Admins then use DgMasker to select columns for masking, which are imported into DgMasker for fast masking-in-place. Masking with DgMasker allows enterprises to leverage application data for business analysis, test, development, and support activities without the risk of compromising sensitive information.
Watching a demonstration of Dataguise’s solution was enlightening. On the one hand, the product was impressive; on the other, the data it returned scared me tremendously. How many products these days use a database on the back end, even just SQL Express? And you don't think about it once it is installed and the app is running, right? But that data is open to others. This had me curious whether other vendors offered solutions targeted at unsecured data in production enterprise environments.
One possibility to assist with protecting your environment is to use a data storage encryption solution, such as those offered by EMC, NetApp, Vormetric, and others. Once you discover the location of the sensitive data in your environment, possibly with a tool such as DgDiscover, you can then look to another vendor’s tool to encrypt the data against theft.
Database masking, aka data sanitation or data scrambling, is one possible solution, as Dataguise’s product shows. With database masking, the real data is obscured, or replaced, with "realistic, but not real data," and it is typically used more with nonproduction environments, including development, testing, and business analysis. Sometimes when you work with copies of a production environment in order to test or develop, the production data is protected, but the data that has been copied for testing is not.
Companies such as IBM, Oracle, Dataguise, and others provide the ability to mask the data. In many cases, the software solution you choose can automatically mask the sensitive data when the test or development copy is created, saving you the extra step of discovery and then masking.
The discussion was an eye opener for me. It might be worth it for you to run a test of your own environment. See what databases exist and whether you might be able to glean some sensitive information. You might be surprised -- and horrified -- to see how open that data is. Mask it, encrypt it, lock it down.
If you are already aware and actively protecting your database data, lend some insight in the comments section as to what you use, how it is working for you, and what advice you might have for others to help them better protect their environment.
This article, "The perils of unprotected production data," was originally published at InfoWorld.com. Read more of J. Peter Bruzzese's Enterprise Windows blog and follow the latest developments in Windows at InfoWorld.com.