PROBLEM: Top 3 reasons to
mask data
There has been growing number of attacks on major
enterprises. Insider fraud is involved in 60% of data
breaches (Wall Street & Technology).
1: Data Breach
A
X
IS
D
A
TA
M
A
S
K
IN
G
A sample:
Industry
• Payment Card Industry Data Security Standard (PCI DSS)
Australia
• Privacy Amendment Act of 2000
Canada
• Personal Information Protection Act
European Union
• Personal Data Protection Directive of 1998
Hong Kong
• Hong Kong Personal Data (Privacy) Ordinance
USA
• Federal: HIPAA, ITAR, SOX, FISMA
• States: GLB, Mass 201 CMR
2: Regulatory
A
X
IS
D
A
TA
M
A
S
K
IN
G
Data masking enables outsourcing:
Outsourcing, both domestic and off-shore, instantly put production data in
non-production environments at risk.
Data masking enables using production data without exposure of private
data.
Data Export Controls prevent access to data outside the borders of a given
country
Vendor application break/fix can be facilitated with masked data
Consulting companies are getting resistance from corporate in accessing
sensitive data, since they often work for competition too.
3: Outsourcing
A
X
IS
D
A
TA
M
A
S
K
IN
G
DMsuite™ ©2011 Axis Technology, LLC. Confidential & Proprietary Information.
Company Data
Employee Data
Name
Phone number, Email
Address
• Street Address, Zip+4
• Care of…, Attn: ...
SSN or other national identifier
Birth date and other dates
Credit Card#, Bank Account#
Comment fields
Customer ID
Account#
Internal sequence key
Employee or Corporate ID
Salary, Benefits
HR status
(termination, personnel issues)
Family data
Manager information
Cost Center data
Vendor Data Security Identifiers
• CUSIP, ISIN, SEDOL Other Identifiers
• NAV, type of Security
• Name, Number, Symbol Activity
• Account balances, transactions, trade date Financials
• Price, quantity,
legal fees, vendor payments Assets/holdings
Comment fields Trade dates
Who Needs to Mask What Data
Healthcare and Pharmaceutical - required to secure PHI per HIPAA
Companies with customers in MA per MGL93H
All organizations must follow their state privacy laws similar to Senate Bill No 1386 – State of California
Healthcare and Pharmaceutical - required to secure PHI per HIPAA
All organizations must follow their state privacy laws similar to Senate Bill No 1386 – State of California
Companies required to follow Gramm-Leach-Bliley Financial Services Modernization Act (1999)
Companies required to follow Sarbanes-Oxley Act (2002)
Multi-nationals - face requirements including:
CANADA: Jan 2005 – Personal Information Protection and Electronic Documents Act
JAPAN: Apr 2005 – Personal Information Protection Law
FRANCE: Oct 2005 – Computing and Liberties Act
PII Data
M
A
S
K
I
N
G
W
H
O
,
W
H
A
T
,
W
H
Y
DMsuite
™ is a completely automated data masking solution across
a broad set of persistence platforms and designed to be rapidly
implemented and institutionalized.
How? — our unique approach is to break the association between
unique identifiers (SSN, Account #, etc.) and personally identifiable
data (Name, Address, Zip+4, etc.).
* Data Masking: redaction, de-identification, depersonalization, anonymization
* Data Masking: redaction, de-identification, depersonalization, anonymization
What is DMsuite?
A
X
IS
D
A
TA
M
A
S
K
IN
G
Value
Proposition
❍
DMsuite
™
provides our clients with a low cost way to
secure sensitive data making it suitable for a large set
of tasks without unnecessary risks
Reduces Risk
• Create masked data that is suitable for numerous of business activities. The number of sources for a potential breach are reduced.
Automates Identification of Sensitive Data
• Identify across databases, copybooks, and files. Reducing by up to 80%, the work associated with a data masking project.
Automates Creation of Masked Test Data
• Quickly and consistently create masked data automatically, no need to do any programming
Enables Data Sharing
• Share masked data quickly and safely with partners, third parties
V
A
L
U
E
P
R
O
P
O
S
IT
IO
N
TM
A sophisticated data masking product that provides an
automation framework with powerful features and algorithms. Supports
rapid implementation for a business unit and scalability for the
enterprise. Features...
5th generation masking algorithms designed to mask your data consistently no
matter where or how it is stored
Inventory and Rule based to get your masking program up and running quickly
Web based java application with intuitive user interface to centrally manage masking inventory and rules
Modular components that can be easily integrated for flexibility
Out-of-the box capability to mask packaged software: PeopleSoft, Oracle Financials
Uses secure platform independent technology (Java, XML) to rapidly generate code for the target platform (mainframe and distributed).
Methodology: the Axis proprietary, repeatable, and proven 5-step
process.
Rapid analysis using our unique Top down/Bottom up approach
Ability to on-board new applications quickly
Deliverables tailored to your stakeholders, from executives to developers (Includes customized version of our detailed Data Masking Process Guide "Cookbook“
Axis Data Masking Solution Features
D
M
su
ite
™
F
E
A
T
U
R
E
S
A sophisticated data masking product that enables rapid
implementation for the business unit and the scalability required for the
enterprise.
State of the art masking algorithms designed to mask your data
consistently no matter where or how it is stored
Web based java application with intuitive user interface to centrally
manage masking inventory and rules
Built-in support for all major databases and common file structures
Support for major all major application servers
Runs on Linux or Windows
Axis
Data Masking Solution
Summary
D
M
su
ite
™
F
E
A
T
U
R
E
S
Axis Technology, LLC
Boston New York
(857) 445-0110
www.AxisTechnologyLLC.com
DMsuite™ © 2011 Axis Technology, LLC. Confidential & Proprietary Information.
