Data Masking is the Primary Tool for Data Anonymization in Privacy
Data masking changes personal or sensitive data into random values to anonymize, de-identify, and or desensitize data. This protects personal, health, or financial data from unauthorized viewing and access. Masking supports privacy and security policies, and limits access and viewing of private data to authorized users with a valid business purpose. Masking data provides enough original data as needed by the user to accomplish their business needs. For example, a customer service representative doesn’t need to see the credit profile of a customer, but an accounts payable representative does need to see credit data to do their job.
How can organizations implement data masking?
- Custom scripts– programmers write scripts to modify data fields related to personal or sensitive data.
- Packaged software– these data masking software packages provide templates around various data domains, and support cloud, hadoop, relational, mainframe, and file systems.
- Data management software– some data integration and data management software have the ability to transform or anonymize personal or sensitive data fields.
Which departments or business functions are most likely to use data masking?
- Operations– for customer service reps who only need partial sets of personal information to do their job.
- DevOps– data masking can anonymize data sets for application testers to ensure that no private data is shared with internal or external testing or quality assurance teams.
- Analytics– personal data with no relevant or authorized analytics purpose can be masked to limit privacy and security risks.
Here are additional resources to learn more about data masking:
- SearchSecurity, data masking
- Information Management, “Best practices for data masking to boost security, privacy and compliance”
You just learned about Data Masking, now explore related terms like Data Anonymization, Data Encryption, Data De-Identification, and Pseudonymization.