DataSunrise Masking for Vertica
DataSunrise Masking for Vertica masks and obfuscates specified database content, thus protecting against inadvertent data leakage and privilege access abuse. Scalable masking rules allow you to simplify and automate some access management and security procedures alongside helping in compliance-related issues.
Companies use data masking when they have to provide the database access to outsourced testers and developers. Such operations pose a huge threat to confidentiality and integrity of sensitive data. To mitigate the risk of data leaks, companies imply data masking tools technology of which is based on replacing genuine database content with asterisks, specified or random characters. The structure of the data is left unchanged.
Dynamic masking for Vertica
Vertica data masking solution designed by DataSunrise performs dynamic data masking. Implemented as a proxy between users and the server, DataSunrise intercepts incoming SQL queries and changes them according to specified security policies and masking rules. As a result, the database reply will contain masked data instead of genuine content.
The advantage of this kind of masking is that there is no need to copy the whole database as masking is done in real time. The requested data will be always up-to-date and it doesn’t require additional server resources to store the database duplicate.
Performing the masking
Let’s see how it looks like on the example of the following table containing some personally identifiable data.
To perform Vertica data masking, you need to enter DataSunrise GUI and create masking rules by selecting database elements, making patterns, affected database users or IP addresses and other settings. There are built-in masking patterns for the most frequently used type of confidential data. ‘Fixed string’ masking type allows you to assign your own combination used in a masking pattern. Here’s what we get on the output:
Vertica data masking tools help to comply with data privacy mandates that restrict the use of personal customer data. For static data masking DataSunrise uses the same rules and patterns as in dynamic masking. Only a duplicate of the whole database will be created.
