According to Simson L. Garfinkel at the NIST Information Access Division’s Information Technology Laboratory,
De-identification is not a single technique, but a collection of approaches, algorithms, and tools that can be applied to different kinds of data with differing levels of effectiveness.
Introduction: This example demonstrates an older method of using IRI FieldShield to protect sensitive data prior to indexing the data in Splunk. As you will read, FieldShield would process the data outside of Splunk and create a CSV file for Splunk’s ingestion.
In the course of protecting personally identifiable information (PII) moving into and out of databases, FieldShield and CoSort typically externalize protection of the full table(s) they connect to.
Encryption key management is one of the most important “basics” for an organization dealing with security and privacy protection. Major data losses and regulatory compliance requirements have prompted a dramatic increase in the use of encryption within corporate data centers.
It is a common mistake to refer to data masking and data encryption interchangeably to mean the same things. While field-level encryption is considered one of many possible “data masking” functions, we define data masking and encryption as technically distinct processes below.