Data Masking with PgBouncer - DataSunrise
PgBouncer & Data Masking
Connection pooling in PostgreSQL, Greenplum databases is performed by PgBouncer. Data masking solution by DataSunrise allows masking sensitive data while PgBouncer is functioning.
DataSunrise effectively performs data masking along with PgBouncer, even if it is implemented at the higher level compared to PgBouncer. DataSunrise retrieves the source address of the requester and sends masked data to the genuine requester.
Dynamic data masking, compared to static masking, has some significant advantages. There is no need to assign additional storage space for the duplicate of the database. Pgbouncer Data Masking is performed right after the sensitive data is requested.
With DataSunrise you can create masking rules using pre-defined patterns, they can be adjusted to various business purposes.
How Dynamic Data Masking Works with PgBouncer
To demonstrate the DataSunrise masking rules in action we’ve created a table containing personal information.
First of all, we need to enter GUI and create masking rules for the columns we want to conceal. Then we add IP addresses or hosts that the columns will be masked for. There are various masking patterns for different types of data.
DataSunrise intercepts transactions targeted to the columns we’ve chosen and obfuscates the sensitive data according to selected policies forwarding the server answer though PgBouncer. PgBouncer Data Masking is done dynamically at the moment of request. Here’s what we get after masking rules are applied:
DataSunrise retrieves real requesters of sensitive data through PgBouncer Data Masking and performs actual data masking, protecting the confidentiality of personally identifiable and other sensitive information.