Data masking or data obfuscation is the process of hiding original data with modified content (characters or other data.)
Data masking software protects an organization’s important data by disguising it with random characters or other data so that it is still usable by the organization but not outside forces. To qualify for inclusion in the Data Masking category, a product must: Encrypt data by masking it. Data masking, also known as data anonymization, data cleansing, data obfuscation or data scrambling, is a method of modifying sensitive data while keeping it realistic - but not real. Data masking is a common technique to anonymize sensitive data in non-production environments.
The main reason for applying masking to a data field is to protect data that is classified as personal identifiable data, personal sensitive data or commercially sensitive data, however the data must remain usable for the purposes of undertaking valid test cycles. It must also look real and appear consistent. It is more common to have masking applied to data that is represented outside of a corporate production system. In other words, where data is needed for the purpose of application development, building program extensions and conducting various test cycles. It is common practice in enterprise computing to take data from the production systems to fill the data component, required for these non-production environments. However, this practice is not always restricted to non-production environments. In some organizations, data that appears on terminal screens to call centre operators may have masking dynamically applied based on user security permissions (e.g. preventing call centre operators from viewing Credit Card Numbers in billing systems).
The primary concern from a corporate governance perspective is that personnel conducting work in these non-production environments are not always security cleared to operate with the information contained in the production data. This practice represents a security hole where data can be copied by unauthorized personnel and security measures associated with standard production level controls can be easily bypassed. This represents an access point for a data security breach.
The overall practice of Data Masking at an organizational level should be tightly coupled with the Test Management Practice and underlying Methodology and should incorporate processes for the distribution of masked test data subsets.
Data involved in any. Using this approach we could easily maintain the gender mix within the data structure, apply anonymity to the data records but also maintain a realistic looking database which could not easily be identified as a database consisting of masked data.
This substitution method needs to be applied for many of the fields that are in DB structures across the world, such as telephone numbers, zip codes and postcodes, as well as credit card numbers and other card type numbers like Social Security numbers and Medicare numbers where these numbers actually need to conform to a checksum test of the Luhn algorithm.
Vipre antivirus 2016 free download. Try It Free For Business; Partner With Us; About Us; Renew; Upgrade; Partner Login; Download VIPRE. Thanks for choosing VIPRE Advanced Security Download your copy of VIPRE Advanced Security. For help downloading and installing VIPRE, click here. Download now. Contact Us; Careers; Blog; Security Resources; Follow Us.
In most cases, the substitution files will need to be fairly extensive so having large substitution datasets as well the ability to apply customized data substitution sets should be a key element of the evaluation criteria for any data masking solution.
The shuffling method is a very common form of data obfuscation. It is similar to the substitution method but it derives the substitution set from the same column of data that is being masked. In very simple terms, the data is randomly shuffled within the column. However, if used in isolation, anyone with any knowledge of the original data can then apply a 'What If' scenario to the data set and then piece back together a real identity. The shuffling method is also open to being reversed if the shuffling algorithm can be deciphered.
Shuffling, however, has some real strengths in certain areas. If for instance, the end of year figures for financial information in a test data base, one can mask the names of the suppliers and then shuffle the value of the accounts throughout the masked database. It is highly unlikely that anyone, even someone with intimate knowledge of the original data could derive a true data record back to its original values.
The numeric variance method is very useful for applying to financial and date driven information fields. Effectively, a method utilising this manner of masking can still leave a meaningful range in a financial data set such as payroll. If the variance applied is around +/- 10% then it is still a very meaningful data set in terms of the ranges of salaries that are paid to the recipients.
The same also applies to the date information. If the overall data set needs to retain demographic and actuarial data integrity then applying a random numeric variance of +/- 120 days to date fields would preserve the date distribution but still prevent traceability back to a known entity based on their known actual date or birth or a known date value of whatever record is being masked..
Encryption is often the most complex approach to solving the data masking problem. The encryption algorithm often requires that a 'key' be applied to view the data based on user rights. This often sounds like the best solution but in practice the key may then be given out to personnel without the proper rights to view the data and this then defeats the purpose of the masking exercise. Old databases may then be copied with the original credentials of the supplied key and the same uncontrolled problem lives on.
Recently, the problem of encrypting data while preserving the properties of the entities got a recognition and newly acquired interest among the vendors and academia. New challenge gave birth to algorithms called FPE (format preserving encryption). They are based on the accepted AES algorithmic mode that makes them being recognized by NIST.[1]
Sometimes a very simplistic approach to masking is adopted through applying a null value to a particular field. The null value approach is really only useful to prevent visibility of the data element.
In almost all cases it lessens the degree of data integrity that is maintained in the masked data set. It is not a realistic value and will then fail any application logic validation that may have been applied in the front end software that is in the system under test. It also highlights to anyone that wishes to reverse engineer any of the identity data that data masking has been applied to some degree on the data set.
Character scrambling or masking out of certain fields is also another simplistic yet very effective method of preventing sensitive information to be viewed. It is really an extension of the previous method of nulling out but there is greater emphasis on keeping the data real and not fully masked all together.
This is commonly applied to credit card data in production systems. For instance, an operator in a Call Center might bill an item to a customer's credit card. They then quote a billing reference to the card with the last 4 digits of XXXX XXXX xxxx 6789. As an operator they can only see the last 4 digits of the card number, but once the billing system passes the customer's details for charging, the full number is revealed to the payment gateway systems.
This system is not very effective for test systems but is very useful for the billing scenario detailed above. It is also commonly known as a dynamic data masking method.[2][3]
Additional rules can also be factored into any masking solution regardless of how the masking methods are constructed. Product agnostic White Papers[4] are a good source of information for exploring some of the more common complex requirements for enterprise masking solutions which include Row Internal Synchronisation Rules, Table Internal Synchronisation Rules and Table[5] to Table Synchronisation Rules.
Data masking is tightly coupled with building test data. Two major types of data masking are static and on-the-fly data masking.[6]
Static Data Masking is usually performed on the golden copy of the database, but can also be applied to values in other sources, including files. In DB environments, production DBAs will typically load table backups to a separate environment, reduce the dataset to a subset that holds the data necessary for a particular round of testing (a technique called 'subsetting'), apply data masking rules while data is in stasis, apply necessary code changes from source control, and/or and push data to desired environment.[7]
There are also alternatives to the static data masking that rely on stochastic perturbations of the data that preserve some of the statistical properties of the original data. Examples of statistical data obfuscation methods include differential privacy[8]and the DataSifter method[9].
On-the-Fly Data Masking[10] happens in the process of transferring data from environment to environment without data touching the disk on its way. The same technique is applied to 'Dynamic Data Masking' but one record at a time. This type of data masking is most useful for environments that do continuous deployments as well as for heavily integrated applications. Organizations that employ continuous deployment or continuous delivery practices do not have the time necessary to create a backup and load it to the golden copy of the database. Thus, continuously sending smaller subsets (deltas) of masked testing data from production is important. In heavily integrated applications, developers get feeds from other production systems at the very onset of development and masking of these feeds is either overlooked and not budgeted until later, making organizations non-compliant. Having on-the-fly data masking in place becomes essential.
Dynamic Data Masking is similar to On-the-Fly Data Masking but it differs in the sense that On-the-Fly Data Masking is about copying data from one source to another source so that the latter can be shared. Dynamic data masking happens at runtime, dynamically, and on-demand so that there doesn't need to be a second data source where to store the masked data dynamically.
Dynamic data masking enables several scenarios, many of which revolve around strict privacy regulations e.g. the Singapore Monetary Authority or the Privacy regulations in Europe.
Dynamic data masking is attribute-based and policy-driven. Policies include:
Dynamic data masking can also be used to encrypt or decrypt values on the fly especially when using format-preserving encryption.
Several standards have emerged in recent years to implement dynamic data filtering and masking. For instance, XACML policies can be used to mask data inside databases.
There are five possible technologies to apply Dynamic data masking: