The routines. C. Secure and Test: This is the

The user provides their login credentials and is accordingly allowed or
denied access. They can access or update the data as per their assigned access
privileges. Whenever the data needs to be accessed for any
non
production environments, the user will send in
a query through the application. The application
forwards this query to the server/database. The query is processed and the
result (unmasked) is captured by the application where it is masked
dynamically, after which a realistic
looking but fake data is generated on which the tests can be carried out. This prevents the
exposure of sensitive production data
to testers, developers etc.

A
comprehensive 4-step approach to implementing data masking . These steps are:

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

 

A.   
Analyse Sensitive Data

 This phase identifies sensitive or regulated data
across the entire organization. The purpose is to come up with the list of
sensitive data elements specific to the organization and
discover the associated tables, columns and relationships across databases that
contain the sensitive data. This is carried out usually by data,
security and business analysts.

 

B.   
Assess

This phase identifies the masking algorithms to replace the
original sensitive data. Developers or DBAs work with business or security
analysts  with their own masking
routines.

 

C.   
 Secure and Test:

 

This is the iterative phase. The masking process is executed to
secure the sensitive data by the security administrator. Once the masking
process has completed and has been verified, the DBA then hands over the
environment to the application testers. The production users execute
application processes to test whether the resulting masked data can be turned
over to the other non-production users. If the masking routines need to be
tweaked further, the DBA restores the database to the pre-masked state, fixes
the masking algorithms and re-executes the masking process.