DataSunrise Masking for PostgreSQL

Home
PostgreSQL
Data Masking

DataSunrise Masking for PostgreSQL transforms sensitive corporate data into realistic but inauthentic values, allowing users to work with the data while protecting the original sensitive information.

DataSunrise provides PostgreSQL data masking tools effectively protecting against sensitive data leaks. Sometimes an organization has to engage outsource developers and testers. PostgreSQL data masking tools can be used to avoid data breaches by replacing real data from selected columns. At the same time, DataSunrise retains the structure of the original data. Our product uses the same algorithms for dynamic and static data masking but features have some differences in the way they are used.

To perform static data masking, DataSunrise makes a copy of the PostgreSQL database and masks selected columns according to pre-set rules. There is no way to retrieve the original data from statically-masked data, but it can provide a backdoor for a breach when the data is extracted from the database. Also, it lags behind the actual data, so there maybe need for updating the data on a daily basis.

Dynamic data masking is performed at the time of request, so the data doesn’t leave the database. PostgreSQL data masking feature intercepts the query and changes it according to pre-set masking rules, thus the requester will receive masked data.

How PostgreSQL data masking is performed

We will demonstrate you the dynamic data masking functionality on the example of the following table.

To mask the data, we need to configure masking rules:

Create a new rule and select the target database.
Select columns containing sensitive data.
Select database user groups or IP addresses for which the querries will be processed
Select a masking pattern (there are many patterns for masking various data types)