Data = Risk
In the post-SOX compliance era, companies and government agencies risk financial liability and damage to their reputations for privacy law violations and data breaches. Consumers, patients, scientists, soldiers, and students expect and need confidentiality. The data putting everyone at risk includes:
- Personally identifiable information (PII) used alone or with other data to identify, contact, or locate someone; e.g. name, address, phone number, or national ID number.
- Protected health information (PHI) in medical records that identifies a health care recipient. US HIPAA regulations require 18 specific identifiers to be effectively de-identified or anonymized.
- Primary account number (PAN)'s in credit card transactions. Payment card industry data security standard (PCI DSS) require card issuers, merchants, and testers to encrypt, tokenize, and so on.
- Other sensitive information, like codes or formulas, that constitute military or trade secrets.
Both national data privacy laws and internal regulations mandate the protection of this data. Compliance is not only required ... it must also be verifiable.
What's Your Approach?
Are you using a home-grown solution, and is it robust and easy to maintain? Is your encryption solution protecting everything ham-handedly with a single point of failure? Or, do you use a data masking tool that only covers one data source, or has too few functions?
Is data masking tightly integrated into your data management lifecycle and infrastructure? Can you readily modify the jobs, and log them to prove compliance?
IRI FieldShield software protects sensitive data and facilitates privacy law compliance with the broadest array of static data masking (SDM) or dynamic data masking (DDM) functions available for databases and files. FieldShield uses a familiar GUI, built on Eclipse, and a simple cross-platform 4GL, to help you:
- Encrypt with our compliant (or your own) libraries
- De-identify via masking characters or obfuscating manipulations
- Pseudonymize, encode, hash, randomize, tokenize
- Filter or redact fields or records based on conditions
FieldShield is also part of IRI's larger data management and protection technology stack. It shares the same metadata and Eclipse GUI with tools like CoSort and NextForm so that you can seamlessly fold data masking into data your enterprise information management (EIM) lifecycle. Protect during big data integration, transformation, migration, replication, federation, reporting, and provisioning data for BI and analytic tools source private data.
FieldShield also produces XML audit logs you can secure and query to document and verify your protections.
FieldShield can also mask data subsets for testing. However, consider RowGen for generating safe, referentially correct test data from scratch instead, especially if you cannot access production data or want more flexibility.
Role Based Access Controls (RBAC)
Choose the protection function you need for each field. Follow your own business rules regarding: authorization (RBAC), security strength, reversibility, and target field appearance.
Protect similar columns (and preserve referential integrity) across multiple tables with functions you specify or import from a rules library.
Target existing or new tables, files, applications, and even customized reports. Set controls at the field and job level for multiple recipients of the data. This way, even a single output can reveal different things to different people.
Use FieldShield -- and optional professional services from IRI or the experts you choose -- to comply with data privacy laws. Secure sensitive data inside and outside the firewall, in reports, and in the cloud.
Bottom line: FieldShield is the best way to support the risk and controls framework of your enterprise through data masking. FieldShield quickly satisfies the protection and verification requirements of your information stewardship, regulatory compliance, and data loss prevention programs. And only FieldShield runs seamlessly with so many other data management activities.