I’ve been asked numerous times how Dynamic Data Masking works, so here it is – The Dynamic Data Masking process. Believe me it’s simple …
The use case –IT personnel, developers, consultants and outsource support teams have access to production business applications (SAP, PeopleSoft, Oracle) or clones/backups that contains sensitive customer information and credit card information.
We cannot block their access, as they are required to ensure application performance, but we need to secure the data they are accessing.
These are the initial installation steps required:
- Install Informatica Dynamic Data Masking on the database or on a dedicated server as it acts as a proxy.
- Import one of our predefined rule sets that has been prepared for the application/data or create your own custom rules.
- Define the roles/responsibilities that need to be anonymized, using predefined hooks to ActiveDirectory/LDAP and application responsibilities.
Now how does Dynamic Data Masking work?
- User requests are intercepted in real-time by the Dynamic Data Masking server software.
- User roles and responsibilities are evaluated, and if they have been specified by the rules as requiring masking, Dynamic Dasta Masking rewrites them to return masked/scrambled personal information. No application changes, no database changes – completely transparent.
Sounds simple – yes it is.
Other common use cases include protecting development and reporting tool access to production databases, anonymizing datawarehouse reports and design tools, securing production clones and training environments.