How can we help you today? How can we help you today?

Data Masker - Main Selling Point

Can someone give me the 2-3 sentence answer on why someone would choose to use Data Masker over a simple homegrown type solution to replace values in name columns?

I've only had a chance to dive into briefly, but the initial round was a little confusing (assuming acquired product you are working on enhancing/improving). Just wondering what you'd consider the main "selling point" of the product compared to running something like a PowerShell based command to replace values.

I look forward to reading more and diving into it!
sheldonhull
0

Comments

6 comments

Sort by
  • unclebiguns
    Sheldon,

    One selling point for me would be the fact that a homegrown solution likely isn't documented well/documentation isn't updated so when the creator of the solution moves on, much of the knowledge on how to use it goes with them. With a purchased product you have support, documentation, and a user community.
    unclebiguns
    0
  • D_A_Green
    For me it's the audit side of things. Who checks the home grown scripts? I like the ability to produce a report for audit of what was done, when, and to what. I can also give that report to the information asset owner. As mentioned above, the commercial nature of this solution adds credibility for the auditor. This with the complexity to allow me to mask in a fairly complex way, means it works for me. A command line interface would mean this can become a standard part of my automated UAT build process.
    D_A_Green
    0
  • robrich
    For me the selling point is the data looks more realistic, but isn't at all real. For example, the first name column still looks like a first name, email addresses will still pass regex validation, and geolocation data isn't in the middle of the ocean.

    I've seen two types of home-grown solutions:

    1. Randomize everything. Select all the data in the column, rearrange all the rows, and put it back. The data is still "real data" but because the first name and last name are no longer in the same row, it technically no longer references the person. Technically it's "sanitized", but unique names still pop. Pros: passes validation, cons: not really sanitized.

    2. Replace with random. The data is now gibberish. I can't pronounce the names, the fields no longer pass validation. Pros: it's definitely random, and I may discover an XSS vulnerability, cons: because data doesn't pass form validation, it makes using the app harder because I need to change all the data before I can push save -- even if that wasn't the task I was testing.
    robrich
    0
  • sheldonhull
    Nice points. For more complex data I can see it being even more beneficial. I've used PowerShell with the "NameIt" cmdlet to obfuscate query results very quickly, but I could see that it would take a lot of work to go through an entire database and provide consistency. I struggled with the first go at taking all columns of the same name and applying a ruleset but again didn't dive deep into documentation. Just wasn't intuitive on the first go for me.
    Will keep exploring. Feel free to provide any examples of what you've found helpful and tried in the automation category. I was thinking of trying to have a way for us to have a deployed system at a customers location and for them to provide a masked backup copy of the database with all the data that is identifiable in it masked in an appropriate way. Did anyone test out the automation capabilities yet?
    sheldonhull
    0
  • leonardomachado
    Hi Sheldon! We are also aiming at delivering higher value in the Data Masker product by integrating it to work seamlessly with other RG products - notably SQL Clone, creating a fast, reliable, and audit-able way to provide sanitized and realistic production data to development, training, and test environments, with CI/CD capabilities. We've just did the first step towards this objective by enabling SQL Clone to run scripts while creating a database image - more details on this post:

    https://www.red-gate.com/hub/product-learning/sql-clone/sql-clone-v2-4-run-scripts-during-image-creation
    leonardomachado
    0
  • TheSQLGuru
    D_A_Green wrote: ยป
    For me it's the audit side of things. Who checks the home grown scripts? I like the ability to produce a report for audit of what was done, when, and to what. I can also give that report to the information asset owner. As mentioned above, the commercial nature of this solution adds credibility for the auditor. This with the complexity to allow me to mask in a fairly complex way, means it works for me. A command line interface would mean this can become a standard part of my automated UAT build process.

    Questions for RG:

    1) Can Data Masker provide audit reports of actions taken?

    2) Also, can it provide a human-digestable report of the masking ruleset?

    Sorry if these are answered in the documentation. Coming out of a really bad year and behind on everything. :(
    TheSQLGuru
    0

Add comment

Please sign in to leave a comment.