Solutions

For detection control, review the field-level protections specified in the self-documenting, human-readable job scripts used in the IRI FieldShield and IRI CoSort (SortCL) software products or IRI Voracity data management platform.

For proof, log all jobs to the query-ready XML audit file. The audit trail contains the job script, which shows the protection technique(s) applied to each field in each table or file processed. The log also contains other job metadata, like the:

• protection library function(s) used
• encryption keys or de-ID codes
• input and output tables or files
• user who ran the job
• job start and end times
• number of records processed

For prevention control, you can review your jobs to validate a developer’s protections of output fields prior to execution.

For example, masking the SSN field in a payroll feed  is a matter of connecting to your sources (or existing jobs) and clicking through a new job wizard or modifying existing parameters in a dialog or script. Some of the functions you can apply (ad hoc or as a rule), are:

• encryption and decryption
• anonymization via pseudonymization
• data masking
• de-identification and re-identification
• field redaction

As a compliance officer, you can see the protection(s) in each self-documenting job script. Once approved, the job can be saved or run on any local or remote server running the IRI program

After execution, the job script can be isolated and protected for re-use in production.