DATA MASKING A WHITE PAPER BY K2VIEW. ABSTRACT K2VIEW DATA MASKING

Similar documents
CA Aion Business Rules Expert r11

Analytic Modeling in Python

ORACLE ENTERPRISE DATA QUALITY PRODUCT FAMILY

Microsoft Dynamics GP. Payroll Connect

Credit Card Extension White Paper

CA Workload Automation Agent for Remote Execution

Dell Statistica. Statistica Document Management System (SDMS) Requirements

Pipeliner CRM Phaenomena Guide Sales Pipeline Management Pipelinersales Inc.

Database lifecycle management

a division of Technical Overview Xenos Enterprise Server 2.0

Sage CRM Connector Tool White Paper

EnergySync and AquaSys. Technology and Architecture

ETPL Extract, Transform, Predict and Load

Identifying Problematic SQL in Sybase ASE. Abstract. Introduction

Configuration Management in the Data Center

Oracle SQL Developer Migration

CA Workload Automation Agent for Microsoft SQL Server

Release Notes. BlackBerry Web Services. Version 12.1

Logging and Alerting for the Cloud

Microsoft Dynamics GP. SmartList Builder User s Guide With Excel Report Builder

Programmabilty. Programmability in Microsoft Dynamics AX Microsoft Dynamics AX White Paper

Oracle Financial Services Data Integration Hub Foundation Pack Extension for Data Relationship Management Interface

Access to easy-to-use tools that reduce management time with Arcserve Backup

Quest vworkspace Virtual Desktop Extensions for Linux

Should Costing Version 1.1

Datacenter Management Optimization with Microsoft System Center

Microsoft SQL Server 2008 R2 Enterprise Edition and Microsoft SharePoint Server 2010

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

RS MDM. Integration Guide. Riversand

CCA DSS SP 2 Release Notes. For Microsoft Dynamics GP v10.0, v2010 and v2013

SapphireIMS Business Service Monitoring Feature Specification

Benefits of Integrated Credit Card Processing Within Microsoft Dynamics GP. White Paper

Nimsoft Monitor Compatibility Matrix October 17, 2013

IBM Software Information Management Creating an Integrated, Optimized, and Secure Enterprise Data Platform:

Deploying the Workspace Application for Microsoft SharePoint Online

Five Steps to Integrate SalesForce.com with 3 rd -Party Systems and Avoid Most Common Mistakes

Big Data Analytics with IBM Cognos BI Dynamic Query IBM Redbooks Solution Guide

Sisense. Product Highlights.

SharePlex for SQL Server

How to Ingest Data into Google BigQuery using Talend for Big Data. A Technical Solution Paper from Saama Technologies, Inc.

Product Composer System

Integrating ERP and CRM Applications with IBM WebSphere Cast Iron IBM Redbooks Solution Guide

CA Process Automation

An Oracle White Paper February Oracle Data Integrator 12c Architecture Overview

RedBlack CyBake Online Customer Service Desk

SAP Business Intelligence Adoption V7.41:Software and Delivery Requirements. SAP Business Intelligence Adoption August 2015 English

SmoothWall Virtual Appliance

Understanding Enterprise Cloud Governance

Fact Sheet In-Memory Analysis

BW370 BI Integrated Planning

Oracle Data Integrator and Oracle Warehouse Builder Statement of Direction

Oracle Business Rules Business Whitepaper. An Oracle White Paper September 2005

An Oracle White Paper October Oracle Data Integrator 12c New Features Overview

Real-time Data Replication

How To Manage A Privileged Account Management

Pipeliner CRM Phaenomena Guide Administration & Setup Pipelinersales Inc.

BrightStor ARCserve Backup for Linux

3 rd party Service Desk interface

Foglight. Dashboard Support Guide

TIBCO ActiveMatrix BusinessWorks Plug-in for Microsoft SharePoint Release Notes

An Oracle White Paper November Upgrade Best Practices - Using the Oracle Upgrade Factory for Siebel Customer Relationship Management

Canadian Pharmaceutical Distribution Network Certificate Authority Services Agreement. In this document:

Rational Reporting. Module 3: IBM Rational Insight and IBM Cognos Data Manager

Windows Server Virtualization An Overview

Oracle Financial Services Data Integration Hub Foundation Pack Extension for Oracle Banking Platform

Migrate from Exchange Public Folders to Business Productivity Online Standard Suite

Open EMS Suite. O&M Agent. Functional Overview Version 1.2. Nokia Siemens Networks 1 (18)

UPSTREAM for Linux on System z

SAP DSM/BRFPlus System Architecture Considerations

MANAGED SERVICE PROVIDERS SOLUTION BRIEF

docs.rackspace.com/api

Self Help Guides. Setup Exchange with Outlook

Aitoc Software LLC License Agreement for Magento Extensions

LDAP Synchronization Agent Configuration Guide for

CA Repository for z/os r7.2

TIBCO ActiveMatrix BusinessWorks Plug-in for TIBCO Managed File Transfer Software Installation

Wave Adapter for DealerSocket Automotive CRM. Installation and Configuration Guide

Oracle Data Integrator and Oracle Warehouse Builder Statement of Direction

CA Workload Automation Agents for Mainframe-Hosted Implementations

Get More from Microsoft SharePoint with Oracle Fusion Middleware. An Oracle White Paper January 2008

Scriptless Test Automation. Next generation technique for improvement in software testing. Version 1.0 February, 2011 WHITE PAPER

Oracle BI 10g: Analytics Overview

Business Portal for Microsoft Dynamics GP. Project Time and Expense Administrator s Guide Release 10.0

SAP NetWeaver MDM 5.5 SP3 SAP Portal iviews Installation & Configuration. Ron Hendrickx SAP NetWeaver RIG Americas Foundation Team

EPESI PARTNERSHIP PROGRAM [EPP]

Leveraging BPM Workflows for Accounts Payable Processing BRAD BUKACEK - TEAM LEAD FISHBOWL SOLUTIONS, INC.

CA Aion Business Rules Expert 11.0

Pipeliner CRM Phaenomena Guide Opportunity Management Pipelinersales Inc.

SapphireIMS 4.0 BSM Feature Specification

Start Oracle Insurance Policy Administration. Activity Processing. Version

VBLOCK SOLUTION FOR SAP APPLICATION SERVER ELASTICITY

CA Workload Automation Agents Operating System, ERP, Database, Application Services and Web Services

MySQL and Virtualization Guide

Unicenter Patch Management

How your business can successfully monetize API enablement. An illustrative case study

DEPLOYMENT ROADMAP March 2015

IBM Software Information Management. Scaling strategies for mission-critical discovery and navigation applications

Transcription:

DATA MASKING A WHITE PAPER BY K2VIEW. ABSTRACT In today s world, data breaches are continually making the headlines. Sony Pictures, JP Morgan Chase, ebay, Target, Home Depot just to name a few have all recently suffered from data breaches, lost millions of dollars and put their clientele at risk. While software and databases are getting more and more secure, one of the most efficient way to prevent data breaches is to store sensitive data only where it is absolutely necessary (i.e. only on certain data stores and for certain users) and mask this data everywhere else. This data masking must not only make the data unreadable, it must also be compliant software using this data and consistent across every piece of the IT eco -system which can be a cumbersome and costly task. This white paper demonstrates how K2View Data Masking solution solves these data masking needs easily, quickly and consistently. K2VIEW DATA MASKING K2View cutting-edge data masking solution has been solving data masking issues across every type of industry from Telecom, Insurance or Banking, making it one of the most flexible and rapidly implemented masking solution on the market.

AT THE HEART OF K2VIEW: THE LOGICAL UNIT In order to provide full data masking capabilities, K2View Data Masking uses a game-changing data model to retrieve and mask data: the Logical Unit. Most data masking systems retrieve data and mask data system by system, table by table (e.g. masking all customer data stored in the CRM system, then masking all financial data stored in the billing system, etc.); this model translates slower and not easily distributed processes because so much data is being queried, retrieved, transformed and loaded at once. It also infers possible inconsistency between systems post masking (e.g. key field like SSN being masked one way in the CRM system and another in the billing system). K2View s solutions look at data a different way: retrieving and processing it in-memory based on business logic, hence the name Logical Unit. This allows the business to dictate how their data must me masked across their IT ecosystem. Indeed, in K2View, every business related object (e.g. Customer, Merchant) is represented by a Logical Unit Type. Each Logical Unit Type is then associated with a representation (or Logical Unit DataBase, LUDB). Within the LUDB is where you define the relevant input objects associated with one Logical Unit Type. This process is either automated using K2View Auto -Discovery module or done manually using K2View drag-and-drop style graphical configuration dashboard, LU Studio. The result is a business oriented structure containing tables and objects from as many systems as needed (e.g. for a Customer Logical Unit Type, 3 tables from the CRM system running on MySQL and 5 tables from the billing system residing on Oracle). This LUDB structure is used to execute data masking: every Logical Unit Instance is masked independently ensuring full consistency across platforms. Moreover, the K2View engines can use this model to fully distribute this execution and achieve in-memory Massive Parallel Processing (MPP) performance. As such, the Logical Unit concept is a bridge between discrepant, hard to transform data and consistent, business-oriented data.

ARCHITECTURE OVERVIEW As the following diagram illustrates, K2View Data Masking Solution is composed of two main elements: The LUDB CONFIGURATION The EXECUTION SERVER(S) The LUDB configuration is a versioned configuration that contains every details relevant to the data masking deployment: Connection parameters for source and target Masking rules definition (see more details in the DATA MASKING FEATURES section) Extract, Transform, and Load (ETL) rules; these rules include any data enrichment, validation, reporting, or integrity checks. For more details about K2View ETL capabilities, please consult our Data Migration documentation. The LUDB configuration is configured via K2View state-of-the-art configuration GUI: the LU Studio. The LU Studio enables concurrent development and versioning of the LUDB configuration as well as execution orchestration and monitoring. Every version of the LUDB configuration is maintained via K2View Admin manager which manages repository creation and access control. The execution server(s) are a set of servers which, orchestrated via the LU Studio, will extract, mask, transform and load data from source to target. Each server executes multiple threads of the ETL + MASKING ENGINE, allowing full distribution of the data masking execution thus incredible performances (see more details in the DISTRIBUTED EXECUTION section)

DATA MASKING FEATURES Relying upon the Logical Unit model, K2View Data Masking solution is completely flexible and can be adapted to implement any masking rule. This section highlights the most common requirements that our solution solves out of the box. FULL DATA USABILITY Whether it is maintaining an encryption algorithm, using the right algorithm of population of a Social Security Number, ensuring that the checksum of a masked Credit Card Number is valid or making sure that the masked city and state are consistent with their corresponding masked zip code, K2View embedded data masking library ensure that the masked data will be recognized and usable by your target applications. And if our out-of -the-box libraries aren t sufficient, K2View can interface with any API and implement any custom data masking function. KEYS INTEGRITY PRESERVATION Some of the most sensitive fields are often used as keys to link different platforms, because of their uniqueness (e.g. phone number, SSN, customer ID, etc.). Because every piece of data is represented as a Logical Unit, it is extremely easy for K2View to mask these fields in the same manner across platforms. FLEXIBLE EXECUTION K2View Data Masking solution allows masking over a full population of customer, or in phases based on any phasing criteria (e.g. business lines, source systems, etc.) all the while maintaining full consistency of any masked data, including keys. Moreover, extract and load engine allows masking of data without any downtime on source or target systems. RAPID IMPLEMENTATION Using K2View LU Studio, the implementation of masking rules for a full range of different systems can and has been implemented in a matter of hours. Indeed, configuring masking rule in K2View is as easy as filling out a spreadsheet (with auto completion features). Furthermore, our solution offers key features like auto-discovery for the LUDB schema creation, query builders and a full offline debugging suite that reduce drastically your implementation efforts, even without advanced development knowledge. ZERO EXPOSURE Knowing that exposure to data breaches is your main concern, every K2View masking execution thread is fully encrypted, in-memory for no data exposure. Even the masking rules can be retrieved on-the-fly so that they are not even exposed to the persons in charge of their implementation.

DISTRIBUTED EXECUTION As depicted in the figure above, K2View Data Masking Solution distributed execution and parallelization is done by Logical Unit Instance. Indeed, at the time of execution, and for every Logical Unit Instance a thread will be executed and distributed across K2View s execution servers. In this example, the data is masked from six different source systems into six different target systems. For each logical unit instance (i.e. thread), the following simple steps are executed: 1. Extraction from source systems using source connectors (e.g. DB connectors, flat files, or web services) into a Logical Unit Instance. This extraction is done from the connector into memory without any I/O involved. 2. Masking of the Logical Unit Instance using pre-configured masking rules. 3. Transformation of the masked data to comply to the target data format (often one to one in masking executions). 4. Load of the transformed and Masked data onto target systems using target connectors. This execution model, radically different from most execution models currently on the market that execute masking system by system and table by table, offers many inherent advantages: No disruption of source or target system using non disruptive connectors Massive Parallel Processing performance Real time orchestration (e.g. pause/resume, real time load balancing, etc.) Full control of the population to be masked

EMBEDDED DATA MASKING FEATURES Traditional Solutions K2VIEW Full Population Data Masking Data Masking in Phases No-Downtime Execution Keys Integrity Preservation Extremely Rapid Implementation (few hours) Easy Execution Process Orchestration In-Memory Massive Parallel Processing FREQUENTLY ASKED QUESTIONS Can K2View data masking be triggered automatically? Yes, K2View data masking solution can be implemented to be triggered automatically by any event. What is the level of granularity for K2View masking rules? Data masking rules can be implemented, enabled and disabled independently for every field in the scope of your data masking implementation. What kind of masking algorithm can be applied when masking data? Any type of algorithm can be defined and applied while masking data. For example the first name of a person can be masked by using a character substation algorithm, generating a random character for each letter of the first name, encrypted using AES or replaced by a random first name in the existing population to be masked. What OS does K2View masking solution support? K2View servers can run on all major Unix, Linux and Windows operating systems. The LU studio requires a 64-bit version of Windows. For more details about system requirements, please refer to our technical documentation. Can K2View mask already existing data from and to the same system? Yes, K2View can retrieve mask and update data from the same system.

CONFIDENTIALITY This document contains copyrighted work and proprietary information belonging to K2View. This document and information contained herein are delivered to you as is, and K2View makes no warranty whatsoever as to its accuracy, completeness, fitness for a particular purpose, or use. Any use of the documentation and/or the information contained herein, is at the user's risk, and K2View is not responsible for any direct, indirect, special, incidental, or consequential damages arising out of such use of the documentation. Technical or other inaccuracies, as well as typographical errors, may occur in this Guide. CONTACT INFORMATION www.k2view.com info@k2view.com +1-844-438-2443 This document and the information contained herein and any part thereof are confidential and proprietary to K2View. All intellectual property rights (including, without limitation, copyrights, trade secrets, trademarks, etc.) evidenced by or embodied in and/or attached, connected, or related to this Guide, as well as any information contained herein, are and shall be owned solely by K2View. K2View does not convey to you an interest in or to this Guide, to information contained herein, or to its intellectual property rights, but only a personal, limited, fully revocable right to use the Guide solely for reviewing purposes. Unless explicitly set forth otherwise, you may not reproduce by any means any document and/or copyright contained herein. Information in this Guide is subject to change without notice. Corporate and individual names and data used in examples herein are fictitious unless otherwise noted. Copyright 2015 K2View Ltd./K2VIEW LLC. All rights reserved. The following are trademark of K2View: K2View logo, K2View's platform. K2View reserves the right to update this list from time to time. Other company and brand products and service names in this Guide are trademarks or registered trademarks of their respective holders.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information