Data masking (data pseudonymisation) is a data security technique in which a dataset is copied but with sensitive data obfuscated. This benign replica is then used instead of the authentic data for testing or training purposes.
Data masking and data obfuscation does not just replace sensitive data with blanks. It creates characteristically intact, but inauthentic, replicas of personally identifiable data or other highly sensitive data in order to uphold the complexity and unique characteristics of data. In this way, tests performed on properly masked data will yield the same results as they would on the authentic dataset.
Concerns about data sharing and confidentiality mean many organisations now mask personal identifiers. This is especially the case when data is used for purposes other than those for which it was originally collected.
Northdoor’s Data Masking solution is designed to give organisations the capability to safeguard personal and sensitive information – reliably, cost-effectively, and at scale.
The Data Masking solution from Northdoor enables you to:
By improving your ability to mask personally identifiable data, Northdoor Database Record Masking can reduce internal costs and cut the risk of regulatory penalties.
For more information on how Northdoor can help you reduce your regulatory risk and increase internal efficiency, read our short solution brief on data masking, or contact us directly for a no-obligation assessment.
Concerns about data sharing and data confidentiality especially around the secondary use of data – where data is used for purposes other than those which it was originally collected – has resulted in many organisations using data masking to remove personal identifiers. Whilst masking is a simple concept scaling out pilot deployments to multiple data sources can be technically challenging and costly.
Data masking or obfuscation is essential in many regulated industries where personally identifiable information must be protected from overexposure. By masking data, the organisation can expose the data as needed to test teams or database administrators without compromising the data or getting out of compliance. The primary benefit is reduced security risk.
Data Masking is a relatively simple concept – for example, replacing genuine names and addresses with sample names and addresses in customer records. However, scaling a solution to cover multiple data sources is potentially costly, challenging, and unlikely to produce consistent results.
Data masking is difficult because the changed data must retain any characteristics of the original data that would require specific processing. Yet it must be sufficiently transformed so that no one viewing the replica would be able to reverse-engineer it. Commercial software solutions are available to automate masking and provide confidence in the obfuscation quality.
Northdoor’s solution provides organisations with the capability to safeguard personal and sensitive information. Get the control you need from IT and ensure all personal identifiable data is protected.
Does your organisation have a good handle on data masking, or are you potentially letting personally identifiable data slip through the net?
Many organisations routinely replace names and other personal identifiers in certain sets of data with pseudonyms – the process known as data masking, alternative routes would be data obfuscation or data anonymisation. The 2018 GDPR legislation places more rigorous demands on data confidentiality, potentially extending both the types of data that should be masked and the scenarios in which masking is required.
In particular, the GDPR aims to restrict the so-called secondary use of data, in which data originally collected for one purpose, say, signing up for a newsletter, is used for a different purpose such as user profiling. As organisations introduce greater granularity around permissions, there will potentially be many new areas in which the ability to rapidly and reliably mask data will be a major benefit. And where data may be shipped out to external partners, perhaps for statistical analysis, ensuring that masking is rigorous and non-reversible is absolutely critical.
Data Record Masking for the Insurance Industry
While data pseudonymisation, or ‘masking’, is a simple concept, insurers typically have significant legacy systems, which makes scaling out a pilot deployment to cover multiple data sources challenging.
NHS Patient Record Pseudonymisation
Northdoor’s NHS Patient Record Pseudonymisation solution can provide NHS Trusts with the capability to safeguard personal and sensitive patient information.
Alongside encryption, the pseudonymisation or masking of data is a vital component in the enterprise IT toolbox. For requirements such as employee training or the development and testing of new software, organisations often need sets of “real” data. For example, testing a logistics app will require a list of customer names and addresses in standard formats, to ensure that the finished product works in the real world. Rather than using genuine customer data, which would present a risk under the GDPR, organisations typically use manual or automated masking techniques to create fictitious sets of data.
Creating masked data can be a major drain on time and resources, and existing manual processes may not be fully compliant with the GDPR. As time-to-market pressure grows, would your organisation benefit from the automated creation of realistic masked data?
Northdoor offers a fully automated Data Masking Solution that empowers organisations to take back control, improve the auditability of GDPR processes and save time for their IT personnel. The solution masks data accurately and in a context-aware manner to preserve integrity, and propagates masked elements consistently across applications to generate valid results in usage. In this way, the solution boosts internal efficiency, improves the effectiveness and demonstrability of compliance, and drives higher quality in testing and training data.
Northdoor are now preferred suppliers for public sector and NHS Trusts looking to automatically protect, anonymise and safeguard sensitive information. The Crown Commercial Service Supplier (CCS) acts on behalf of the government to drive savings for the taxpayer and improve the quality of commercial and procurement activity. The G9 agreement supports the government’s policy to centrally manage the procurement of common goods and services through an integrated commercial function at the heart of government.
The agreement with Northdoor means that public sector organisations can buy its services via the G Cloud Digital Marketplace without the need to undertake a full tender or procurement process, making it easier and faster for organisations to ensure their compliance using Northdoor.