Masking pii - set-up and execution
1️⃣ Connect a database through the Data Dictionary
To do this locate the Dashboard (grey, left panel) > Master Data Management > Data Dictionary. In this example a basic database containing PII related to customer, supplier and order is being used.
▶ Databases tab selected hit the +New Connection Profile button: in this example the Name is CommerceSample, pulling from the database SampleCommerce (each named according to your preference).
Remember also to locate the Host here the database of stored.
Note: by default, all schemas from a database get selected.
An error simply alerts that the database is already connected.
2️⃣ Scan the database ready for tagging
This is pulled from the database connection attributed in the previous step. This puts tags to potential PII ready for the masking to be attributed. To do so select the correct database (in this example it’s called LD sample commerce) and hit the blue >Run scan button. This results in in scan (in this example: Scan#1) which is used in the next step.
3️⃣ Set-up the database tagging feature
To do so first move from the Databases tab to the Definition tab. Hit the blue +Create Definition button. Now name it in the Create Definition wizard. In this example name is Demo. The example here uses LD sample commerce.
Follow the set-up through: ⚪ DETAILS ⚪ CONNECTION ⚪ SCANS ⚪ SUMMARY
Hit the blue Next Step button until the Summary, and finally hit the green Finish button. Note: Scan#1 from the previous step is indicated.
:do_this: Tagging tip: Add, update or mute tags
:thinking: Remember also that PK (Primary Key) and FK (Foreign Key) should be masked in exactly the same way every time - constistently. Note: If masking doesn’t work, has a unique PK and FK lost its unique value? Always update the reference to a PK or FK. Best practice for a PK and FK is: ‘reference and no sense’.
To view/update a tag select the database from the Definitions tab and scroll to the tags. Click the Definition, in this example Demo and pop up its content.
To mute tags to avoid masking: blue highlight is active, and a grey tag shows it is deselected (toggle click). To add tags click the green + icon.
:do_this: Extended features of the Data Rules window
Accessed in the Dashboard (far left grey panel) > Master Data Management > Data Rules. In this walkthough are the ones indicated* are most relevant.
Generation Rules: (For setting up a Rule Set)
Masking Rules:* (for defning the database)
Functions: (for setting up customised functions)
Categories: (for Regex and Seedlists)
Defaults:* (for accessing Global data settings)
:do_this: Define a Masking Rule Set
This refers to the scan result. If the scan has tags then the Rule Set can pick up thoise tags. Accessed through Dashboard > Master Data management > Data Rules: Masking Rules tab. On the right of the window hit the blue +New Rule set button. In this example in the drop down list it’s named Demo.
4️⃣ Set-up and apply Global Defaults as required
Set-up the range of Global Defaults. To do so Dashboard > Master Data management >Data Rules > Defaults tab. Click the blue +New Global Default button, then in the New Global Default window give it a String name, and hit the green Save button to open the Default Details card.
In the Default Details card click the blue +Add button and then define the Type of Masking Rule. GO back to the Defaults and the new Global Default is set according to Generation | Masking | Metadata.
:do_this: To apply, do this this by first clicking Demo listed in: Masking Rules tab > Masking Rule Sets, then the Active listed Schema > dbo. Finally, hit the blue Re-apply global defaults button to reveal a list of masked default options.
At the point deselect any unnecessary masking options. Do this, then hit the green Apply button. Remember this is about PII.
:do_this: Customising tags and masking rules click here
:do_this: Using the global defaults
Global rules for masking are shown in the Defaults tab of the Data Rules. Access this in the Dashboard (grey, left panel) > Test Data Management > Data Rules > Defaults tab. This expedites the action of masking but also reduces errors with pulling recently updated data in spreadsheets.
5️⃣ Run mask
To execute a masked data file with Masking Rule Set selected hit the blue Run Mask button. Remember to attribute the server it’s running on, and determine the process: in this example Mask to database - multithreaded. Remember to now hit the green Execute button.
:thinking: Create a pre/post masking audit report?
This is not an audit trail as such. This requires you take into account the PII procedures within your company. It’s a useful feature to verify that particularly obscure rules successfully masked data accordingly. Though activating the audit on decently-sized databases will evidently require more processing time.
▶ Hit the grey Download Full log button to Download the zipfile from Job Result window
The sequence number _0 _1 _2 on the generated files is the thread from which the file was produced. For instance WHERE and non-WHERE clauses get defined as different blocks, so this will generate different threads.