With corporate data breaches occurring at an ever-alarming rate, all levels of organizations are struggling with ways to protect corporate data assets. Rather than choosing one or two of the many options available, Michael Jay Freer believes that the best approach is a combination of tools and practices to address the specific threats. To get you started, Michael Jay introduces the myriad of information security tools companies are using today: firewalls, virus controls, access and authentication controls, separation of duties, multi-factor authentication, data masking, banning user-developed MS-Access databases, encrypting data (both in-flight and at-rest), encrypting emails and folders, disabling jump drives, limiting web access, and more. Then, he dives deeper into data masking and describes a powerful data-masking language. Explore how to develop standard masking business-rules and the best industry practices for manipulating masked data. You can get started slowly with information obfuscation without attempting to "boil the ocean."
2. Michael Jay Freer
Quality Business Intelligence
Michael Jay Freer is a consultant specializing in business intelligence solutions. He has
provided thought leadership and consulting services to Fortune 500 companies including
MetLife, Tyco Safety Products, Capital One, Brinks Home Security, Rite Aid, and Zales. With
more than twenty years of experience, Michael Jay has worked with business sponsors to
provide solutions in financial, marketing, manufacturing, supply chain management, retail, and
hospitality/cruise/tourism industries. A member of the PMI, IIBA, and ASQ, Michael Jay serves
on the board of the South Florida Chapter of the Data Warehouse Institute.
3. Tuesday, September 04, 2012
Information Obfuscation
Information Obfuscation
(Data Masking)
Protecting Corporate Data-Assets
Presented by Michael
Jay Freer
Michael Jay Freer - Presenter Bio
Michael Jay Freer, SSGB, ITIL(v3), Information Management professional providing
thought leadership to fortune 500 companies
including MetLife Bank, Tyco Safety Products,
Capital One, Brinks Home Security, and Zales.
Over his 25+ years experience he has worked with
business executives providing solutions in
financial management, manufacturing, supply
chain management, retail, marketing, and hospitality industries.
As an Enterprise Architect at MetLife Bank, Michael Jay specialized in
Information Obfuscation facilitating project solutions for protecting
business Confidential and Restricted data.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 2
All rights reserved
1
4. Tuesday, September 04, 2012
Information Obfuscation
Presentation Ground Rules
Start and Finish on time
Questions at anytime
Parking lot for longer discussion points
“Electronics on Stun”
Respect your peers
No phone calls or email in the room
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 3
All rights reserved
Information Obfuscation
(Data Masking)
Protecting Corporate Data-assets
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
2
5. Tuesday, September 04, 2012
Information Obfuscation
Agenda
Outlining the Problem
Data Masking Golden Rule
Defining Information Obfuscation
Information Classification
Who is Responsible
Defining a Common Language
Data-Centric Development
Governance
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 5
All rights reserved
Outlining the Problem
Problem Statement
Corporate Data breaches are occurring at an alarming rate.
1) It is incumbent on organizations to protect the customer,
partner, and employee data with which they are entrusted.
2) Ease of access to sensitive information in business systems.
3) Using unmasked Confidential and Restricted data in nonproduction environments exposes risks to company reputation.
Business Rationale for Obfuscating Data
• Reduce Data Breach Risks
• Heightened Legal and Regulatory Scrutiny of Data Protection
Services (i.e.: SOX, HIPAA, GLBA, NPPI, FFIEC, PCI-DSS)
• Company Policies and Standards
• Fundamental assumption on the part of customers that their data
is already de-identified in non-production systems
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 6
All rights reserved
3
6. Tuesday, September 04, 2012
Information Obfuscation
Outlining the Problem
Problem Statement
Corporate Data breaches are occurring at an alarming rate.
1) It is incumbent on organizations to protect the customer,
partner, and employee data with which they are entrusted.
2) Ease of access to sensitive information in business systems.
3) Using unmasked Confidential and Restricted data in nonproduction environments exposes risks to company reputation.
Business Rationale for Obfuscating Data
• Reduce Data Breach Risks
• Heightened Legal and Regulatory Scrutiny of Data Protection
Services (i.e.: SOX, HIPAA, GLBA, NPPI, FFIEC, PCI-DSS)
• Company Policies and Standards
• Fundamental assumption on the part of customers that their data
is already de-identified in non-production systems
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 7
All rights reserved
Data Masking Golden Rule
To put Information-obfuscation (Data-masking) into
perspective simply think about yourself:
How many vendors or service-providers have your
personal information (banks, mortgage holders
physicians, pharmacies, retailers, schools you applied
to, utilities, cellular carriers, internet providers, etc.)?
Michael Jay’s Data Masking Golden Rule
“Do unto your company’s corporate data assets as you
would have your banker, healthcare provider, or retailer
do unto your personal information.”
(Use this as your compass to navigate)
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 8
All rights reserved
4
7. Tuesday, September 04, 2012
Information Obfuscation
Data Masking Golden Rule
To put Information-obfuscation (Data-masking) into
perspective simply think about yourself:
How many vendors or service-providers have your
personal information (banks, mortgage holders
physicians, pharmacies, retailers, schools you applied
to, utilities, cellular carriers, internet providers, etc.)?
Michael Jay’s Data Masking Golden Rule
“Do unto your company’s corporate data-assets as you
would have your banker, healthcare provider, or retailer
do unto your personal information.”
(Use this as your compass to navigate)
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 9
All rights reserved
Defining Information Obfuscation
Definition
Information Obfuscation is the effort in both business
operations and non-production systems to protect business
confidential and restricted data from easy access or
visibility by unauthorized parties.
Framework
For our purposes, obfuscation includes access
management, data masking, encryption of data-at-rest
(DAR) and encryption of data-in-transit including
principles for protecting business communications.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 10
All rights reserved
5
8. Tuesday, September 04, 2012
Information Obfuscation
Information Classification
Sensitive Data
“Sensitive” is a broad term for information considered to be
a business trade-secret; or consider “private” by regulatory
rule, legal act, or trade association (i.e.: GLBA, HIPAA,
FFIEC, PCI, PHI, PII).
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 11
All rights reserved
Information Classification
Information Classification Levels
Public – non-sensitive data, disclosure will not violate
privacy rights
Internal Use Only – generally available to employees and
approved non-employees. May require a non-disclosure
agreement.
Confidential – intended for use only by specified employee
groups. Disclosure may compromise an organization,
customer, or employee.
Restricted – very sensitive, intended for use only by named
individuals.
Sealed – extremely sensitive, irreparable destruction of
confidence in and reputation of the organization
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 12
All rights reserved
6
9. Tuesday, September 04, 2012
Information Obfuscation
Information Classification
Information Classification Levels
Public – non-sensitive data, disclosure will not violate
privacy rights
Internal Use Only – generally available to employees and
approved non-employees. May require a non-disclosure
PII (Personally Identifiable Information) will
agreement.
vary based on your company, your industry,
Confidential – intended for use only by specified employee
government regulations, and jurisdiction.
groups. Disclosure may compromise an organization,
customer, or employee.
Restricted – very sensitive, intended for use only by named
individuals.
Sealed – extremely sensitive, irreparable destruction of
confidence in and reputation of the organization
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 13
All rights reserved
Who is Responsible
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 14
All rights reserved
7
10. Tuesday, September 04, 2012
Information Obfuscation
Who is Responsible
You are!
No matter your role in the organization, you are
responsible for protecting the “corporate data-assets.”
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 15
All rights reserved
Who is Responsible
You are!
No matter your role in the organization, you are
responsible for protecting the “corporate data-assets.”
Everyone else is also Responsible
All of your peers are also responsible for protecting the
Corporate Data-Assets.
However, you don’t have control over your peers, only
over your own vigilance and how you make your
management aware of any concerns, risk, or issues with the
security of the corporate data-assets.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 16
All rights reserved
8
11. Tuesday, September 04, 2012
Information Obfuscation
Defining a Common Language
Information Obfuscation
Information Obfuscation (or Data Masking) is the practice
of concealing, restricting, fabricating, encrypting, or
otherwise obscuring sensitive data.
This is usually thought of in the context of non-production
systems but it really encompasses the full information
management lifecycle from on boarding of data to
developing new functionality to archiving and purging
historical data.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 17
All rights reserved
Defining a Common Language
Communication
The Business-Information Owner, Project Stakeholders,
Development Teams, and Support Teams need to use a
common language when discussing the various obfuscation
methods and where in the environment lifecycle an action
will occur.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 18
All rights reserved
9
12. Tuesday, September 04, 2012
Information Obfuscation
Defining a Common Language
Communication
The Business-Information Owner, Project Stakeholders,
Development Teams, and Support Teams need to use a
common language when discussing the various obfuscation
methodssimple phrasethe environment lifecycle an action
The and where in ‘Just mask the data’ does
will occur.
not address what to mask, how to mask, where to
mask, or who is responsible for understanding
the impact masking will have on business
functionality.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 19
All rights reserved
Common Language – Environment Lifecycle
Common Environments
1. Development – Code is created, modified and unit tested
2. Testing / QA – System, integration, & regression testing
3. User Acceptance (UAT) – Business-user validation
Test new business requirements and regression test
existing functionality
4. Business Operations – Day-to-day business
environment
5. Business Support – Replicate and troubleshoot business
issues
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 20
All rights reserved
10
13. Tuesday, September 04, 2012
Information Obfuscation
Common Language – Environment Lifecycle
Common Environments
1. Development – Code is created, modified and unit tested
2. Testing / QA – System, integration, & regression testing
3. User Acceptance (UAT) – Business-user validation
Question for Another Time
Test new business requirements and regression some
“Which of these environments will hold test
existing functionality
level of “sensitive-data” and which are
4. Business Operations – Day-to-day business
maintained as “Production Environments?”
environment
5. Business Support – Replicate and troubleshoot business
issues
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 21
All rights reserved
Common Language – Environment Lifecycle
Other Possible Environments
Isolated On-boarding – When data from 3rd party
partners are transitioned in, there may requirements for a
secured environment to cleanse and prepare data for
integration into the business operations environments
Isolated Data-Masking – Unmasked Confidential and
Restricted Data should not be transferred to nonproduction environments. A separate secure environment
allows for standardized data masking in-place
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 22
All rights reserved
11
14. Tuesday, September 04, 2012
Information Obfuscation
Common Language – Environment Lifecycle
Other Possible Environments
Isolated On-boarding – When data from 3rd party
partners are transitioned in, there may requirements for a
secured environment to cleanse and prepare data for
integration into the business operations environments
Isolated Data-Masking – Unmasked Confidential and
Restricted Data should not be transferred to nonproduction environments. A separate secure environment
allows for standardized data masking in-place
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 23
All rights reserved
Common Language – Environment Lifecycle
Other Possible Environments
Isolated On-boarding – When data from 3rd party
partners are transitioned in, there may requirements for a
secured environment to cleanse and prepare data for
Example
integration into the business operations environments.
Isolated Data-Masking – Unmasked Confidential and
A mortgage service provider staging loans when
Restricted Data should not be transferred to nonthe servicing responsibility has not officially
production environments. A separate secure environment
transferred.
allows for standardized data masking in-place
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 24
All rights reserved
12
15. Tuesday, September 04, 2012
Information Obfuscation
Common Language – Environment Lifecycle
Other Possible Environments
Isolated On-boarding – When data from 3rd party
partners are transitioned in, there may requirements for a
secured environment to cleanse and prepare data for
Example
integration into the business operations environments.
Isolated Data-Masking – Unmasked Confidential and
A mortgage service provider staging loans when
Restricted Data should not be transferred to nonthe servicing responsibility has not officially
production environments. A separate secure environment
transferred.
allows for standardized data masking in-place
Do you consider this to be “production data?”
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 25
All rights reserved
Common Language – Environment Lifecycle
Other Possible Environments
Isolated On-boarding – When data from 3rd party
partners are transitioned in, there may requirements for a
secured environment to cleanse and prepare data for
integration into the business operations environments
Isolated Data-Masking – Unmasked Confidential and
Restricted Data should not be transferred to nonproduction environments. A separate secure environment
allows for standardized data masking in-place
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 26
All rights reserved
13
16. Tuesday, September 04, 2012
Information Obfuscation
Common Language – Environment Lifecycle
Other Possible Environments
Isolated On-boarding – When data from 3rd party
partners are transitioned in, there may requirements for a
secured environment to cleanse and prepare data for
integration into the business operations environments
Isolated Data-Masking – Unmasked Example and
Confidential
Company policies often state sensitive data may
Restricted Data should not be transferred to nonnot be stored in non-production environments.
production environments. A separate secure environment
Moving standardized data masking in-place
allows for data to “development” or “test” environments
before masking would violate such company policies.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 27
All rights reserved
Common Language – Environment Lifecycle
Other Possible Environments
Isolated On-boarding – When data from 3rd party
partners are transitioned in, there may requirements for a
secured environment to cleanse and prepare data for
integration into the business operations environments
Isolated Data-Masking – Unmasked Confidential and
Restricted Data should not be transferred to nonproduction environments. A separate secure environment
allows for standardized data masking in-place
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 28
All rights reserved
14
17. Tuesday, September 04, 2012
Information Obfuscation
Common Language – Masking Taxonomy
Methods of Obfuscating Information
Pruning Data
Concealing Data
Fabricating Data
Trimming Data
Encrypting Data
Separating Data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 29
All rights reserved
Common Language – Masking Taxonomy
Methods of Obfuscating Information
Pruning Data
Concealing Data
Fabricating Data
Trimming Data
Encrypting Data
Separating Data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 30
All rights reserved
15
18. Tuesday, September 04, 2012
Information Obfuscation
Data Movement
Encrypted
Data Storage
Encrypted
Encrypted
Development Environment
Common Language – Where to Obfuscate
Data Movement – Data can be removed, shorten, or encrypted
Data Stores – Data can be encrypted , data-at-rest (DAR)
Interactive User Interfaces – Only show required data or portions
of attributes for identification (i.e. account#, license#, SS#)
Static Reporting – More restrictive than Interactive User Interfaces
MJFreer@QualityBI.com
(954) 249-1530
Slide# 31
All rights reserved
Michael Jay Freer
Data Movement
Encrypted
Data Storage
Encrypted
Encrypted
Development Environment
Common Language – Where to Obfuscate
Data Movement – Data can be removed, shorten, or encrypted
Data Stores – Data can be encrypted , data-at-rest (DAR)
Interactive User Interfaces – Only show required data or portions
of attributes for identification (i.e. account#, license#, SS#)
Static Reporting – More restrictive than Interactive User Interfaces
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 32
All rights reserved
16
19. Tuesday, September 04, 2012
Information Obfuscation
Data Movement
Encrypted
Data Storage
Encrypted
Encrypted
Development Environment
Common Language – Where to Obfuscate
Data Movement – Data can be removed, shorten, or encrypted
Data Stores – Data can be encrypted , data-at-rest (DAR)
Interactive User Interfaces – Only show required data or portions
of attributes for identification (i.e. account#, license#, SS#)
Static Reporting – More restrictive than Interactive User Interfaces
MJFreer@QualityBI.com
(954) 249-1530
Slide# 33
All rights reserved
Michael Jay Freer
Data Movement
Encrypted
Data Storage
Encrypted
Encrypted
Development Environment
Common Language – Where to Obfuscate
Data Movement – Data can be removed, shorten, or encrypted
Data Stores – Data can be encrypted , data-at-rest (DAR)
Interactive User Interfaces – Only show required data or portions
of attributes for identification (i.e. account#, license#, SS#)
Static Reporting – More restrictive than Interactive User Interfaces
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 34
All rights reserved
17
20. Tuesday, September 04, 2012
Information Obfuscation
Data Movement
Data Storage
Encrypted
Encrypted
Encrypted
Development Environment
Common Language – Where to Obfuscate
Data Movement – Data can be removed, shorten, or encrypted
Data Stores – Data can be encrypted , data-at-rest (DAR)
Interactive User Interfaces – Only show required data or portions
of attributes for identification (i.e. account#, license#, SS#)
Static Reporting – More restrictive than Interactive User Interfaces
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 35
All rights reserved
Common Language – Masking Taxonomy
Methods of Obfuscating Information
Pruning Data
Concealing Data
Fabricating Data
Trimming Data
Encrypting Data
Separating Data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 36
All rights reserved
18
21. Tuesday, September 04, 2012
Information Obfuscation
Data Movement
Data Storage
Encrypted
Encrypted
Encrypted
Development Environment
Common Language – Pruning Data
Pruning Data: Removes sensitive data from attributes
in non-production environments. The attribute will still
appear on data entry screens and reporting but be left blank.
MJFreer@QualityBI.com
(954) 249-1530
Slide# 37
All rights reserved
Michael Jay Freer
Data Movement
Encrypted
Example
Executive Salaries: Employee personnel records
Data Storage
Encrypted
Encrypted
Development Environment
Common Language – Pruning Data
can de-identify by changing Emp#, SS#, from attributes
Pruning Data: Removes sensitive data& names but
executive management records are attribute will still
in non-production environments. Theeasily tied back to
the on data entry hierarchy (e.g., top 10 salaries).
appearorganizational screens and reporting but be left blank.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 38
All rights reserved
19
22. Tuesday, September 04, 2012
Information Obfuscation
Data Movement
Data Storage
Encrypted
Encrypted
Encrypted
Development Environment
Common Language – Concealing Data
Concealing Data: Removes sensitive data from user
access and visibility. For data entry screens and reports, the
attribute does not appear at all versus being Pruned (blank).
Concealing data depends on clear rules for Access, Authentication, and
Accountability.
MJFreer@QualityBI.com
(954) 249-1530
Slide# 39
All rights reserved
Michael Jay Freer
Data Movement
Encrypted
Example
Data Storage
Encrypted
Encrypted
Development Environment
Common Language – Concealing Data
Bank / Loan Account#: Bank web sites generally
Concealing Data: Removes sensitivethe accountuser
do not display account numbers even to data from
access and visibility. For data entry screens and reports, the
holder.
attribute does not appear at all versus being Pruned (blank).
Concealing data depends on clear rules for Access, Authentication, and
Accountability.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 40
All rights reserved
20
23. Tuesday, September 04, 2012
Information Obfuscation
Data Movement
Data Storage
Encrypted
Encrypted
Encrypted
Development Environment
Common Language – Fabricating Data
Fabricating Data:
1) Creating data to replace sensitive data
2) Creating data to facilitate full functional testing
3) Creating date for negative testing (error handling)
MJFreer@QualityBI.com
(954) 249-1530
Slide# 41
All rights reserved
Michael Jay Freer
Data Movement
Data Storage
Encrypted
Encrypted
Example
Contact ame or ID#:
Encrypted
Development Environment
Common Language – Fabricating Data
Replacing contact name and ID# is the standard
Fabricating de-identifying customer and employee
method for Data:
records.
1) Creating data to replace sensitive data
2) Creating data to facilitate full functional testing
3) Creating date for negative testing (error handling)
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 42
All rights reserved
21
24. Tuesday, September 04, 2012
Information Obfuscation
Data Movement
Data Storage
Encrypted
Encrypted
Encrypted
Development Environment
Common Language – Trimming Data
Trimming Data: Removes part of an attribute’s value
versus Pruning which removes the entire attribute value.
MJFreer@QualityBI.com
(954) 249-1530
Slide# 43
All rights reserved
Michael Jay Freer
Data Movement
Social Security# and Credit Card#:
Encrypted
Example
Data Storage
Encrypted
Encrypted
Development Environment
Common Language – Trimming Data
Changing
TrimmingSSN# from 123-45-6789 toan attribute’s value
Data: Removes part of XXX-XX-6789
(or a new attribute = 6789) so that only part of the
versus Pruning which removes the entire attribute value.
information is available, usually for identification.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 44
All rights reserved
22
25. Tuesday, September 04, 2012
Information Obfuscation
Data Movement
Encrypted
Data Storage
Encrypted
Encrypted
Development Environment
Common Language – Encrypting Data
Encrypting Data: Encryption can be done at the
attribute, table, or database levels
(Encrypted data can be decrypted back to the original value)
MJFreer@QualityBI.com
(954) 249-1530
Slide# 45
All rights reserved
Michael Jay Freer
Example
Data Storage
Encrypted
Credit Card#: Credit card numbers are often encrypted
Data Movement
Encrypted
Development Environment
Common Language – Encrypting Data
Encrypted
for data transmission for PCI DSS compliance.
Encrypting credit card numbers at rest (DAR) provides
additional security.
Credit Card# is Data: Encryption can that often falls
Encrypting an example of an attribute be done at theinto
multiple Obfuscation Methods.
attribute, table, or database levels
(Encrypted data can be decrypted back to the original value)
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 46
All rights reserved
23
26. Tuesday, September 04, 2012
Information Obfuscation
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 47
All rights reserved
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 48
All rights reserved
24
27. Tuesday, September 04, 2012
Information Obfuscation
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 49
All rights reserved
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 50
All rights reserved
25
28. Tuesday, September 04, 2012
Information Obfuscation
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 51
All rights reserved
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 52
All rights reserved
26
29. Tuesday, September 04, 2012
Information Obfuscation
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 53
All rights reserved
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 54
All rights reserved
27
30. Tuesday, September 04, 2012
Information Obfuscation
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 55
All rights reserved
Move Sensitive Data
to a Secured Table
Common Language – Separating Data
Data Separation: Moves sensitive data into multiple
tables. Data can still be joined but Sensitive and Nonsensitive attributes do not reside in a single record.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 56
All rights reserved
28
31. Tuesday, September 04, 2012
Information Obfuscation
Common Language – Masking Taxonomy
Prune – Removes values from non-production systems. Attribute
appears on data entry screens and reporting but are blank.
Conceal – Removes sensitive data from user access or visibility. For
data entry screens and reports, the attribute may not appear at all or be
obscured versus being Pruned (blank).
Fabricate – Creating data to replace sensitive data and facilitate
proper application testing.
Trim – Removes part of a data attribute’s value (Pruning removes the
entire attribute value)
Encrypt – Unlike Fabricated Data, encrypted data can be decrypted
back to the original value.
Data Separation – Moves specific segments of data or individual
datum into separate tables / databases to limit user access or visibility
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 57
All rights reserved
Development Staff
Quality Assurance
Issue Support Staff
Business End-User Access
Matrix – Method, Environment, Access
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 58
All rights reserved
29
32. Tuesday, September 04, 2012
Information Obfuscation
Matrix – Method, Environment, Access
User Groups
Development Staff
Quality Assurance
Issue Support Staff
Business End-User Access
Environments
Obfuscation Method
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 59
All rights reserved
No Access to Data
Development Staff
Quality Assurance
Issue Support Staff
Business End-User Access
Matrix – Method, Environment, Access
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 60
All rights reserved
30
33. Tuesday, September 04, 2012
Information Obfuscation
Last Four Digits
Development Staff
Quality Assurance
Issue Support Staff
Business End-User Access
Matrix – Method, Environment, Access
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 61
All rights reserved
Fabricate Data
Development Staff
Quality Assurance
Issue Support Staff
Business End-User Access
Matrix – Method, Environment, Access
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 62
All rights reserved
31
34. Tuesday, September 04, 2012
Information Obfuscation
Not Acknowledged
Development Staff
Quality Assurance
Issue Support Staff
Business End-User Access
Matrix – Method, Environment, Access
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 63
All rights reserved
Development Staff
Quality Assurance
Issue Support Staff
Business End-User Access
Matrix – Method, Environment, Access
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 64
All rights reserved
32
35. Tuesday, September 04, 2012
Information Obfuscation
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
3) Existing production data may not contain all possible values
or permutations of data so full positive testing will also
require some level of fabricated data
4) Full regression testing will require a standardized test set
including the items above and is likely to be a combination of
fabricated and masked data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 65
All rights reserved
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
3) Existing production data may not contain all possible values
or permutations of data so full positive testing will also
require some level of fabricated data
4) Full regression testing will require a standardized test set
including the items above and is likely to be a combination of
fabricated and masked data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 66
All rights reserved
33
36. Tuesday, September 04, 2012
Information Obfuscation
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
3) Existing production data may not contain all possible values
or permutations of data so full positive testing will also
require some level of fabricated data
4) Full regression testing will require a standardized test set
including the items above and is likely to be a combination of
fabricated and masked data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 67
All rights reserved
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
If your source data has already been cleansed, how would
3) Existing production data may not contain all possible values
youpermutations of data so full positive testing will also
test for exceptions (negative testing)?
or
require some level of fabricated data
Based on functional-requirements, negative tests should
4)be created for everything outside a standardized test set
Full regression testing will require expected ranges.
including the items above and is likely to be a combination of
fabricated and masked data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 68
All rights reserved
34
37. Tuesday, September 04, 2012
Information Obfuscation
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
3) Existing production data may not contain all possible values
or permutations of data so full positive testing will also
require some level of fabricated data
4) Full regression testing will require a standardized test set
including the items above and is likely to be a combination of
fabricated and masked data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 69
All rights reserved
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
3) Existing production data may not contain all possible values
or permutations of data so full positive testing will also
require some level of fabricated data
4) Full regression testing will require a standardized test set
including the items above and is likely to be a combination of
fabricated and masked data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 70
All rights reserved
35
38. Tuesday, September 04, 2012
Information Obfuscation
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
3) Existing production data may not contain all possible values
or permutations of data so full positive and as regulations
As systems become more complex testing will also
require some level of fabricated datadata sets for situations
increase, functional tests require
4) Full regression testing will require a standardized test set
not yet present within the production data.
including the items above and is likely to be a combination of
fabricated and masked data
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 71
All rights reserved
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
3) Existing production data may not contain all possible values
or permutations of data so full positive testing will also
require some level of fabricated data
4) Full regression testing will require a standardized test set,
including the items above, and is likely to be a combination
of fabricated and masked data (de-identified records)
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 72
All rights reserved
36
39. Tuesday, September 04, 2012
Information Obfuscation
Data-Centric Development
Projects that center around data analysis (i.e.: dashboards, BI,
data-marts / warehouses, etc.) often claim that they must have
“production data” to develop the solution.
It is true that the business will need production data for user
acceptance testing (UAT) but let’s consider a few other facts:
1) Negative testing will require fabricated data
2) New functionality will also likely require fabricated data
3) Existing production data may not contain all for source
Leverage test-datasets already created possible values
or permutations of data so full positive testing will also
systems.
require some level of fabricated data
4) Full regression testing will require a standardized test set,
including the items above, and is likely to be a combination
of fabricated and masked data (de-identified records)
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 73
All rights reserved
Governance
Data stewardship is a key success factor for good data
governance and in this case for good information
obfuscation.
No one person will be aware of every government
regulation, trade association guideline, business functional
requirement, or company policy.
Include representatives from data stewardship, security,
internal audit, and quality assurance teams in your solution
planning and project development teams.
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 74
All rights reserved
37
40. Tuesday, September 04, 2012
Information Obfuscation
Information Obfuscation Summary
1. Obfuscation occurs throughout the information lifecycle
not just in non-production environments
2. Everyone is responsible for protecting the corporate data
assets and the best data security tool is vigilance
3. Use a defined language to communicate who, what,
where, when, and how obfuscation will occur
4. Make Information Obfuscation part of your
organization’s business-as-usual (BAU) processes
5. Follow Michael Jay’s Data Masking Golden Rule
“Do unto your company’s corporate data assets as you
would have your banker, healthcare provider, or retailer
do unto your personal information.”
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 75
All rights reserved
Information Obfuscation Summary
1. Obfuscation occurs throughout the information lifecycle
not just in non-production environments
2. Everyone is responsible for protecting the corporate data
assets and the best data security tool is vigilance
3. Use a defined language to communicate who, what,
where, when, and how obfuscation will occur
4. Make Information Obfuscation part of your
organization’s business-as-usual (BAU) processes
5. Follow Michael Jay’s Data Masking Golden Rule
“Do unto your company’s corporate data assets as you
would have your banker, healthcare provider, or retailer
do unto your personal information.”
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 76
All rights reserved
38
41. Tuesday, September 04, 2012
Information Obfuscation
Information Obfuscation Summary
1. Obfuscation occurs throughout the information lifecycle
not just in non-production environments
2. Everyone is responsible for protecting the corporate data
assets and the best data security tool is vigilance
3. Use a defined language to communicate who, what,
where, when, and how obfuscation will occur
4. Make Information Obfuscation part of your
organization’s business-as-usual (BAU) processes
5. Follow Michael Jay’s Data Masking Golden Rule
“Do unto your company’s corporate data assets as you
would have your banker, healthcare provider, or retailer
do unto your personal information.”
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 77
All rights reserved
Information Obfuscation Summary
1. Obfuscation occurs throughout the information lifecycle
not just in non-production environments
2. Everyone is responsible for protecting the corporate data
assets and the best data security tool is vigilance
3. Use a defined language to communicate who, what,
where, when, and how obfuscation will occur
4. Make Information Obfuscation part of your
organization’s business-as-usual (BAU) processes
5. Follow Michael Jay’s Data Masking Golden Rule
“Do unto your company’s corporate data assets as you
would have your banker, healthcare provider, or retailer
do unto your personal information.”
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 78
All rights reserved
39
42. Tuesday, September 04, 2012
Information Obfuscation
Information Obfuscation Summary
1. Obfuscation occurs throughout the information lifecycle
not just in non-production environments
2. Everyone is responsible for protecting the corporate data
assets and the best data security tool is vigilance
3. Use a defined language to communicate who, what,
where, when, and how obfuscation will occur
4. Make Information Obfuscation part of your
organization’s business-as-usual (BAU) processes
5. Follow Michael Jay’s Data Masking Golden Rule
“Do unto your company’s corporate data assets as you
would have your banker, healthcare provider, or retailer
do unto your personal information.”
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 79
All rights reserved
Information Obfuscation Summary
1. Obfuscation occurs throughout the information lifecycle
not just in non-production environments
2. Everyone is responsible for protecting the corporate data
assets and the best data security tool is vigilance
3. Use a defined language to communicate who, what,
where, when, and how obfuscation will occur
4. Make Information Obfuscation part of your
organization’s business-as-usual (BAU) processes
5. Follow Michael Jay’s Data Masking Golden Rule
“Do unto your company’s corporate data-assets as you
would have your banker, healthcare provider, or retailer
do unto your personal information.”
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 80
All rights reserved
40
43. Tuesday, September 04, 2012
Information Obfuscation
Questions?
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 81
All rights reserved
Thank You!
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 82
All rights reserved
41
44. Tuesday, September 04, 2012
Information Obfuscation
Appendix
Reference Material
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer
Slide# 83
All rights reserved
Legal & Regulatory Alphabet Soup (Sampling)
GLBA – The Gramm–Leach–Bliley Act allowed consolidation
of commercial & investment banks, securities, & insurance co.
PPI – Nonpublic Personal Information - Financial
consumer’s personally identifiable information (see GLBA)
OCC – Office of the Controller of Currency regulates banks.
PCI – Payment Card Industry; defines Data Security Standard
(PCI DSS) processing, storage, or transmitting credit card info.
PHI – Patient Health Information - Dept of Health & Human
Services (“HHS”) Privacy Rule (see HIPAA).
PII – Personally Identifiable Information; used to uniquely
identify an individual. (Legal definitions vary by jurisdiction.)
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 84
All rights reserved
42
45. Tuesday, September 04, 2012
Information Obfuscation
Sample Cross Reference Chart
Data Point
Customer - The Fact That an Individual is a Customer **
First, or Last Name *; Mother's Maiden Name
Country, State, Or City Of Residence *
Telephone# (Home, Cell, Fax)
Birthday, Birthplace, Age, Gender, or Race *
++
Social Security#, Account#, Driver's License#, National ID
Passport#, Issuing Country
Credit Card Numbers, Expiration Date, Credit Card Security Code
Credit Card Purchase
Grades, Salary, or Job Position *
Vehicle Identifiers, Serial Numbers, License Plate Numbers
Email - Electronic Mail Addresses; IP Address, Web URLs
Biometric Identifiers, Face, Fingerprints, or Handwriting
Dates - All Elements of Dates (Except Year +)
Medical Record#, Genetic Information, Health Plan Beneficiary#
PCI
PII
PPI PHI
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
* More likely used in combination with other personal data
** GLBA regulation to fall into the “Restricted” classification
+ All elements of dates (including year) if age 90 or older
++ Varies by Jurisdiction
MJFreer@QualityBI.com
(954) 249-1530
Michael Jay Freer (MJFreer@Comcast.net)
(954) 2491530
Michael Jay Freer
Slide# 85
All rights reserved
43