dmsuite static & dynamic data masking overview

20
© Copyright 2013 Axis Technology, LLC DMsuite DMsuite Data Masking Data Masking Overview Overview know your data • protect your data • share your data

Upload: axis-technology-llc

Post on 25-May-2015

1.062 views

Category:

Technology


2 download

DESCRIPTION

DMsuite Static & Dynamic Data Masking software from Axis Technology, LLC to mask your data for software testing and development. DMsuite™ profiles, provisions, masks, and audits your data to protect your PII and HIPAA information.

TRANSCRIPT

Page 1: DMsuite Static & Dynamic Data Masking Overview

© Copyright 2013 Axis Technology, LLC

DMsuite DMsuite Data Masking Overview Data Masking Overview

know your data • protect your data • share your data

Page 2: DMsuite Static & Dynamic Data Masking Overview

DMsuite™ is the proprietary data masking software product by Axis Technology Software, LLC.

With DMsuite you can profile, mask, audit, provision and manage your data in a standardized, automated manner. It acts like a water filter, working behind the scenes to replace sensitive data with fictitious data when you copy it out of your production environment. DMsuite represents a major advance over existing one-off scripts to a fully automated, repeatable process.

Page 3: DMsuite Static & Dynamic Data Masking Overview

You need data masking when you:• Copy sensitive data outside of production environments

• Move your test data to the cloud

• Leverage off-shore development/consultants

• Send data to the vendors

• Need regulatory compliance (HIPAA, PCI DSS)

• Respond to that audit item

Page 4: DMsuite Static & Dynamic Data Masking Overview

Static Data Masking for TestingWhat is it?

Ensure that Test Environments contain robust test data that has the same characteristics as production without containing any sensitive information

Benefits

Internal and 3rd Party developers and testers are free from concerns about data breaches.

Production Database

Real DataMasked

Test Database

Masked Data

4

Page 5: DMsuite Static & Dynamic Data Masking Overview

Migration to CloudWhat is it?

Organizations want to take advantages of the benefits of cloud computing, but are concerned about data security.

Benefits

Moving masked test data to the cloud, can provide the benefits of cloud computing to an organization, without the threat of a data leak.

Production Database

Real DataMasked

Test Database

In the Cloud

Masked Data

5

Page 6: DMsuite Static & Dynamic Data Masking Overview

TrainingWhat is it?

In both BPO and Internal Training situations, students need to have a robust set of data to simulate real world processing

Benefits

BPO providers and Testing organizations can simulate real world situations without exposing sensitive data

Production Database

Real DataMasked

Test Database

Masked Data

6

Page 7: DMsuite Static & Dynamic Data Masking Overview

Bringing on New ClientsWhat is it?

New clients for Prime Broker, Family Office and other areas require testing prior to going live.

Benefits

Utilizing DMsuiteTM can facilitate testing while ensuring that sensitive data is protected.

Masked Test

Database

Masked Data

7

Masked Data

Masked Data

Internal System

Page 8: DMsuite Static & Dynamic Data Masking Overview

Protection from HackersWhat is it?

Hackers pose a great threat to an organization’s data. Many firms house sensitive data in their non-production environments.

Benefits

Hackers who gain access to masked environments, come away with NOTHING.Organizations can focus their efforts on production environments.

Production Database

Real DataMasked

Test Database

Masked Data

8

Page 9: DMsuite Static & Dynamic Data Masking Overview

AnalyticsWhat is it?

Organizations are compiling data from various sources and running them through analytical models.

Benefits

Utilizing DMsuiteTM can facilitate testing while ensuring that sensitive data is protected.

Masked Test

Database

Masked Data

9

Masked Data

Masked Data

Analytical System

Page 10: DMsuite Static & Dynamic Data Masking Overview

DMsuite™ Static Data Masking DMsuiteTM replaces sensitive data with fictitious but realistic data so only

masked data flows through your organization.

Page 11: DMsuite Static & Dynamic Data Masking Overview

DMsuite™ Dynamic Data Masking

SQL Server or MySQL

Real (Unmasked) Values Masked Values

3307

3306

Name: XXXXXXXXXID Number: XXXX XXX XXXX XXX

Status: ActiveLast Activity: January 3rd, 2013Last Activity Type: A78

Name: John SmithID Number: 1234 123 5678 789

Status: ActiveLast Activity: January 3rd, 2013Last Activity Type: A78

Data on the database is not changed.Values are masked on their way to the UI.Can be applied to any field.Dynamic data masking only affects select queries and bypasses insert and update queries

Page 12: DMsuite Static & Dynamic Data Masking Overview

Names, Phone, Email Medicaid Number Address

• Street address, Zip+4• Care of…, Attn: ...

SSN or other national identifier Birth date and other dates Credit card #, bank account # Comment fields Customer ID Internal sequence keys

CUSTOMER PII & PATIENT PHI

Pricing, M&A, Contracts Confidential/Top Secret Provider Contracts Actuarial Calculations Security Identifiers CUSIP, ISIN,

SEDOL trade date Financials

• Price, quantity, legal fees, vendor payments

Assets/holdings

Employee or Corporate ID Salary, Benefits HR status

(termination, personnel issues)

Family data Manager information Cost Center data

Who Needs to Mask What DataAny Businesses Falling Under

HIPAA - Healthcare and Pharmaceutical are required to secure Patient Health InformationPCI DSS: Credit Card Industry StandardState privacy laws - All companies must follow their own similar to Senate Bill No 1386 – State of California

Gramm-Leach-Bliley Financial Services Modernization Act (1999) Sarbanes-Oxley Act (2002) CANADA: Jan 2005 – Personal Information Protection and Electronic Documents ActJAPAN: Apr 2005 – Personal Information Protection Law FRANCE: Oct 2005 – Computing and Liberties Act

TYPE I TYPE II

COMPANY SECRETS

TYPE IIICompany Data

EMPLOYEE

Page 13: DMsuite Static & Dynamic Data Masking Overview

DMsuite provides clients with a smart way to secure sensitive data, making it suitable for a large set of tasks without incurring unnecessary risks

– Reduces Risk of Breach• Masked data is suitable for numerous business activities. The fewer places real data

is stored the lower your risk of a breach.– Reduce by up to 80% the work required to Identify sensitive data

• DMsuite Profiler automates Identification of Sensitive Data across databases, copybooks, and files where your sensitive data is stored.

– Ideal for Test Data Management (TDM)• Automatically mask production data, with no need to do any programming.

– Enables Data Sharing• Share masked data quickly with partners, offshore and outside vendors .

– Lowers DBA, Application Development and Testing Costs • With fewer databases to secure and faster data provisioning, reduce your costs to

secure sensitive data (vs. Lockdown controls).– Masks ERP and other packaged software

• PeopleSoft, Oracle E-Business Suite, Lawson, SAP, Salesforce.

DMsuite Value Proposition

Page 14: DMsuite Static & Dynamic Data Masking Overview

DMsuite FeaturesA meta-data driven data masking product that automates a repeatable masking framework with powerful features and algorithms. “Shovel Ready” - Supports rapid implementation for a business unit and scalability for the enterprise.Patented 5th-generation masking algorithms designed to mask your data consistently, no matter where or how it is stored.Pre-populated profiles to get your masking program up and running quickly.Uses secure platform-independent technology (Java, XML). Conforms to your data refresh processes.Broad coverage of relational, file masking, big data, and mainframe required for all size enterprises:

• Automatic Referential Integrity for all of the supported persistence types

Integration features include working with LDAP & Microsoft Active Directory, Kerberos & SiteMinder

Page 15: DMsuite Static & Dynamic Data Masking Overview

DMsuite™ Masks…and keeps referential integrity across all of them

Page 16: DMsuite Static & Dynamic Data Masking Overview

Test Data ManagementDMsuite™ data masking enables:

– Test Data Management - the risk of a data breach in nonproduction environments is eliminated while still providing the highest quality test data for software development.

– Outsourcing, typically puts production data in nonproduction environments for testing, putting client data at risk if it’s not masked.

– Consulting companies are getting resistance from their clients regarding accessing sensitive data, since they may work for their clients’ competition as well.

– Break/Fix - If a vendor application breaks, fixes can be developed using masked data, eliminating the risk of exposure.

Page 17: DMsuite Static & Dynamic Data Masking Overview

DMsuite ROI

withoutDMsuite™

TMwithDMsuite™

TM

Effort

Time

Program Inception

Business as Usual Begins

Periodic Audit Legend:

Automated Analysis

Automated Change Capture

Automated Audit

Safe Re-Masking

• Targeted at Information Security professionals, no need to hire additional developers or DBA’s• No impact on Developers because no programming is required!• Makes the DBA’s life easier - only needed for initial configuration• Analysts can identify sensitive data quickly with the DMsuite™ Profiler• Auditors receive DMsuite™ Certification reports to show what data has been masked

Page 18: DMsuite Static & Dynamic Data Masking Overview

DMsuite 5-Step Process

Application Database with real

Production Data

Target Environment with Masked

Data

Step 1Identify

Step 2Select

Step 3Validate

Step 4Implement

Step 5Certify

DM Profiler DM Manager DM Generator

DM Applicator

DM Auditor

1

2

3

4

5

DM Profiler automatically identifies the location of your sensitive data and assigns masking algorithms.

DM Manager is the web application that allows users to manage the masking process or, just click a button to mask your data!

DM Generator reads the sensitive data inventory that you built with DM Profiler and DM Manager and generates XML code targeted to your environment.

DM Applicator runs the code created by DM Generator on the target platform: typically the DMsuite™ internal engine or other commercial tools.

DM Auditor runs Certification jobs that monitor data security. You set up alerts to notify you if any masked data becomes "polluted" with unmasked data.

Page 19: DMsuite Static & Dynamic Data Masking Overview

DMsuite SupportAxis provides world-class support through our DMsuite™ Customer Support Center

– Clients can contact the support center directly:

• Toll-free phone , E-mail and Online – Customer Support Plans

• Standard– Monday-Friday, Standard business hours

• Silver– Monday-Friday, Extended business hours

• Gold– 24/7 support– Dedicated support specialist– Direct access to DMsuite Product team

– All customer support plans include• Direct access to a Customer Support Specialist• Access to our online customer support center 24/7• Product updates

Page 20: DMsuite Static & Dynamic Data Masking Overview

© Copyright 2013 Axis Technology, LLC

know your data • protect your data • share your data

www.AxisDMsuite.com

Thank You!

70 Federal StreeetBoston, MA 02110(857) 445-0110

[email protected]