DataSunrise Data Masking for Percona Server MySQL
Data Obfuscation for Percona Server for MySQL
Hiring external developers for conducting tests and application development is in common practice although it has some security threats. Companies storing clients’ personal information or corporate secrets have to pay attention in order to protect the confidentiality of their database contents. DataSunrise data masking tool changes the original records stored on Percona Server for MySQL databases with fictive data or random characters. Records undergo enough changes so that they can’t be retrieved using reverse engineering, while they still remain meaningful on the application layer.
Masking is also an effective access privilege assignment tool for various business needs, like sharing corporate data with outsource partners or call center department. Social security and credit card numbers can be replaced with realistic values.
DataSunrise is designed to be effective and simple. The soft is deployed with minimum effort and its customizable settings allow to maximally simplify working with the system. It performs masking dynamically at the time of a request, which means there is no need to copy the database.
How data masking is performed
Let’s see the masking abilities of DataSunrise on the example of this table with personally identifiable information:
First of all we need to create masking rules for the columns we want to hide. Rule settings allow to select masking schedule, users from whom the columns will be concealed and choose masking type. There are ready patterns for different types of data (like date, credit card number, email, etc).
We applied different obfuscation types for all columns except the ones with names and phone numbers. After saving rules we tried to retrieve the same table again. DataSunrise functions as a proxy for Percona Server for MySQL database users, so it intercepts the query from our application and changes it according to masking rules. The updated query goes to the database and grants a user masked data. The output result is given below:
DataSunrise data masking solution replaces real data with fictive values, remaining it available for tests and application development. It minimizes the risk of sensitive data leak and gives the opportunity to share the database with third-party organizations without violating privacy and security regulations of confidential data.