Solutions

Data Privacy a Top Concern for Business Leaders

IBM InfoSphere Optim Data Privacy Solution named a leader in the first-ever Gartner Magic Quadrant for Data Masking Technology

It is not surprising to see that high-ranking executives are gaining awareness of data privacy concerns. In today’s hyper-connected world, information protection is expanding beyond the technical realm and becoming a strategic, enterprise-wide priority—and it takes only a glance at news headlines to see why.

In 2011, the corporate world experienced 174 million incidents of compromised record security. In addition, global cybercrime costs US$114 billion annually and affects more than 1 million victims every day. As a result, two thirds of senior executives are now paying closer attention to enterprise data privacy than ever before. (Source: Symantec)

Furthermore, protecting data privacy is no longer optional. It’s the law. Corporations and their officers may face fines up to US$1 million per day and possible jail time if data is misused. Other potential negative impacts include erosion in share price and negative publicity.

IBM InfoSphere Optim Data Privacy Solution, recently named a leader in the first-ever Gartner Magic Quadrant for Data Masking Technology, provides a market-leading approach to data privacy challenges. InfoSphere Optim received the top rankings compared to competitors in the ability to execute and completeness of vision categories.

 

Establish a holistic data privacy strategy

InfoSphere Optim Data Privacy is designed to support a business-driven, holistic approach to data privacy. Organizations can use the software to establish a policy-driven, on-demand masking approach that proactively protects data privacy and supports compliance—an especially important requirement with the volume, variety, and velocity of data growing so rapidly. Intelligent data masking inside big data platforms makes analytics possible while also keeping private information out of sight.

The end goal: Protect privacy without impacting the business.

InfoSphere OptimData Privacy provides a comprehensive set of data masking techniques that can support your data privacy compliance requirements:

  • · Application-aware masking capabilities help ensure that masked data, such as names and street addresses, resembles the look and feel of the original information.
  • · Context-aware, pre-packaged data masking routines make it easy to de-identify elements such as payment card numbers, Social Security numbers, street addresses, and email addresses.
  • · Persistent masking capabilities propagate masked replacement values consistently across applications, databases, operating systems, and hardware platforms.

Figure 1. Example of data masking

 

How does InfoSphere Optim Data Privacy work?

Step 1: Define sensitive data

Effective data privacy begins with an agreement that outlines the purpose, accountabilities, and participants in the data privacy strategy. Not all data has to be protected in the same manner (some may be considered low-risk). Also keep in mind that some high-value data (for example, design specs or corporate secrets) may not require protection under legal mandates—but organizations will most certainly want to protect it with stringent privacy controls.

 

Step #2: Understand where sensitive data resides

Most of the world’s data is stored in commercial databases or data warehouses such as Oracle DB, Microsoft SQL Server, IBM DB2, IBM Informix, Sybase, MySQL, IBM Netezza, and Teradata.

However, most organizations do not have a complete understanding of their enterprise data stores. Many organizations rely too heavily on system and application experts for this information. A deeper understanding of enterprise data and data relationships is required to protect it. In addition, organizations tend to neglect non-production environments. What sensitive data is copied and used for test, development, QA, training, or for demonstration purposes?

 

Step #3: Mask sensitive data

Data masking is the process of systematically transforming sensitive data elements into realistic but fictionalized values. Masking enables receipts of the data to use “production-like” information while ensuring compliance with privacy protection rules. Comprehensive, easy-to-use masking techniques are available—as well as more advanced masking routines that can be used to support complex data privacy requirements. In addition, user-defined functions for masking are available to mask data anywhere, at any time.

Data masking techniques available in the InfoSphere Optim Data Privacy Solution respect the application logic and make sense to the person viewing the results—that is, the masked data resembles the original information. Numeric fields should retain the appropriate structure and pattern and must remain within a range of permissible values.

Data masking techniques also preserve the referential integrity of the data. InfoSphere Optim Data Privacy automatically masks and propagates masked data elements accurately across related tables, applications, databases, operating systems, and hardware platforms to help ensure valid test results.

Protecting data privacy isn’t getting any simpler. Market-leading InfoSphere Optim Data Privacy software can help with automated, on-demand data masking services across the enterprise.

What do you think? Let me know in the comments!

Previous post

Big News for Informix

Next post

A Smarter Approach to Tackling Big Data

Kimberly Madia

Kimberly Madia is a Worldwide Data Security Strategist for IBM Information Management Security and Compliance solutions. She has been with IBM since 2001. During her career at IBM, Kimberly has worked as a technical support representative and a business partner enablement manager. Currently, she is focused on developing solutions across software brands to support data security and compliance, a regular speaker at trade shows and user groups, and a regular blogger who writes about data security breaches and strategies to mitigate risks. Kimberly earned an undergraduate degree in computer science from Allegheny College and an MBA in strategy and information management at Carnegie Mellon University.