This is an introduction to IRI CellShield. Subsequent blogs will demonstrate the different functions in CellShield: data masking, encryption, and pseudonymization. If you’re interested in finding, classifying, or masking PII in databases or flat files, check out IRI FieldShield. For semi-structured and unstructured text (log, email, .pdf, etc.) files, see IRI DarkShield.
Protecting sensitive data is certainly a top-of-mind issue for large retailers, medical facilities, and financial institutions. We have posited in Breached But Still Protected that the threat of criminals trying to break protection barriers into data centers will only grow. And despite the number of security measures deployed, there will be even smarter attempts to breach the protected data, and the more layers of protection, the better.
Financial institutions have social security numbers, account numbers, and transaction histories, that have to remain secure. Healthcare providers, and those managing their data, are required under HIPAA to de-identify key elements, or protected health information (PHI) at rest. And, retailers must protect credit card / primary account number (PAN) and credit details for their customers to comply with the Payment Card Industry (PCI) Data Security Standard (DSS).
Regardless of the size of the business, these companies have sensitive data they need to protect. They have many methods, structures, and software/hardware options to store and control their data. Large companies deploy data warehouses and legions of monitored and protected databases — sometimes combined with encryption and key management appliances — to better safeguard their contents. Smaller companies may have only one database, or use common tools like Excel spreadsheets to manage their data.
There are enterprise-class data masking products on the market, like IRI FieldShield, that are designed to protect sensitive data in large data stores and databases. However, there has not been a robust, targeted data security solution for that data in Excel spreadsheets, until now.
IRI’s new CellShield tool is an add-in for Excel 2010 and 2013 that offers some of the same masking and protection functions that FieldShield applies to large files and databases. CellShield’s algorithms and protection methods are compatible with certain FieldShield encryption, masking, and pseudonymization options. A simple-to-use interface takes you through the steps, and CellShield does the work for you. CellShield can provide for decryption and restoration (from pseudonymization) so that you, or other licensed users, can conceal and reveal data in the same, or different, worksheets.
Because CellShield is a spin-off of FieldShield, it also allows companies who use FieldShield to protect sensitive data in a large data repository, create an Excel output file, and send it to individual users that can decrypt the needed data at their workstations. Conversely, data encrypted in Excel can be uploaded to the central IT department for decryption and use.
CellShield not only can provide an additional layer of protection for corporations using Excel spreadsheets, but it also gives smaller companies and end-users a way to compete on data privacy and comply with the law.
You can find more information and purchase the CellShield add-in here. Subsequent articles in this series contain examples of how data masking, encryption, and pseudonymization are applied to cells in your Excel spreadsheets.