Upload
lorin-shaw
View
212
Download
0
Embed Size (px)
Citation preview
IRI Data Protector Suite:Data Masking & Test Data
1st Quarter 2015
IRI, The CoSort Company
Corporate Background
Old ISV, new Gartner client (known to data integration team)
Focus on big data management and data-centric protection
Profitable, closely held since 1978
HQ on Florida's Space Coast, SE of Orlando
Resellers in >40 major cities outside the US
Partnered with leading hardware OEMs and ISVs
Organic product growth and Eclipse platform strategy
IRI Workbench
All IRI tools (except CellShield for Excel) everage the data definition file (.ddf) syntax used by CoSort's SortCL program, which is also supported by the IRI Workbench GUI built on Eclipse, and the Meta Integration Model Bridge (MIMB). MIMB can convert data layout metadata used in many third-party ETL, BI, ERP and DB applications into .ddf format; thus facilitating migrations to, or collaborations with, IRI software products. FieldShield (data masking) and RowGen (test data) – along with NextForm (data migration) soon, are all SortCL spin-offs.
Data Manager
Data Protector
IRI Data Protector
What Can FieldShield Do Now?
Secure fields with PII, PHI, etc. via 12 built-in masking function categories
Allow distinct protections for every field in all RDB tables and flat files
Address multiple protections and recipients in one job script, one I/O
Apply protection rules across tables and preserve referential integrity
Support conditional security; i.e. based on patterns, values, or ranges
Specify protections and layouts in Eclipse GUI and portable 4GL job scripts
Integrate with DB apps via ODBC and SDK libraries for dynamic data masking
Retain data realism (e.g. FPE), ideal for testing and outsourcing
Combine with extensive, fast, big data integration and reporting functions
Log job and system runtime detail to an XML audit file to verify compliance
What Will FieldShield Do in the Future?
DB Activity Monitoring (DAM) + DB Audit & Protection (DAP) Protect and redact data in unstructured sources
Encryption & Decryption De- & Re-Identification
Data Protection Functions (Categories 1-3 of 12)
3DES EBC & SSL AES-128 & -256 CBC AES-256 Format Preserving GPG (PGP-compatible) FIPS-compliant OpenSSL Custom
Converts binary to ASCII Supports base64 & hex Reversible
For ASCII data Less secure Reversible
Encoding & Decoding
Data Protection Functions (Categories 4-6 of 12)
Pseudonymization Randomization
Provides realistic names Reversible lookup values Non-reversible selection
Random data generation Random data selection Non-reversible
Partial/full-field masking Conditional omission Non-reversible
Character Masking
Data Protection Functions (Categories 7-12 of 12)Hashing Expressions String Manipulations
SHA-1 & 2 cryptographic Returns hash of fieldstring Use for integrity checking
Find, replace and add Reposition and trim Use INSTR information
Mathematical operations PCRE logic Can we do blurring?
#10: Row/Column RemovalTarget layout declaration, with
or without selection logic #12: Custom Function User's field-level call
#11: TokenizationDB-value substitute for PCI DSS
Why Buy FieldShield? Key Differentiators:
Device encryption is slow and blocks access to safe data DB column encryption is cumbersome and DB-specific Encryption-only tools render data less realistic and more vulnerable Of those products that mask data, FieldShield offers more:
1) Functional versatility – 10 different categories of functions2) Simplicity and openness – Eclipse hand-holding & self-documenting text scripts3) Metadata interoperability and task integration – works with CoSort & RowGen4) Logging - XML audit file helps verify compliance, job stats detail performance5) Target differentiation and formatting – single (for different users) or multi-output6) Big data efficiency via Fast Extract, CoSort, and (pre-sorted) bulk load methods7) Embedded reporting functionality - produces BI (with confidential data)
User Profiles
Vertical industries and government agencies storing, processing, or outsourcing applications with sensitive data, such as:
-> banks, census/tax, defense, health care, insurance, schools Application, DB and DW users handling sensitive data CISOs, compliance teams, consultants, IT managers and solution architects
IRI Data ProtectorIRI Data
Protector
What Can RowGen Do Now?
Create realistic, random and random-real test data that complies with privacy laws
Improve DB prototyping, app development, outsourcing and benchmarking
Utilize standard DB DDL and production file metadata to define layouts
Preserve referential integrity and production formats / structures
Support all data types, volumes, value ranges and conditions
Synthesize composite data values / custom (master) data formats
Set and graph test data value distributions (linear, normal, random, etc.)
Apply common attribute rules (like lookups) rules for pattern-matched field names
Include selection, transformation, and load pre-sort functionality
Write loader metadata, and perform direct path loads, for test DB popluations
Build test flat-file and structured (detail and summary) report targets
Generate computationally valid and invalid national ID formats for 4 countries
What Will RowGen Do in the Future? Bundle automatic database sub-setting through a GUI wizard
Use Existing Data Models and Metadata
Build Test Data for:
CoSort DataStage DB2 UDB Informatica Oracle SQL Server Sybase Teradata CSV, XML, LDIF & COBOL files
Why Buy RowGen? Key Differentiators:
1) Big data generation and population performance (CoSort inside speeds bulk loads)
2) Production data realism without needing production DB data
http://www.iri.com/blog/test-data/making-realistic-test-data-production/
No need to mask production data either, which takes time and may not cover future bases
3) Concurrent test data manipulation and reporting. Shared metadata w IRI Data Manager tools.
4) Metadata compatibility with other IRI tools, and third-party (via MIMB) platforms
5) Familiar Eclipse IDE and portable, self-documenting 4GL generation (and loader) scripts
User Profiles Financial services, government, healthcare, pharmaceutical and retail
Anyone doing DB testing, app development and stress-testing, or benchmarking, including:
Consultants Data and ETL Architects DBAs Programmers
Demo, More Info:http://www.iri.comhttp://blog.iri.com
ftp://ftp9.iri.com/pdf