Dynamic Data Masking
CXO Quotation…
"Who can guarantee that my sensitive data are secured, on the fly, masked to the right degree, no matter who or when or what tool queries it?"
To be used in what Circumstance
To consider in large organizations looking for a catch-all solution to manage live access to sensitive data in databases.
High-Level Description
A tool for dynamic data masking, i.e. masking sensitive data on the fly, to any user or application querying for it, dynamically, according to business rules and user profiles.
It is placed between client application(s) and database(s), with high availability, and with no performance impact for any client or user.
*Supports a multitude of RDBMS, and is starting with NoSQL. *
Dynamic Data Access
CXO Quotation…
"A tool to control access to the right data, at the right time, for the right purpose, by the right user... automatically and in real-time?... A dream!"
“Data access requests must be fulfilled automatically once approved by data owners: having tickets and manual admin operations inevitably leads to mistakes and loopholes."
To be used in what Circumstance
To consider in organizations in which data access policies and their enforcement are of critical importance, and in which the number of users and systems to manage make DBA-level processes impractical.
*Unique in the market: this tool enables a separation of duties, by segregating infrastructure administration from data access. *
High-Level Description
A centralized tool for data access control, managing any application/user access and access privileges to any database, dynamically, for every posted query, whatever its complexity.
By doing so, it effectively hands-over control to data owners, away from DBA’s. The tool works in high availability mode. There is no performance drop to any client or user.
Test Data Mgmt. with Static Data Masking
CXO Quotation…
"We can never have the right test data, secured/masked, delivered to the right group, and ready at the right time."
“Is there any multi-purpose tool to help with purging & archiving, or with masking data while migrating to the cloud? …anything better than scripts!“
To be used in what Circumstance
To consider in large organizations struggling with the generation of secure test data, or with purging, archiving & migration, or with the handling of their sensitive content when copying data from any source to any target.
*Can also integrate/copy from on-premise to cloud, as well as HDFS. *
High-Level Description
A tool for test data mgmt., purging or migration, including between different technology platforms. It copies data from between environments (e.g. "production" to "test"), while applying rule-based masking of sensitive data. It can also synthesize new data (columns or records), based on given patterns and rules.
Both full extraction and data sampling are supported. Consistency is preserved, by starting from a given table or from sample records, then deriving all explicitly or logically related records.
Sensitive Data Discovery
CXO Quotation…
"I can't sleep at night because nobody can tell me clearly where my sensitive data are, and how I can stay on top of it!"
To be used in what Circumstance
To consider in large & complex organizations, where uncertainty prevails about the whereabouts of sensitive data, and where help is needed in managing their spread.
High-Level Description
A tool used for the scanning, discovery, identification and reporting of sensitive data, anywhere in an organization's data infrastructure... Both structured & unstructured data, and up to email servers and PC's of employees!
Corrective actions can be triggered from a catalogue of available operations, either automatically upon any finding or manually after review (e.g. blurring content, moving/removing or tagging files with sensitive content).
Secure DB Logging
CXO Quotation…
“Any DBA with root privileges can act with total impunity… undetected, untraced!“
"I am spending MILLIONS on licenses for branded products, every year, just to satisfy a regulatory requirement. Give me an alternative!"
To be used in what Circumstance
To consider in organizations challenged to address the strictest regulations about keeping track of any kind of database transactions, and in need of a solution capable of producing any kind of audit report.
*like IBM Guardium (well-known among security specialists). *.
High-Level Description
A tool that monitors ALL database user activities, regardless of the channel, the user or the privilege of that user (especially including DBA's). It securely logs all transactions (safe from editing), and provides an alarm mechanism over them as well as flexible reporting.
Web-Based SQL Editor
CXO Quotation…
“My database connection details are kept in every client, installed on every pc. You call this secure!?“
"Accessing data on any database is a sensitive operation of its own: an enterprise should control which tools are used for that purpose!"
To be used in what Circumstance
To consider in organization concerned with providing controlled but easy access to its databases, simplify the day-to-day load of desktop support & DBA’s, and keen on keeping common standards.
High-Level Description
An SQL query editor software (TOAD-like but web-based), to connect to misc. database types from a single platform. This results in consolidation, improved governance, enhanced security, scalability, as well as savings in license & operational costs.
Permitted References (Collective)