Static data masking (SDM) is defined as, “The act of permanently replacing sensitive data at rest with a realistic fictional equivalent for the purpose of protecting data from unwanted disclosure.” Industry analysts characterize SDM as a must-have data protection layer capable of protecting large swaths of data within an organization.
How organizations use static data masking
Copying sensitive data into misconfigured or unsecured testing environments happens more frequently than organizations would like to admit. Unfortunately, it is often the path of least resistance to rapid development, even though doing it is just about the worst security practice imaginable. This is where static data masking comes in. SDM provides a best-practice data protection alternative to copying sensitive data into unsecured environments for functions such as testing or development.
By using SDM, organizations can provide high-quality fictional data for the development and testing of applications without disclosing sensitive information. The more realistic the SDM tool can make the sensitive data, the more effective development and testing teams can be in identifying defects earlier in their development cycle. SDM facilitates cloud adoption because DevOps workloads are among the first that organizations migrate to the cloud. Masking data on-premises prior to uploading it to the cloud reduces the risk for organizations concerned with cloud-based data disclosure.
Organizations also use SDM to anonymize data they use in analytics and training as well as to facilitate compliance with standards and regulations (such as GDPR, PCI, HIPAA, etc.) that require limits on sensitive data that reveals personally identifiable information (PII).
In practical terms, SDM makes sensitive data unsensitive because it applies data transformations as it makes a realistic looking database copy. If an attacker compromises a non-production, statically masked database, the sensitive data might look like real data, but it isn’t. SDM does not slow down or change the way an application using the data will work because it applies SDM on all data up-front, so there is no impact once the masked database is made available to the various functions. SDM dramatically simplifies the securing of non-production data, because all sensitive data has been replaced, so there is no need to implement fine-grained object-level security.
How static data masking strengthens a data security fabric
Imperva’s Data Security Fabric (DSF) enables security and compliance teams to quickly and easily secure sensitive data no matter where it resides with an integrated, proactive approach to visibility, control, and compliance automation. To strengthen its existing data security fabric solution, Imperva is partnering with Mage™ Static Data Masking to deliver SDM capabilities to Imperva DSF customers. While Imperva DSF provides real-time protection of live production data, Mage™ de-identifies data in non-production environments. Mage™ brings a static data masking capability that complements Imperva DSF, works across multiple data platforms, and supports flexible deployment mechanisms to integrate seamlessly into the existing enterprise IT framework without the need for any additional architectural changes. This partnership is emblematic of Imperva’s commitment to work with technology partners like Mage to remove barriers and friction for customers and create a real “partner network fabric” that makes it easier for our customers to experience us all integrated as one weave, committed to achieving real data security.
Imperva Data Security Fabric and Mage™ Static Data Masking are better together
These two industry-leading technologies will be a great enabler for organizations that require a truly comprehensive solution to achieve their data security goals. As organizations move to more modern data platforms and the threat landscape becomes bigger and more complex, they will undoubtedly benefit from what this single, seamlessly integrated data security framework/fabric has to offer. The best way to find out how Imperva Data Security Fabric with Mage™ Static Data Masking can help your organization is download this handy data sheet and speak with an Imperva Solutions Representative.
Try Imperva for Free
Protect your business for 30 days on Imperva.