Personally identifiable information (PII) that is not needed for downstream processing or recovery should be redacted (masked) to prevent misuse. Only selected parts of the data should be exposed.
At the same time, the masking should preserve the original storage format and overall field appearance so that the platform structure or application need not be altered. Masking all but the last four digits of a credit card or social security number with asterisks is a common requirement.
While DBAs can remove columns in tables, there are few alternatives for masking data in different ways across multiple databases and flat file sources.
With either IRI FieldShield -- or the SortCL program in the IRI CoSort package or IRI Voracity platform -- you can cover over: strings, field fragments, entire fields, and whole rows in your databases or files. Choose the type and start/stop locations of the masking characters. Determine whether to apply the redaction based on column names or field value conditions.
Built-in (or custom) character masking is only one available, non-reversible protection in IRI software. Others include randomization, external source pseudonymization, and possibly hashing. Reversible protections include encryption, encoding, de-ID, same-source pseudonymization, expression, and string functions.
SortCL users have the additional option to transform and report on data as they protect it. Both products are supported in the user-friendly GUI built on Eclipse. The IRI Workbench exposes and profiles multiple data sources, helps configure masking jobs, and manages the projects for team-sharing and compliance verification.