.png)
Task
Concept
PK Protect offers unique solutions to determine and safeguard sensitive information on all types of source systems, relational and non-relational databases, with structured and unstructured data, stored on the premises and even in the cloud.
Detection and protection of sensitive data in PK Protect is achieved by executing the tasks on the target source systems. This section discusses the steps to create and execute the tasks on each source system. Every licensed source system is available on the main menu of PK Protect, as depicted below:
*Note: A task can only be executed if the required IDP has been setup and is in “Active” state. To know more on how to create IDPs in both Linux and Windows environment, refer to section Configure IDPs in Linux and Configure IDPs in Windows.
To access the tasks screen for a source system, click <Source System> -> <Task Type> -> TASKS.
For example, to access detection tasks under RDBMS, click RDBMS > Detection > Tasks depicted in the image below:
Source System
The target data store, e.g., RDBMS, HADOOP, NOSQL etc. are termed as source systems.
Task Type
There are two major types of tasks:
Detection: Detection tasks help in obtaining information about where and what type of sensitive data is stored in a source system. To detect sensitive information, it is crucial to define which data entries are to be considered as sensitive elements, e.g., credit card numbers, social security numbers, addresses etc. These sensitive data elements are categorized as Sensitive Types.
There are various out-of-the-box sensitive types for the user to select from as well as options to clone or create custom sensitive types. Different sensitive types can be grouped together under a Policy to refine the sensitive data detection. Please refer to the sections Policy and Sensitive Type for more details.Protection: Masking tasks are used to protect the sensitive data that has been detected using a detection task in the target source system. Users can perform protection and encryption on their data to ensure that sensitive information is not exposed.
PK Protect provides several masking options for securing sensitive data on an organization’s data repositories. The table below shows the masking options available for different data types.
Masking Option Name | Characters | Variable Characters | Number | Clob |
Static mask | X | X | X | X |
Character mask | X | X |
|
|
Format Preservation Mask (FPM) | X | X | X |
|
IntelliMask mask | X | X |
|
|
Random mask | X | X | X |
|
NPI mask | X | X | X |
|
Compose mask | X | X |
|
|
Compose Math Expression mask |
|
| X |
|
Date Synch mask |
| X |
|
|
Name Synch mask |
| X |
|
|
Email Policy mask | X | X |
|
|
Expression mask |
|
| X |
|
Full Name mask |
| X |
|
|
Regular Expression mask | X | X |
|
|
Custom Lookup mask | X | X | X |
|
Custom mask | X | X | X |
|
Shuffle mask | X | X | X |
|
JSON mask |
| X |
| X |
XML mask |
| X |
| X |
AES Encryption/Decryption | X | X |
|
|
FPE Encryption/Decryption | X | X | X |
|
For detailed information on each masking option, refer to Protection Options.
*Note: Options for task types differ based on the type of source system.