Presentation is loading. Please wait.

Presentation is loading. Please wait.

www.hexaware.com 2 © Hexaware Technologies. All rights reserved. www.hexaware.com 2 Agenda Data Masking - The needData theft - StatisticsObjectives &

Similar presentations


Presentation on theme: "www.hexaware.com 2 © Hexaware Technologies. All rights reserved. www.hexaware.com 2 Agenda Data Masking - The needData theft - StatisticsObjectives &"— Presentation transcript:

1

2 www.hexaware.com 2 © Hexaware Technologies. All rights reserved. www.hexaware.com 2 Agenda Data Masking - The needData theft - StatisticsObjectives & BenefitsFeaturesMasking TechniquesQ&A

3 www.hexaware.com 3 © Hexaware Technologies. All rights reserved. www.hexaware.com 3 Increasing number of regulations & policies governing Data privacy Exposing sensitive information while sharing non-production data during Outsourcing Unauthorized access of confidential data by insiders Legal consequences due to data theft by insiders and external vendors Business Challenges/Risks Data Masking – The Need

4 www.hexaware.com 4 © Hexaware Technologies. All rights reserved. www.hexaware.com 4 Data Masking – The Need Secure Zone Production environment Strict access restrictions Potential Risk Area Non - Production environment Looser access controls Vulnerable to security attacks

5 www.hexaware.com 5 © Hexaware Technologies. All rights reserved. www.hexaware.com 5 Statistics - The ‘Insider Threat’ Insider Threat to Compliance and Privacy 90% of major corporations detected security breaches 70% of corporations detected unauthorized access by insiders Myth: Hackers cause most security breaches Fact: “Disgruntled employees and other insiders accounted for more than 70% of the cyber attacks” Reference – Computer World

6 www.hexaware.com 6 © Hexaware Technologies. All rights reserved. www.hexaware.com 6 Security Layers Network Security Application Security OS Security Unauthorized Insider Access Data

7 www.hexaware.com 7 © Hexaware Technologies. All rights reserved. www.hexaware.com 7 Privacy Compliance Legislations Organizations today face a growing number of regulations that mandate the accuracy, protection and privacy of data across the enterprise 1995 2002 2004 UK Data Protection Act (1998) All companies doing business in UK European Data Privacy Directive (1998) All companies doing business in Europe handling PII HIPAA(1996) Healthcare & Insurance All U.S. businesses handling medical records Canadian – Personal Information Protection And Electronic Documents Act (2001) All companies doing business in Canada AUS Privacy Act (2000) All companies doing business in AUS Sarbanes Oxley All U.S. public companies and private foreign issuers Gramm-Leach Bliley (1999) Banks and financial services companies doing business in U.S.

8 www.hexaware.com 8 © Hexaware Technologies. All rights reserved. www.hexaware.com 8 Examples of sensitive data 1.Patient name 2.Medical record numbers 3.Health Plan Beneficiary Numbers Health Care/Medical 1.Grades 2.Student Financial Numbers 3.Financial Aid/Grants University 1.Funding/Sponsorship information 2.Human subject information Research 1.SSN 2.Name 3.Date of Birth 4.Contact Information 5.Pay components 6.Bank Account Number 7.Credit Card Number Employee Information Sector-wise Sensitive Information Common Sensitive Information

9 www.hexaware.com 9 © Hexaware Technologies. All rights reserved. www.hexaware.com 9 Objectives & Business Benefits Protection of employee data Adherence to data privacy legislations Create de- identified production database copies Opens the avenue for Outsourcing – Results in cost reduction De-identify sensitive data for internal use Reduces the overhead of implementing internal security access policies Availability of realistic data post-masking High quality data is available for testing – Delivery excellence Objectives Business Benefits Akiva Application data integrity No impact on existing functionality of Application – No additional cost

10 www.hexaware.com 10 © Hexaware Technologies. All rights reserved. www.hexaware.com 10 Where does Akiva fit in? Unmasked dataMasked data Copy of Production EMPLID – LU2947 NAME - Tom Fabris SSN - 643-75-9912 Email - employee@ company.com VendorzoneVendorzone EMPLID – FN1355 NAME - Kevin Peterson SSN - 231-28-1046 Email - kevin.peterson@ domain.com Copy of Production Production database Client zoneClient zone Akiva

11 www.hexaware.com 11 © Hexaware Technologies. All rights reserved. www.hexaware.com 11 Application-centred masking Akiva understands the complete Application Architecture Masking is performed after taking into consideration, the Business Processes and functionality in the Application Akiva is customizable - to suit custom built or home-grown Enterprise applications Akiva guarantees consistency post-masking

12 www.hexaware.com 12 © Hexaware Technologies. All rights reserved. www.hexaware.com 12 Features Multi-threading Supports parallel execution to reduce runtime Key field masking Supports masking of all key fields without any impact Flexibility Ability to choose any sensitive data across the enterprise Reusability Masking configurations can be reused for multiple runs Preview masking See a preview of the masked data before actual masking Batch Processing Akiva can be run from the command line as a batch process Masking Algorithms User can mask in numerous ways using inbuilt algorithms in Akiva Subset masking Masks only a selected set of tables Platform and Database Supports Unix and Windows platforms and runs on Oracle database

13 www.hexaware.com 13 © Hexaware Technologies. All rights reserved. www.hexaware.com 13 Features...Continued Data Integrity No impact on Business Processes User interface Simple, intuitive and user-friendly web interface Flat File masking Facilitates flat file masking Database Level Security Security permissions of Akiva are same as those privileged by the database Realistic Data Data post-masking is realistic and fully functional Ability to handle Customization Takes care of customizations in the application while masking Mask it your way Create your own masking algorithm

14 www.hexaware.com 14 © Hexaware Technologies. All rights reserved. www.hexaware.com 14 Algorithm Scramble Sequence number generator Pattern generator Combo Shuffle Generic shuffle Blank out Replacement SSN generator Luhn generator Rule based algorithm Country based name lookup Additional functions Scheduler Profiling Multi threading Schedule monitor Masking preview Key field masking Features

15 www.hexaware.com 15 © Hexaware Technologies. All rights reserved. www.hexaware.com 15 Masking Techniques 2 Shuffle Replace sensitive values with meaningful, readable data Before Masking Obrien, Kandy ObrienKandyLZ001 Peterson, Kevin PetersonKevinKU002 Adams, John AdamsJohnKU001 NameLast Name First Name EMP ID After Masking Pearson, Emily PearsonEmilyLZ001 Gilberto, Samuel GilbertoSamuelKU002 Bonner, Rob BonnerRobKU001 NameLast Name First Name EMP ID Sample fields Employee Name information, Address details Masking Techniques

16 www.hexaware.com 16 © Hexaware Technologies. All rights reserved. www.hexaware.com 16 Blankout Simply replaces a field with a value of “ ” or 0 Sample fields Employee Address details, Phone Number Before Masking 614/834-1247LZ001 847/729-5711KU002 608/831-0103KU001 Phone NumberEMP ID After Masking LZ001 KU002 KU001 Phone NumberEMP ID Masking Techniques

17 www.hexaware.com 17 © Hexaware Technologies. All rights reserved. www.hexaware.com 17 Replacement Simply replaces a field with a supplied static value Sample fields Email Address, Phone Number Before Masking Kandy.Obrien@domain.comLZ001 Kevin.Peterson@domain.comKU002 John.Adams@domain.comKU001 Email AddressEMP ID After Masking employee@company.comLZ001 employee@company.comKU002 employee@company.comKU001 Email AddressEMP ID Masking Techniques

18 www.hexaware.com 18 © Hexaware Technologies. All rights reserved. www.hexaware.com 18 Masking Techniques 2 Lookup Replace employee names and addresses choosing from an inbuilt repository of over 200,000 names Before Masking Obrien, KandyObrienKand y LZ001 Peterson, KevinPetersonKevinKU002 Adams, JohnAdamsJohnKU001 NameLast Name First Name EMP ID After Masking Julia, AngelineJuliaAngelineLZ001 Conrad, MichaelConradMichaelKU002 McKinley,LarryMcKinleyLarryKU001 NameLast Name First Name EMP ID Sample fields Employee Name information, Address details Masking Techniques

19 www.hexaware.com 19 © Hexaware Technologies. All rights reserved. www.hexaware.com 19 SSN Generator Generate valid US Social Security Numbers for all employees Sample fields SSN, NATIONAL_ID Before Masking 304-25-9151LZ001 152-08-2397KU002 002-01-0001KU001 SSNEMP ID After Masking 513-01-0087LZ001 513-01-0421KU002 513-01-0270KU001 SSNEMP ID Masking Techniques

20 www.hexaware.com 20 © Hexaware Technologies. All rights reserved. www.hexaware.com 20 Luhn Generator Generate numbers satisfying Luhn checksum condition Sample fields Credit Card Number Before Masking 5588 3201 2345 6783LZ001 4302 1519 0076 5981KU002 4552 7204 1234 5677KU001 Credit Card NumberEMP ID After Masking 4119 6175 2805 4704LZ001 5219 4473 6058 2919KU002 5490 1234 5678 9128KU001 Credit Card NumberEMP ID Masking Techniques

21 www.hexaware.com 21 © Hexaware Technologies. All rights reserved. www.hexaware.com 21 Before Masking FN3056LZ001 FN1149KU002 FN5297KU001 DEP_IDEMP ID After Masking PU0102LZ001 PU0101KU002 PU0100KU001 DEP_IDEMP ID Sequence Number Generator Generate alphanumeric sequences in order Masking Techniques

22 www.hexaware.com 22 © Hexaware Technologies. All rights reserved. www.hexaware.com 22 Random Number Generator Generate numbers in random Before Masking 855.47LZ001 309.12KU002 753KU001 COMPRATEEMP ID After Masking 138.59LZ001 670.05KU002 527.34KU001 COMPRATEEMP ID Masking Techniques

23 www.hexaware.com 23 © Hexaware Technologies. All rights reserved. www.hexaware.com 23 Pattern Generator Generates a set of numbers based on user-defined pattern Before Masking 917LZ001 242KU002 121KU001 MEMBERSHIP_IDEMP ID After Masking 716LZ001 501KU002 253KU001 MEMBERSHIP_IDEMP ID A SAMPLE PATTERN Requirement MEMBERSHIP_ID - 3 digit numbers satisfying the condition (Hundredth digit + Tenth Digit ) > Units Digit Example A valid number is 253, (2+5) > 3 An invalid number is 129, (1+2) < 9 Steps The requirement can be interpreted and broken down into the following steps (Digits are numbered from left to right). Step 1: S1 = Digit 1 + Digit 2 Step 2: S2 = S1 > Digit 3 Masking Techniques

24 www.hexaware.com 24 © Hexaware Technologies. All rights reserved. www.hexaware.com 24 Rule based masking Consistently masks the database based on rules/custom masking algorithms defined by the user. SAMPLE RULE 2 – FIELD RELATIONSHIP DEFINITION Requirement Mask all the pay details of employees Define Relationship between fields NP – Net Pay GP – Gross Pay BP – Basic Pay HRA – House Rent Allowance DA – Dearness Allowance Step 1: NP = GP - Tax Step 2: Tax = 20% GP Step 3: GP = BP + HRA + DA Step 4: HRA = 50% BP Step 5: DA = 10% BP SAMPLE RULE 1 – CUSTOM MASKING ALGORITHM Requirement Decrease the Compensation Rate Code field value by a fixed percentage. Define custom masking algorithm COMPRATE – Compensation Rate Code field Step 1: Step 1 = 30% of COMPRATE Step 2: COMPRATE = Step 1 Masking Techniques

25 www.hexaware.com 25 © Hexaware Technologies. All rights reserved. www.hexaware.com 25 Rule based masking sample data Before Masking 14080 13473.2 12800 NP 17600 16841.6 16000 GP 5500110011000LZ001 52631052.610526KU002 5000100010000KU001 HRADABPEMP ID Masking Techniques After Masking 72089.6 70183.6 69529.6 NP 90112 87729.6 86912 GP 28160563256320LZ001 274155483.154831KU002 27160543254320KU001 HRADABPEMP ID

26 www.hexaware.com 26 © Hexaware Technologies. All rights reserved. www.hexaware.com 26 akiva@hexaware.com Thank You


Download ppt "www.hexaware.com 2 © Hexaware Technologies. All rights reserved. www.hexaware.com 2 Agenda Data Masking - The needData theft - StatisticsObjectives &"

Similar presentations


Ads by Google