MariaDB Data Masking by DataSunrise
MariaDB Data Masking is designed to protect personally identifiable and sensitive data. Data masking can be used on non-production databases to protect confidential information from the third parties or to limit exposure to analysts, testers, developers. There is no need for the data to be genuine, but it must be consistent enough to support proper functioning of a third-party or custom application.
DataSunrise quickly masks large volumes of data. Dynamic and static data masking features function using the same technology but they have some significant differences. While static masking is done by applying masking rules to the copy of the target database, dynamic masking enable masking of only the requested tables before sending them to the requester.
Dynamic data masking solution for MariaDB is deployed as a proxy between a client and the database. Clients access production database through DataSunrise proxy only. Any direct communication between a client and the database is disabled. DataSunrise intercepts a client query, changes it according to existing security rules and redirects the modified (“masked”) query to the database. Having received “masked” query, the database outputs obfuscated data instead of real values originally requested by the client. This way the real data never leaves the database.
Protect the confidentiality of sensitive data by stationary masking algorithms for dates, emails, time periods, credit card numbers, etc. Regular expressions used to search certain types of data can be edited and adjusted according to specifics of searched data.
The following pictures depicts a table with masked values: