Presentation is loading. Please wait.

Presentation is loading. Please wait.

www.hexaware.com 2 © Hexaware Technologies. All rights reserved. www.hexaware.com 2 Agenda Data Masking - The needData theft - StatisticsObjectives &

Similar presentations


Presentation on theme: "www.hexaware.com 2 © Hexaware Technologies. All rights reserved. www.hexaware.com 2 Agenda Data Masking - The needData theft - StatisticsObjectives &"— Presentation transcript:

1

2 2 © Hexaware Technologies. All rights reserved. 2 Agenda Data Masking - The needData theft - StatisticsObjectives & BenefitsFeaturesMasking TechniquesQ&A

3 3 © Hexaware Technologies. All rights reserved. 3 Increasing number of regulations & policies governing Data privacy Exposing sensitive information while sharing non-production data during Outsourcing Unauthorized access of confidential data by insiders Legal consequences due to data theft by insiders and external vendors Business Challenges/Risks Data Masking – The Need

4 4 © Hexaware Technologies. All rights reserved. 4 Data Masking – The Need Secure Zone Production environment Strict access restrictions Potential Risk Area Non - Production environment Looser access controls Vulnerable to security attacks

5 5 © Hexaware Technologies. All rights reserved. 5 Statistics - The ‘Insider Threat’ Insider Threat to Compliance and Privacy 90% of major corporations detected security breaches 70% of corporations detected unauthorized access by insiders Myth: Hackers cause most security breaches Fact: “Disgruntled employees and other insiders accounted for more than 70% of the cyber attacks” Reference – Computer World

6 6 © Hexaware Technologies. All rights reserved. 6 Security Layers Network Security Application Security OS Security Unauthorized Insider Access Data

7 7 © Hexaware Technologies. All rights reserved. 7 Privacy Compliance Legislations Organizations today face a growing number of regulations that mandate the accuracy, protection and privacy of data across the enterprise UK Data Protection Act (1998) All companies doing business in UK European Data Privacy Directive (1998) All companies doing business in Europe handling PII HIPAA(1996) Healthcare & Insurance All U.S. businesses handling medical records Canadian – Personal Information Protection And Electronic Documents Act (2001) All companies doing business in Canada AUS Privacy Act (2000) All companies doing business in AUS Sarbanes Oxley All U.S. public companies and private foreign issuers Gramm-Leach Bliley (1999) Banks and financial services companies doing business in U.S.

8 8 © Hexaware Technologies. All rights reserved. 8 Examples of sensitive data 1.Patient name 2.Medical record numbers 3.Health Plan Beneficiary Numbers Health Care/Medical 1.Grades 2.Student Financial Numbers 3.Financial Aid/Grants University 1.Funding/Sponsorship information 2.Human subject information Research 1.SSN 2.Name 3.Date of Birth 4.Contact Information 5.Pay components 6.Bank Account Number 7.Credit Card Number Employee Information Sector-wise Sensitive Information Common Sensitive Information

9 9 © Hexaware Technologies. All rights reserved. 9 Objectives & Business Benefits Protection of employee data Adherence to data privacy legislations Create de- identified production database copies Opens the avenue for Outsourcing – Results in cost reduction De-identify sensitive data for internal use Reduces the overhead of implementing internal security access policies Availability of realistic data post-masking High quality data is available for testing – Delivery excellence Objectives Business Benefits Akiva Application data integrity No impact on existing functionality of Application – No additional cost

10 10 © Hexaware Technologies. All rights reserved. 10 Where does Akiva fit in? Unmasked dataMasked data Copy of Production EMPLID – LU2947 NAME - Tom Fabris SSN company.com VendorzoneVendorzone EMPLID – FN1355 NAME - Kevin Peterson SSN domain.com Copy of Production Production database Client zoneClient zone Akiva

11 11 © Hexaware Technologies. All rights reserved. 11 Application-centred masking Akiva understands the complete Application Architecture Masking is performed after taking into consideration, the Business Processes and functionality in the Application Akiva is customizable - to suit custom built or home-grown Enterprise applications Akiva guarantees consistency post-masking

12 12 © Hexaware Technologies. All rights reserved. 12 Features Multi-threading Supports parallel execution to reduce runtime Key field masking Supports masking of all key fields without any impact Flexibility Ability to choose any sensitive data across the enterprise Reusability Masking configurations can be reused for multiple runs Preview masking See a preview of the masked data before actual masking Batch Processing Akiva can be run from the command line as a batch process Masking Algorithms User can mask in numerous ways using inbuilt algorithms in Akiva Subset masking Masks only a selected set of tables Platform and Database Supports Unix and Windows platforms and runs on Oracle database

13 13 © Hexaware Technologies. All rights reserved. 13 Features...Continued Data Integrity No impact on Business Processes User interface Simple, intuitive and user-friendly web interface Flat File masking Facilitates flat file masking Database Level Security Security permissions of Akiva are same as those privileged by the database Realistic Data Data post-masking is realistic and fully functional Ability to handle Customization Takes care of customizations in the application while masking Mask it your way Create your own masking algorithm

14 14 © Hexaware Technologies. All rights reserved. 14 Algorithm Scramble Sequence number generator Pattern generator Combo Shuffle Generic shuffle Blank out Replacement SSN generator Luhn generator Rule based algorithm Country based name lookup Additional functions Scheduler Profiling Multi threading Schedule monitor Masking preview Key field masking Features

15 15 © Hexaware Technologies. All rights reserved. 15 Masking Techniques 2 Shuffle Replace sensitive values with meaningful, readable data Before Masking Obrien, Kandy ObrienKandyLZ001 Peterson, Kevin PetersonKevinKU002 Adams, John AdamsJohnKU001 NameLast Name First Name EMP ID After Masking Pearson, Emily PearsonEmilyLZ001 Gilberto, Samuel GilbertoSamuelKU002 Bonner, Rob BonnerRobKU001 NameLast Name First Name EMP ID Sample fields Employee Name information, Address details Masking Techniques

16 16 © Hexaware Technologies. All rights reserved. 16 Blankout Simply replaces a field with a value of “ ” or 0 Sample fields Employee Address details, Phone Number Before Masking 614/ LZ / KU / KU001 Phone NumberEMP ID After Masking LZ001 KU002 KU001 Phone NumberEMP ID Masking Techniques

17 17 © Hexaware Technologies. All rights reserved. 17 Replacement Simply replaces a field with a supplied static value Sample fields Address, Phone Number Before Masking AddressEMP ID After Masking AddressEMP ID Masking Techniques

18 18 © Hexaware Technologies. All rights reserved. 18 Masking Techniques 2 Lookup Replace employee names and addresses choosing from an inbuilt repository of over 200,000 names Before Masking Obrien, KandyObrienKand y LZ001 Peterson, KevinPetersonKevinKU002 Adams, JohnAdamsJohnKU001 NameLast Name First Name EMP ID After Masking Julia, AngelineJuliaAngelineLZ001 Conrad, MichaelConradMichaelKU002 McKinley,LarryMcKinleyLarryKU001 NameLast Name First Name EMP ID Sample fields Employee Name information, Address details Masking Techniques

19 19 © Hexaware Technologies. All rights reserved. 19 SSN Generator Generate valid US Social Security Numbers for all employees Sample fields SSN, NATIONAL_ID Before Masking LZ KU KU001 SSNEMP ID After Masking LZ KU KU001 SSNEMP ID Masking Techniques

20 20 © Hexaware Technologies. All rights reserved. 20 Luhn Generator Generate numbers satisfying Luhn checksum condition Sample fields Credit Card Number Before Masking LZ KU KU001 Credit Card NumberEMP ID After Masking LZ KU KU001 Credit Card NumberEMP ID Masking Techniques

21 21 © Hexaware Technologies. All rights reserved. 21 Before Masking FN3056LZ001 FN1149KU002 FN5297KU001 DEP_IDEMP ID After Masking PU0102LZ001 PU0101KU002 PU0100KU001 DEP_IDEMP ID Sequence Number Generator Generate alphanumeric sequences in order Masking Techniques

22 22 © Hexaware Technologies. All rights reserved. 22 Random Number Generator Generate numbers in random Before Masking LZ KU KU001 COMPRATEEMP ID After Masking LZ KU KU001 COMPRATEEMP ID Masking Techniques

23 23 © Hexaware Technologies. All rights reserved. 23 Pattern Generator Generates a set of numbers based on user-defined pattern Before Masking 917LZ KU KU001 MEMBERSHIP_IDEMP ID After Masking 716LZ KU KU001 MEMBERSHIP_IDEMP ID A SAMPLE PATTERN Requirement MEMBERSHIP_ID - 3 digit numbers satisfying the condition (Hundredth digit + Tenth Digit ) > Units Digit Example A valid number is 253, (2+5) > 3 An invalid number is 129, (1+2) < 9 Steps The requirement can be interpreted and broken down into the following steps (Digits are numbered from left to right). Step 1: S1 = Digit 1 + Digit 2 Step 2: S2 = S1 > Digit 3 Masking Techniques

24 24 © Hexaware Technologies. All rights reserved. 24 Rule based masking Consistently masks the database based on rules/custom masking algorithms defined by the user. SAMPLE RULE 2 – FIELD RELATIONSHIP DEFINITION Requirement Mask all the pay details of employees Define Relationship between fields NP – Net Pay GP – Gross Pay BP – Basic Pay HRA – House Rent Allowance DA – Dearness Allowance Step 1: NP = GP - Tax Step 2: Tax = 20% GP Step 3: GP = BP + HRA + DA Step 4: HRA = 50% BP Step 5: DA = 10% BP SAMPLE RULE 1 – CUSTOM MASKING ALGORITHM Requirement Decrease the Compensation Rate Code field value by a fixed percentage. Define custom masking algorithm COMPRATE – Compensation Rate Code field Step 1: Step 1 = 30% of COMPRATE Step 2: COMPRATE = Step 1 Masking Techniques

25 25 © Hexaware Technologies. All rights reserved. 25 Rule based masking sample data Before Masking NP GP LZ KU KU001 HRADABPEMP ID Masking Techniques After Masking NP GP LZ KU KU001 HRADABPEMP ID

26 26 © Hexaware Technologies. All rights reserved. 26 Thank You


Download ppt "www.hexaware.com 2 © Hexaware Technologies. All rights reserved. www.hexaware.com 2 Agenda Data Masking - The needData theft - StatisticsObjectives &"

Similar presentations


Ads by Google