How to Perform Dynamic Masking
Dynamic Masking is a data masking technique that aims at real-time masking of the data. It changes the data stream so that the requester does not get access to the sensitive data, and no changes to the original data takes place.
Pre-requisites
Following are the pre-requisites:
Controller must be installed. For detailed information about the installation process, refer Install DSM Administrator in Linux and Install DSM Administrator in Windows.
Install Dynamic Masking license in DgAdmin. This will enable the Dynamic Masking component in the PK Protect DSM. To know more on how to install license in Linux and Windows environment, refer Install License in Linux and Install License in Windows.
Steps to Perform Dynamic Masking
Following section specifies the step-by-step procedure of performing Dynamic Masking:
Login to Admin and Configure credentials for Dynamic Masking. To know more on how to configure the settings in Linux and Windows environment, refer Dynamic Masking Configuration in Linux and Dynamic Masking Configuration in Windows.
In the next step, you need to configure different entities for Dynamic Masking. The configuration needs to be done in the sequential manner as given. For detailed information to configure different entities, refer below pointers:
The next step is to create a policy in the PK Protect. Dynamic Masking policies need policy groups and masking options, which are configured under Policy Groups and Masking Methods screens. You can define your policies as well. To know more about each field, refer DBMS Dynamic Masking.
The next step is to create a connection in RDBMS Connection Manager screen for both Masking and Detection. In the Add New Connection screen, select the Location, Service and the Connection Details from given list. Now, fill the details for the selected data source for which you need to create a connection. To know more on how to create a Detection and Masking connection in RDBMS, refer RDBMS Detection Connection and RDBMS Masking Connection.
In the next step, create detection & dynamic masking task in RDBMS. Detection task is optional but highly recommended. If the user has executed the detection task and fetched the details of all the sensitive columns, then the user can create and push the dynamic masking task with the appropriate policy group to the dynamic masking engine. This will automatically create various masking policies for all the detected sensitive columns in Dynamic Masking Config > Masking Policies.
To know more on how to create a Detection and Dynamic Masking task, refer Create RDBMS Detection Task and Create Dynamic Masking Task.In the last step, you can verify the results by connecting to the proxy server via any database client.