Not logged in - Login / Register



< back

Why Data Masking

Why Data Masking


TextData masking (another terms used are data anonymization, data de-identification, data obfuscation, for the nuances of industry perception please refer here) has become mainstream in IT functions of healthcare, financial, educational, government and other types of organizations carying sensitive personal data in the last decade. Organizations use it to protect against internal threat, to hide sensitive information while exposing data to external users, and to exchange data with third parties.

A lot of organizations do it to comply with legislation, while others use it as a preventative measure even if not obligated by law. The cost on non-compliance and data breaches are very high. They are much higher than just the FTC fines - although they indeed could run into millions of dollars as U.S, Courts ruled multiple times. "It is not only appropriate, but critical, that the FTC has the ability to take action on behalf of consumers when companies fail to take reasonable steps to secure sensitive consumer information," says Federal Trade Commission Chairwoman Edith Ramirez. There are reputational and class-action litigation costs, as well as credit checks costs for financial institutions and fraudulent cases costs for health insurances.

The laws are becoming more plentiful and stricter - as public demands better degree of protection. As such, companies try to make sure they protect themselves with all the possible means and they protect data two ways: with encryption and with data masking.

Data Masking != Encryption

Both, data masking and encryption are used to hide data's original values. Yet, they are not the same, both by purpose and by implementation.

The Purpose

The purpose of encryption is to hide data from the hacker. In data security classification, the hacker is an external threat and has no access to encryption keys. Both data in transit and data on disk are well protected with encryption against hackers outside of organization.

The purpose of data masking is to hide data from the developer. The developer often does have the key to encryption. Not only that, encrypted data, unless there is a specific provision, might not fit the predefined field sizes in the storage and makes it extremely hard to comprehend. The lack of comprehension slows down development.

Download a Trial