Incremental data masking

Automatic real-time data updating and masking

Data masking - overview
Auditing
DPDPA
CCPA
DLP
FERPA
GDPR
HIPAA
PCI DSS
DMaaS
Static (SDM)
Dynamic (DDM)
Real time
Test data/TDM
Data masking in real time

Real-time data masking typically involves the automatic, incremental updating and obfuscation of personal data in databases or files when new data or changes to data are present in supported sources. It can also refer to the masking of data streams from pipes, programs, or message queues like Kafka and MQTT.

In the case of databases, the incremental data masking feature of IRI Ripcurrent in IRI Voracity the data masking tools IRI FieldShield and IRI DarkShield includes) consistent (rule-based) Static Data Masking Functions Apply to classified data when rows are inserted or updated in MS SQL, MySQL, Oracle, or PostgreSQL source tables.

Ripcurrent offers incremental data masking in Oracle, but for Oracle, there's also a real-time trigger option for encrypting or decrypting data during queries. See this examplel for in-situ data masking for real-time data protection in Oracle databases.

In the case of data streams over pipes, programs, or message queues, both IRI FieldShield and IRI DarkShield can support the masking of payload data in various ways, including:

  • File Naming for Standard Input (stdin) and /STREAM Processing in FieldShield Job Scripts
  • Custom /INPROCEDURE code for FieldShield JOP scripts (written in C)
  • Built-in MQTT support in FieldShield
  • API calls in DarkShield for each of the above points

For structured (flat) file sources with similar real-time data protection requirements, you can set up a file monitoring program, for example, via PowerShell, that triggers a FieldShield operation when new or changed files be recognized by the operating system.

It is also possible to trigger by Database procedures or external programe to define, which can then enable IRI data masking functionality through FieldShield (structured) or DarkShield (semi-structured and unstructured) data masking operations.

Further real-time data masking tools from IRI include 1) the standalone FieldShield database masking product, 2) the CoSort data transformation program, and 3) the IRI Voracity data management platform, all of which use the same underlying data definition and manipulation engine, namely SortCL. SortCL scripts can specify static data masking functions that are applied to specific columns or rows based on changes in data values (e.g., timestamps) in source tables or files. See this example.

In each of these scenarios, you can IRI Professional Services collaborate to develop an incremental data masking solution precisely tailored to your use case.

Ensure real-time data privacy through incremental data masking! To learn how to deploy one or more of these data-centric real-time security tools in your environment, please request information using the form below. See also:

Real-Time Incremental Data Masking (Ripcurrent) Blog Post

Solutions > Data Masking > Static Data Masking (SDM)

Solutions > Data Masking > Dynamic Data Masking (DDM)

Blog > Data Privacy > FieldShield SDK