Skip to main content

Dynamic Masking - RDBMS

In PK Protect, go to RDBMS > Dynamic Masking > Add New Task Definition. The following screenshot depicts the user interface for creating a masking task.

Perform the following steps to create a task:

  1. On selecting Task in the Task Details section, enter a unique task name in Task Name field and a brief description in Task Description field. Both these field supports numeric and character values. The Task Description can hold up to 254 characters.

     

  2. Select the attribute name from the Task Attribute drop-down. This option allows to add tags to the created task.

     

  3. The Select Connections panel lists down all the available connections. To create a new connection for any data source, click the + Add New Connection button. To know more about how to create and manage connections, refer to Section 4 Connection Manager in PK Protect User Guide.

    Perform the below steps for selecting the connections:

    1. Click the Select Group drop-down and select the option to sort the available connections. It displays five options: 

       

      1. Connection IDP: Categorizes the available connections based on the types of IDPs available, i.e., Masking.

      2. Connection Type: Categorizes the available connections based on the type of server connected to, i.e., Oracle, SQL server, and MySQL.

      3. Host Name: Categorizes the list of available connections based on Host Names.

      4. Location: Categorizes the available connections based on the location of the target source system server, i.e., On-Premises and Cloud.

      5. User Name: Categorizes the list of available connections based on the Usernames.

    2. The Select Group Value drop-down display the values based on the selection made in the Select Group drop-down.

       

    3. To select a connection, check the checkbox available with the connection name. To edit a connection detail, click the Pen icon in the Actions column.

       

    4. The Test button enables you to test the connection before executing a task. It will show a pop-up on successful completion of testing. The Test button is enabled when you select a connection by checking the checkbox.

       

  4. Select either Policy-based Masking (Recommended) or Column-based Masking (Advanced) in the Select option.

     

  5. In Policy-Based Masking panel, data can be masked with or without running a detection task.

    1. With Detection Results: If you opt this option, a detection task on the database needs to be executed before executing a masking task.

      Perform the below steps:

      1. Select the policies in the Compliance Policies panel. Click Pen icon in the Actions column to edit the selected policy.

        *Note: Only the policies which are created for dynamic masking gets listed under the Compliance Policies panel.

      2. Select the database in the Select Schema/DB panel by checking the checkbox available with the database name.

      3. Click the Apply Policy button. On clicking the Apply Policy button, the Selected Columns for Masking panel displays the list of all column names in which data need to be masked.  
                          

    2. Without Detection Results: If you opt this option, you can mask the data without executing a detection task. You need to define a structure and domain for the database before executing the masking task. To know more, refer to Section 12 Domain and Section 13 Structure Management in PK Protect User Guide.

      Perform the below steps:

      1. Select the policies in the Compliance Policies panel. Click this Pen icon in the Actions column to edit the selected policy.

        *Note: Only the policies which are created for dynamic masking gets listed under the Compliance Policies panel.

      2. Select the database in the Select Schema/DB panel by checking the checkbox available with the database name.

      3. Click the Apply Policy button. On clicking the Apply Policy button, the Selected Columns for Masking panel displays the list of all column names in which data need to be masked.

  6. If Column-based Masking (Advanced) option is opted, then masking can be applied on the selective columns of the database by specifying the type of masking or encryption option.

     

    1. Policy Groups: To apply dynamic masking on columns, select at least one Policy Group from Select Policy Group (Required) section. The Policy Groups are configured on the proxy server. 

      1. To select Policy Group(s), select the checkbox(es) available with the policy group name(s).

      2. The selected policy group(s) will get displayed on the right section of the panel.

    2. Apply masking options based on Columns: You can apply masking options on the selective columns of the database by specifying the type of masking or encryption. Perform the below steps: 

       

      1. Select a database in the Select Schema/DB panel. This panel displays the list of all databases for the selected connections. 

         

      2. On selecting a database, the list of tables gets populated in the Select Table panel. This panel displays all the available tables for the selected database.

         

      3. On selecting a table, the list of columns gets populated in the Apply Masking panel. This panel displays the names of the columns and their datatypes. In this panel, you can select the Masking Options to perform dynamic masking.

        For detailed information on all the available masking options in PK Protect refer section Masking Options

         

      4. You can apply masking to the column by selecting the masking option from the Select Masking drop-down against the Column entry.

  7. The columns selected for masking are displayed in the Selected Columns for Masking panel. This panel display the list of all columns and the masking options selected for each column based on which data will be protected. To view any foreign key reference for masking, click the downward arrow next to the checkbox.  You can delete the columns by clicking this icon  under the Actions column.

    You can also populate this panel based on the options available in the Show Columns drop-down. There are four options:

     

  8. Click the Save button to save the task details in the system, else click the Cancel button. Users also have the option to Save & Push the task, which will save the task and push the masking policies to the proxy server.

There are few common controls through which you can sort the values in the column header, hide and unhide the column headers, filter the data, etc. To know more, visit RDBMS Common Controls.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.