PII Data Protection
Data Masking Solutions
Find and Fix Data at Risk
Classify PII centrally, search for it globally, and mask it automatically. Preserve realism, referential integrity and/or reversibility using field-level encryption, pseudonymization, synthesis, and other shareable rules for production and test environments. Leverage RBACs, custom business logic, DQ and ETL features, etc.
Learn more
Comply with Data Privacy Laws
De-identify, delete, deliver, or anonymize data subject to GDPR, DPDPA, HIPAA, PCI, POPI, PIPEDA, PCI-DSS, SOC2, etc. using your on-premise or cloud hardware. Verify compliance via human- and machine-readable search reports, job audit logs, and re-identification risk scores.
Learn more
Protect Data throughout its Lifecycle
Optionally mask data as you map it. Apply FieldShield functions in IRI Voracity ETL, federation, migration, replication, subsetting, or analytic jobs. Run FieldShield from Actifio, Commvault or Windocks to mask DB clones. Use deterministic masking functions consistently to preserve data integrity across your schema and beyond.
Learn more
References
FieldShield Use Cases
Payment Card Industry Data (PCI)
"FieldShield decrypts and re-encrypts fields in our credit card migration and test sources, and easily generates and manages encryption keys."
Protected Health Information (PHI)
"We continue to rely on FieldShield for flat-file and DB de-identification in order to comply with government healthcare privacy regulations."
Personally Identifiable Information (PII)
"We use FieldShield to anonymize HR data in complex file feeds, to segment and substitute values based on field-level conditions."
Do You Need FieldShield?
- Do you collect or process PII or other "data at risk"?
- Do you know where (all of) it is?
- Is that data safe from a breach; i.e., could it be used were it stolen or exposed?
- Does your department comply with data privacy regulations?
- Can you prove it?
- Do you use multiple tools or methods to protect different DB columns in different ways?
- Do you need data masked the same way across different database and file formats?
- Can you protect only the data at risk, so you can see and use the non-sensitive data?
- Does your masked data look real enough?
- Is it deterministic (referentially correct)?
- Can you score your masked data sets for re-ID risk and anonymize quasi-identifers?
- Does it take too long to learn, implement, modify, or optimize your data masking jobs?
- Can you mask data in your ETL, subsetting, migration/replication, CDC or reporting tasks?
The Sensitive Data Masking Tool
Structured Sources:
Flat Files
ASN.1 CDRs
RDB & NoSQL DBs
Excel Spreadsheets
Flat JSON & XML Files
Mainframe / Index Files
S3, Azure, GCP, OneDrive
MQs, Pipes, Programs & URLs
Multiple Functions:
Blur or Bucket
Bit Shift/Scramble
Encrypt & Decrypt
Encode & Decode
Delete or Redact
Hash or Tokenize
Pseudonymize & Restore
Randomize or Customize
Many Deployments:
Eclipse IDE
Command Line
Batch/Shell Scripts
Ad Hoc or Scheduled
In-situ/SQL Procedures
System/API Library Calls
Replication, Test & DevOps
Incremental Update/Refresh
Data Masking White Paper
Download here.
Learn more about FieldShield
What Others Are Reading
Data Masking vs. Data Encryption
Do you know the differences between them? Learn about these two popular forms of data obfuscation and when to use them.
Which Masking Function is Best?
Read this review of the important decision criteria, including realism, reversibility, consistency, speed, and security.
PCI Tokenization in FieldShield
The Payment Card Industry Data Security Standard, or PCI DSS, requires encryption or tokenization of primary account numbers.
