Data Breaches Solved with Data Masking for Oracle, Salesforce, SAP and Snowflake Applications.

A leading manufacturer of industrial equipment with operations spanning numerous geographies was faced with the daunting task of handling sensitive data in its non-production instances. The data used for testing purposes in lower instances included “Personally identifiable Information (PII)”, which had to be masked to meet internal company compliance guidelines and regulatory statutes.

Client contacted ChainSys to assist with data masking utilizing the ChainSys dataZense offering.

Client utilizes multiple Applications and underlying databases that contain PII data. The primary systems that contain such data are:

• Oracle EBS
• Salesforce
• Snowflake
• MS SQL Server

Examples of typical Critical Attributes to be identified include: 

• Full Name
• All Elements of Dates associated with an Individual, including Date of Birth, Date of Death and Date of Provision of a Service
• Social Security Number
• Passport Number
• Physical Address
• Telephone Numbers
• Fax Numbers
• Electronic Mail Addresses

The identified PII attributes had to be masked in non-production instances before the data was utilized for testing.

ChainSys proposed its dataZense product to enable data masking.

dataZense tool provisions a scalable solution for: 

• Running data profiling process to identify PII Attributes in the systems considered for Sensitive Data Identification (PII) for both structured and unstructured data
• Review and Approve - identified PII attributes go through False-Positive / False-Negative analysis & finalized PII attributes are considered for remediation
• Governance process to get consent from the data owners to “Keep” the PII data in systems (Production and Non-Production)
• Data Masking is triggered once the Owner gives consent on the PII data attributes
• Tool maintains lineage of PII data attributes – links the data to the data owner
• Continuous monitoring for PII attributes is enabled