Dynamic Data Masking (DDM)

Protecting Database Columns at Risk in Real Time

Dynamic Data Masking


Dynamic data masking (DDM) usually works in conjunction with database applications in real time so that unauthorized users do not see actual column values. The IRI FieldShield data masking package for databases and flat files, or the IRI Voracity platform which includes FieldShield among many data management operations, can support your security objectives in several ways:




On-the-fly Redaction

Set user and query-based data masking rules for full or partial value obfuscation

ODBC Select / Update

Apply protections surgically to any given column value(s) in qualifying row(s)

DB Application(s) 

Use .NET or Java SDK library functions, or system-call job scripts on the fly

In-Situ Encryption, etc.

Call custom, DB-specific FieldShield routines from within SQL procedures*

Input/Output Routines

Drive real-time application data directly to / from FieldShield jobs in memory

Real-time Processing

Hadoop Spark and Storm processing of dynamic input streams in Voracity

Depending on your data flow and system architecture, you can also choose the other methods, which leverage the same FieldShield routines available for static data masking (SDM).

*Work with IRI professional services to obtain a customized implementation.