Data = Risk
In the post-SOX compliance era, companies and government agencies risk financial liability and damage to their reputations for privacy law violations and data breaches. Consumers, patients, scientists, soldiers, and students expect and need confidentiality. The data putting everyone at risk includes:
- Personally identifiable information (PII) used alone or with other data to identify, contact, or locate someone; e.g. name, address, phone number, or national ID number. The GDPR taking effect on 25 May 2018 requires that the PII of EU subjects be protected.
- Protected health information (PHI) in medical records that identifies a health care recipient. US HIPAA regulations require 18 specific identifiers to be effectively de-identified or anonymized.
- Primary account number (PAN)'s in credit card transactions. Payment card industry data security standard (PCI DSS) require card issuers, merchants, and testers to encrypt, tokenize, and so on.
- Other sensitive information, like codes or formulas, that constitute military or trade secrets.
Both national data privacy laws and internal regulations mandate the protection of this data. Compliance is not only required ... it must also be verifiable.
What's Your Approach?
Are you using a home-grown solution, and is it robust and easy to maintain? Is your encryption solution protecting everything ham-handedly with a single point of failure? Or do you use a data masking tool that only covers one data source or has too few functions?
Is data masking tightly integrated into your data management lifecycle and infrastructure? Can you readily modify the jobs, and log them to prove compliance?
IRI FieldShield software or IRI Data Masking as a Service (DMaas) can discover, classify, and protect sensitive data and facilitate privacy law compliance with the broadest array of static data masking (SDM) or dynamic data masking (DDM) functions available for databases and files. If you have PII in Excel spreadsheets, see our companion product, IRI CellShield.
FieldShield uses a familiar GUI, built on Eclipse™, and a simple cross-platform 4GL, to help you:
- Discover and classify sensitive data in multiple sources
- Encrypt with our compliant (or your own) libraries
- De-identify via masking characters or obfuscating manipulations
- Pseudonymize, encode, hash, randomize, tokenize
- Filter or redact fields or records based on conditions
FieldShield produces XML audit logs you can secure and query to document and verify your protections and compliance with data privacy laws.
FieldShield can also mask data subsets for testing. However, consider IRI RowGen for generating safe, referentially correct test data from scratch instead, especially if you cannot access production data or need better data.
Protect personal privacy during big data integration, transformation, migration, replication, federation, reporting, and provisioning for BI and analytics.
Role Based Access Controls (RBAC)
Choose the protection function you need for each field. Follow your own business rules regarding: authorization (RBAC), security strength, reversibility, and appearance.
Protect like columns (and preserve referential integrity) across tables with functions tied to data class or rule libraries.
Target existing or new tables, files, applications, and even custom reports. Set controls at the field and job level for multiple recipients (one target, differential access).
Data masking is the best way to comply with data privacy laws, nullify the effects of a data breach, and support the risk and controls framework of your enterprise.
IRI FieldShield quickly satisfies the data identification, protection and verification requirements of your information stewardship, regulatory compliance, and data loss prevention programs. You can run FieldShield functions standalone or embedded in ETL and in (dynamic data masking) applications.