target Norstroms Home Depot Florida Law (when will it be adapted by others) Financial Crimes/AML Laws 5

Types of Data Masking Static data masking (SDM) Applies masking technology to the physical data being stored. Used mostly to deter misuse in non-production databases. Most popular form for protecting data in development and test environments. Most mature technology Dynamic data masking (DDM) Used on production data in real time Typically a DDM Monitor intercepts each request to the database and analyzes it. The Monitor modifies the database response by masking the sensitive data based upon the masking rules and user entitlements. No physical database changes are done Data Redaction Used to mask unstructured content such as documents, PDF and spreadsheets 6

Gartner Magic Quadrant The Leader Quadrant IBM Informatica Oracle Other Interesting Firms Camouflage Software (Challenger) Dataguise (Visionary) Voltage Security (Visionary) 7

Example - Shuffling Let s take my Name and shuffle it Shuffling each character with the third character First character goes to 4 th 4 th goes to 1 st 2 nd goes to 5 th 5 th goes to 2nd Lowell Fryman (one name column) ELLLOWYMA FR N With First Name and Last Name columns ELLLOW (FIRST) MANFRY (LAST) 8

Gartner MQ for Masking Technologies Leaders IBM Informatica Oracle Challengers Camouflage Software Visionaries Dataguise Voltage Security 9

IBM Acquired Princeton Softech in 2007 Combined with acquisition of Guardium in 2009 to accelerate development of DDM InfoSphere Guardium Data Activity Monitor or InfoSphere Optim Data Privacy is DDM Largest installed base of SDM Great support within the Rational and InfoSphere suites Generally on consumers short lists New pricing model based upon volume of masked data Technical skills are inconsistent, products are complex Masking for Big Data platforms available since Q1 2013 10

Informatica Acquired Applimation in 2009 for SDM Acquired ActiveBase in 2011 for DDM SDM product is Informatica Persistent Data Masking DDM product is Informatica Dynamic Data Masking One of the largest SDM installed base Also offers data redaction In Q4 2013 announced DDM support for Hadoop, Cloudera, Hortonworks, and MapR Newer lower priced cloud-based solutions Technical support skills reported as lacking 11

Oracle SDM product is Oracle Data Masking Pack High performance in masking data in an Oracle DB Strong adoption of Oracle Enterprise Manager promotes the Data Masking Pack DDM product is Oracle Data Redaction (part of the Advanced Security offereing) Oracle Database Gateway must be part of the solution Data Redaction not offered as a tool but offer a set of APIs Masking for Big Data only in Oracle Big Data Appliance 12

Camouflage Software An early stage vendor releasing SDM in 2004 See www.datamasking.com Product is Data Masking Lifecycle Management Suite Product and customization services Strong product reputation and technical support Willingness to work with developers and testers SDM is User-friendly, easy to learn, flexible to install Just started to offer DDM, data redaction limited to Excel Small network of partners Does not have other data management technologies 13

Dataguise SDM vendor since 2007 SDM product is DgSecure Easy to learn, user-friendly, with flexible masking rule engine Can be used with Big Data platforms Strong partner, Compuware, uses DgSecure in its SDM service offerings Strong customer service One of the pioneers in Hadoop data masking Recent large VC investments Masks a limited number of databases 14

Voltage Security Voltage Security focuses on encryption and data tokenization Voltage SecureData Enterprise uses Format-Perserving Encryption (FPE) and Secure Stateless Tokenization (SST) The product provides data masking functionality for production and non-production SDM masking capabilities provided via APIs to ETL tools like Informatica PowerCenter Voltage FPE is innovative and its AES-FFX cipher mode is being standardized by NIST Voltage FPE can be reversed or made irrevsible Available for Hadoop, certified for Cloudera and Hortonworks 15

Contact for Additional Information Lowell W. Fryman 720 352-8575 lfryman@k2-solutions.com lfryman@aspensols.com www.k2-solutions.com 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information