What aspect is the most important to look for when evaluating Data Masking solutions?

I have experience working as a project manager for a comms service provider with 10,000+ employees. 

I am currently evaluating Data Masking solutions. What aspect is the most important to look for when evaluating Data Masking solutions? 

Where can I find a report comparing DB security tools?

Thanks! I appreciate the help.

33 Answers

author avatar
Top 10LeaderboardReal User

I am an Informatica Data Masking specialist. Informatica delivers an end-to-end best breed solutions for the complete modern data integration. Informatica is the leader in 5 magic quadrants for over 10 years now.

I recommend you have a look at Test Data Management Informatica that integrates with PowerCenter, PowerExchange®, and Informatica applications to manage nonproduction data in an organization.

With TDM, an organization can create a smaller copy of the production data and mask the sensitive data. An organization can discover the sensitive columns in the test data, and ensure that the sensitive columns are masked in the test data. An organization can also create test data that does not contain sensitive data from the production database. They can create a test data warehouse to store test data in a central location and edit or reset the data when required.

We also offer Dynamic Data Masking that de-identifies data and controls unauthorized access to production environments, such as customer service, billing, order management, and customer engagement. Dynamic Data Masking masks or blocks sensitive information to users based on their role, location, and privileges, can alert on unauthorized access attempts and provides logs for compliance and audit.

Note that Gartner has no magic quadrant for data security, but I found this website that compares data masking tools: https://www.softwaretestinghelp.com/tools/14-test-data-management-tools/

author avatar
Top 10LeaderboardReal User

1) What aspect is the most important to look for when evaluating Data Masking solutions?

One of the most important points about choosing a masking solution was the marking algorithm designed to be consistent. Currently, excellent solutions on the market have excellent algorithms consistent between systems and time periods, but the question of compatibility (database, operating system, low or high platform, etc.) with the environment continues.

This is very important, as it is necessary to evaluate the possibility of changing versions of a certain database, including migrating to another database manufacturer or expanding the databases with other manufacturers. The question of compatibility is important.

So, in addition to this compatibility, it is necessary to evaluate the minimum requirements (hardware and software) required by the manufacturer of a given solution. Generally, there are the minimum and recommended requirements. It is always valid to follow the recommendations, not just the minimum requirements.

2) Where can I find a report comparing DB security tools?

It is difficult to find a report comparing these tools. Generally, when we need a solution, we check the placement of the best solutions in the Gartner Magic Quadrant. After choosing the 03 (three) best positioned, we do the Proof of Concept (POC) with the Test Book. This helps significantly in decision making by managers. Some databases already have native functionality for data masking, as is the case with SQL Server 2016 or higher.

Now, between a native and an external solution, an external one is generally recommended because it consumes less processing resources in the databases, for example. In an external solution, agents installed in the databases are used to perform the data masking, as is the case with IBM Security Guardium.

Examples: Azure SQL Database, SQL Server 2016 or higher, IBM Infosphere Optim, IBM Security Guardium.

author avatar

I'm the head of product at Satori and what I'd suggest to look at is simplicity and maintainability so you don't have to introduce complex controls into your data stores and create multiple copies of the data for access control purposes. 

You might want to checkout our universal approach to data masking, where all you have to configure is (1) the type of data to mask (2) what is the masking function and (3) in which cases a masked version of the data should be delivered to the data consumer (i.e. by role). Here's a short and simple demo video showing how to configure masking for email addresses under 60 seconds without changing anything in the data source: link

Find out what your peers are saying about IBM, Delphix, Broadcom and others in Data Masking. Updated: January 2021.
456,249 professionals have used our research since 2012.