Data Masking

TECHNICAL DEFINITION

Data masking is a data security process that replaces sensitive production data with structurally similar, non-sensitive, yet realistic surrogate data to protect privacy and comply with regulations. This irreversible transformation renders sensitive information unintelligible while preserving data format and utility for non-production environments such as development, testing, and training.

BACKGROUND

Data anonymization is a type of information sanitization whose intent is privacy protection. It is the process of removing personally identifiable information from data sets, so that the people whom the data describe remain anonymous.

SYNONYMS & ALIASES

• Data obfuscation
• Data anonymization
• Data pseudonymization
• Test data management
• Data sanitization

USAGE NOTE

It is widely used in software development and testing to ensure compliance with data privacy regulations like GDPR and HIPAA while enabling realistic application testing.

DEVELOPERS

Organizations developing technology related to Data Masking.

• Delphix

  Delphix provides a data platform that virtualizes, secures, and delivers data, offering automated data masking to protect sensitive information in non-production environments for development, testing, and analytics.

• Informatica

  Informatica offers comprehensive data management solutions, including advanced data masking capabilities as part of its data security and privacy products, supporting both static and dynamic data masking.

• IBM

  IBM provides data privacy and test data management solutions, including InfoSphere Optim Data Privacy and Test Data Management, which feature robust data masking capabilities to protect sensitive data across various environments.

• Oracle

  Oracle offers data security solutions, including the Oracle Data Masking and Subsetting Pack, which enables organizations to mask sensitive production data to create secure, representative test data sets.

• Micro Focus

  Through its Voltage SecureData platform, Micro Focus offers data-centric security solutions, including strong data masking, format-preserving encryption, and tokenization to protect sensitive data at rest, in motion, and in use.

• Protegrity

  Protegrity specializes in enterprise-grade data protection, offering data-centric security solutions that include tokenization and advanced data masking to secure sensitive data wherever it resides.

• Privitar

  Privitar develops privacy engineering software that enables organizations to safely and ethically use sensitive data by applying various de-identification techniques, including advanced data masking and generalization.

• IRI (Innovative Routines International)

  IRI's Voracity platform and CoSort data manipulation product offer data masking and de-identification capabilities, providing fast, scalable data transformation and protection for sensitive information.

• Broadcom

  Through its enterprise software portfolio, including CA Test Data Manager (formerly CA Technologies), Broadcom offers static and dynamic data masking features for test data management and data privacy compliance.