Today’s organisations realise that data is a critical enterprise asset, so protecting that data and the applications that hold it makes good business sense. However, different types of information have different protection and privacy requirements. Therefore, organisations must take a holistic approach to protecting and securing their business-critical information:
Understand where data exists:
Organisations can’t protect sensitive data unless they know where it resides and how it’s related across the enterprise.
Safeguard sensitive data, both structured and unstructured:
Structured data contained in databases must be protected from unauthorised access using data transformation techniques such as masking or encryption. Unstructured data in documents, forms, image files, GPS systems and more requires privacy policies to de-identify or mask sensitive data while still allowing needed business information to be shared.
Protect nonproduction environments:
Data in nonproduction, development, training and quality assurance environments needs to be de-identified or masked, yet still usable during the application development, testing and training processes.
Secure and continuously monitor access to the data:
Enterprise databases, data warehouses, file shares and Apache Hadoop-based systems require real-time monitoring and policies to ensure data access is protected and audited. Policy-based controls (like masking or connection termination) based on access patterns are required to rapidly detect unauthorized or suspicious activity and alert key personnel. In addition, data sources need to be protected against new threats or other malicious activity and continually monitored for weaknesses.
Demonstrate compliance to pass audits:
It’s not enough to develop a holistic approach to data security and privacy. Organizations must also demonstrate and prove compliance to third-party auditors. By employing a data protection strategy across all areas and all types of data, organisations can ensure enterprise data is kept secure and protected.
Data privacy across the enterprise News headlines about the increasing frequency of stolen information and identity theft have focused awareness on data privacy breaches and their consequences. Protecting data privacy is no longer optional—it’s the law. Organizations must have procedures in place to protect privacy in databases, applications and reports in both production and nonproduction systems to comply with data privacy regulations and avoid risk. As data-breach headlines continue to mount, it is clear that data is the most vulnerable enterprise asset. Organisations need to adopt a policy-driven, on-demand masking approach to proactively protect data privacy and support compliance, especially in a computing era where data is everywhere and growing in volume, variety and velocity
Data masking is the process of systematically transforming confidential data elements such as trade secrets and personally identifying information (PII) into realistic but fictionalized values. Masking enables receipts of the data to use “productionlike” information while ensuring compliance with privacy protection rules. Data masking represents a simple concept, but it is technically challenging to execute. Most organisations operate within complex, heterogeneous IT environments consisting of multiple, interrelated applications, databases and platforms. Organisations do not always know where confidential data is stored or how it is related across disparate systems. The ideal solution must both discover sensitive data across related data sources and mask it effectively.
The IBM® InfoSphere® Optim™ Data Privacy solution provides comprehensive capabilities to mask and govern sensitive data effectively across applications, reports and databases in production and nonproduction environments. The InfoSphere Optim Data Privacy solution de-identifies data anywhere a contextually accurate, yet fictionalised value is appropriate.
For example, mask data in flight to fend off a hacker, mask data onscreen in a call center to ensure only those with a valid business need see sensitive client data, mask data in development, Q/A or testing environments, or mask data in extract, transform, load (ETL) or data movement solutions. When you use InfoSphere Optim to mask confidential data, you protect privacy and safeguard shareholder value.
The InfoSphere Optim Data Privacy solution brings flexibility, scalability and adaptability to data masking by helping organisations: