DataSunrise Dynamic Data Masking for Amazon Redshift

Amazon Redshift data masking by DataSunrise helps to hide your sensitive data.

Let’s assume that you hired some outsourced IT specialists to customize your Amazon Redshift database to your business needs. The point is that in most cases contractors don’t need a live database in itself, but a database “dummy” only. DataSunrise Data Masking obfuscates the database output, making it impossible for bad guys to guess or reverse-engineer actual database contents.

Tech Info

Typical scenario of sharing Amazon Redshift with out-source or off-shore companies for testing or development purposes involves huge risks of sensitive data being accidentally or even intentionally leaked.

To ensure your production data to be safely used by those who actually do not need to see real database contents, DataSunrise has the built-in functional component called Amazon Redshift Data Masking.

Obviously advantageous Amazon Redshift Data Masking becomes critical technology in confidential data protection. The functional feature increases security allowing to avoid violation of data privacy protection regulations, as well as ensures freely usage of Amazon Redshift production data. As it is seen in the following example of a query result, the DataSunrise Amazon Redshift Data Masking component provides with reliable masking of what is required to be private and confidential:


amazon redshift data masking


Fast and easy implementation of masking at the very moment of request is called DataSunrise Amazon Redshift Dynamic Data Masking. The process consists in intercepting a query to Amazon Redshift, modifying it according to preset masking rules, transferring to the database that responds and sends data with masked information. The gist is that various outsourced specialists, testers, developers, etc. still have access to Amazon Redshift, though all the information that is considered to be sensitive becomes cryptic to them. At the same time as per set rules these fields are well understood and transparent for employees with privileged rights.

The second option is to conceal data statically. A copy of an entire Amazon Redshift database is made, columns containing sensitive data are selected and masked in accordance with required masking policies. That means there is no chances to extract original confidential information as there is no any in the copied database. The static masking process provided by DataSunrise Amazon Redshift Static Data Masking just requires updating, though ensures high protection level.

In spite of necessity to have additional hardware resources for storing the duplicated database, the method considered safe and reliable as no sensitive information accidentally leaves Amazon Redshift unmasked. All the required fields that must be unclear to developers, contractors and other non-privileged users are securely concealed, and this allows them to do their job without risk of revealing company’s corporate data.

Generally speaking, Amazon Redshift Data Masking ensures sensitive data to be integral, available for any required nonproduction purpose and at the same time confidential.

Related Articles