Mar 19, 2024 Last Updated 10:04 AM, Jul 24, 2023

FieldShield (Data Masking)

Published in IRI

IRI FieldShield® is powerful, affordable, and easy-to-use data masking software for structured data sources (DBs and flat files), big and small.

FieldShield shields fields with the compliance industry's broadest array of protection functions. FieldShield provides role-based access controls for sensitive data on a static or dynamic basis to help you comply with CIPSEA, FERPA, HIPAA/HITECH, PCI, SOX, and international data privacy laws like the EU Data Privacy Directive and POPI in S. Africa.

Create, manage, and run FieldShield jobs in its familiar and friendly GUI, built on Eclipse. Modify and run FieldShield's simple text scripts from the GUI, command line, batch programs, or database applications. Or, call FieldShield functions at the API level for embedded data protection.

FieldShield is the best way to:

  • Profile, secure, present, and populate data in a familiar integrated development environment (IDE)
  • Mask big data using your existing systems, without Hadoop, in-memory databases, or appliances
  • De-identify data in one or more sources simultaneously based on your business rules
  • Specify protection conditions and rules across tables for efficiency and referential integrity
  • Encrypt and remove the individualizing characteristics of data without cutting off access to non-sensitive data, or changing its basic appearance
  • Auto-create XML audit logs to help verify compliance with data privacy laws
  • Fold data masking into data transformation, migration, replication, loading, federation, and BI activities

 

Feature & Benefit

Feature

Benefit

Field-level protection

Protects faster and surer than other, bulk protection methods. Leaves non-sensitive data in its original format and available for regular processing. Even if one field is compromised, the others stay safe with their own protection (vs. breaches where one password exposes all).

Multiple function choices (i.e., encrypt, mask, pseudonymize, hash, de-ID, randomize, substring, math, etc.)

Bases security decisions on the nature of each datum, on considerations like: security level, reversibility, ciphertext appearance, and speed.

Multi-platform executable and external libraries

Deploys concealment and revelation widely and easily, through bulk/batch, real-time applications, or through stored (SQL) procedures (e.g., in-situ encryption).

Database and file agnostic, multi-source and target

Secures data at sources and endpoints across multiple database platforms and file formats with the same product, and at the same time.

Random value lookups

Pseudonymizes PII using data from the same or third-party source(s) to provide realism, safety, and reversibility (optional).

Format-preserving encryption

Preserves the look and feel of the original values, fooling hackers and enabling application and load testing while preserving referential integrity.

Cross-table rule application and storage

Defines, enforces, and re-uses protections for common-named tables throughout an entire database. Preserves referential integrity because common start values get the same end values.

Standard and custom National ID (NID) masking

Saves research and design time in complying with de-identification requirements and local data privacy laws.

Hashing and tokenization routines

Validates the integrity, and improves the security, of encryption operations.

XML audit log file option

Verifies data privacy law compliance efforts and supports queries and reporting of all runtime details.

Multi-source, single (or multi)-target

Saves protection design and execution time by protecting many different files and tables in the same job script and I/O pass. Consolidates multiple protections and authorizations in a single target, and thus reduces both throughput and data synchronization concerns; i.e., different people can reveal different fields from the same document.

Metadata compatibility with IRI CoSort (SortCL) and MIMB-supported platforms

Runs data protection with data transformation, migration, and reporting in the same job script and I/O pass. MIMB users can convert existing metadata in BI, CRM, DB, ETL, and modeling tools, into the data definition file (.DDF) format that FieldShield uses to protect the data used in those apps.

Easy 4GL scripts supported by an Eclipse GUI with: metadata discovery and job creation wizards, function dialogs, syntax-aware editing, and runtime options

Reduces the learning curve in discovering, profiling, and protecting data in disparate sources. Data layouts and field functions are self-documenting so that data architects, DBAs, and compliance teams can easily design, modify, and verify jobs. Eliminates the complexity of proprietary GUIs and cumbersome database encryption implementation.

 

IRI CoSort Use Cases

Payment Card Industry Data (PCI) Personally Identifying Information (PII) Protected Health Information (PHI)
FieldShield use case 1 FieldShield use case 2 FieldShield use case 3
"FieldShield decrypts and re-encrypts fields in our credit card migration and test files, and easily generates and manages encryption keys." "We use the FieldShield GUI to design and run our Oracle data masking jobs on Linux. Eclipse is familiar to us already so we didn’t need any help." "FieldShield’s de-identification and hashing functions help our geo-medical consumer health databases exceed HIPAA requirements."
More in this category: RowGen (Test Data) »

Popular Products

Solace

Solace

Distributing Products

O360/SSL Bridge
O360/ATM Switch
O360/TR

O360/TR

E-Payment

O360/FEP

O360/FEP

E-Payment