Logo: Fujitsu and home icon
    Download trial version
    Fujitsu Logo

      New data breach laws in Australia and Europe are making Data Masking critical for organisations that retain personal data, such as those in government, health and financial sectors.

      The new Privacy Amendment (Notifiable Data Breaches) Act 2017 in Australia has established the Notifiable Data Breaches (NDB) scheme making the database features such as Data Masking even more compelling. Public and private firms that operate in the European Union will also be subject to the General Data Protection Regulation starting in May 2018. 

      These schemes oblige organisations to notify authorities of a serious breach, as well as those individuals whose personal information was involved. Non-compliance carries serious penalties. 

      Read more about the new Australian regulations and European situation.  

      The bottom line is that everyone involved in data security and risk governance needs to be aware of the tools and techniques that can be deployed to avoid a breach in the first place.

      Welcome to Data Masking 

      Data Masking (also often referred to as Data Redaction) is essentially the process of removing authentic sensitive data from the database and replacing it with alternate data that appears to be real data, but is not real data. The benefits of Data Masking are many:  

      • reduces the risk of a data breach in multiple situations

      • helps organisations avoid unwanted data access

      • reduces exposure of sensitive data

      • protects the real data against unauthorised access

      • improves compliance

      Consider these Scenarios

      Your organisation may want to consider Data Masking for the following scenarios:

      Software Development
      The development and testing of new software applications requires multiple developers potentially located anywhere in the world to be using actual data in testing prior to production versions. Data Masking is used here to enable the utilisation of real data structures, without the need to expose personal information.

      It is common place today to be outsourcing a range of services to 3rd parties for training, testing or development (as above). These are often performed offshore. In this situation, Data Masking can enable these services to be delivered without exposing sensitive personal data to even authorised personnel.

      Business analytics such as standard business intelligence processes where business analysts, researchers, marketers, sales managers, CEO/CFO and more will typically aggregate data to analyse for business metrics and forecasts. In this situation, Data Masking can enable the analysis to continue without the need for specific individual sensitive data to be exposed.

      How is Data Masking different to Encryption?

      Data Masking is a process whereby data is transformed in one direction, whereas encryption scrambles data and then unscrambles it once accessed. In addition, Data Masking changes the values of data, not the structure. For example, where a credit card number may be a set of 16 numbers, in Data Masking, that structure remains the same, however the actual value of the numbers will be changed.

      The Data Masking feature is a substantial reason to consider upgrading to FUJITSU Enterprise Postgres from the community edition of PostgreSQL. It has been developed with the following considerations:

      • Non-reversible
      • Flexible and easy to use
      • Maintenance of original representation
      • Maintenance of referential integrity
      • Repeatable representation

      Whatever the reasons, the situation remains the same. You need to do all you can to avoid a breach of personal sensitive data from your database, and Data Masking can help.

      If you have data security concerns or are looking for a more robust, secure and scalable database, then contact one of our experts on +612 9452 9191.

      Data masking white paper


      Topics: Database Security, Data Masking, Data Redaction

      Receive our blog

      Receive notification of PostgreSQL-based articles for business and technical audiences.

      Search by topic

      see all >

      Read our latest blogs

      Read our most recent articles regarding all aspects of PostgreSQL and FUJITSU Enterprise Postgres.