Skip to main content

How to Perform Dynamic Masking

Dynamic Masking is a data masking technique that aims at real-time masking of the data. It changes the data stream so that the requester does not get access to the sensitive data, and no changes to the original data takes place.


Following are the pre-requisites:

  1. Controller must be installed. For detailed information about the installation process, refer Install DSM Administrator in Linux and Install DSM Administrator in Windows.

  2. Install Dynamic Masking license in DgAdmin. This will enable the Dynamic Masking component in the PK Protect DSM. To know more on how to install license in Linux and Windows environment, refer Install License in Linux and Install License in Windows.

Steps to Perform Dynamic Masking

Following section specifies the step-by-step procedure of performing Dynamic Masking:

  1. Login to Admin and Configure credentials for Dynamic Masking. To know more on how to configure the settings in Linux and Windows environment, refer Dynamic Masking Configuration in Linux and Dynamic Masking Configuration in Windows.

  2. In the next step, you need to configure different entities for Dynamic Masking. The configuration needs to be done in the sequential manner as given. For detailed information to configure different entities, refer below pointers:

    1. Add LDAP Server

    2. Add New User

    3. Add User to Group

    4. Add New User Group

    5. Add New Devices Group

    6. Add New Device

    7. Add/Remove Device to Group

    8. Add New Device Realm

    9. Add New Policy Key

    10. Add New Masking Method

    11. Add New Masking Policy

    12. Add New Policy Groups

    13. Add New Policy Realms

  3. The next step is to create a policy in the PK Protect. Dynamic Masking policies need policy groups and masking options, which are configured under Policy Groups and Masking Methods screens. You can define your policies as well. To know more about each field, refer DBMS Dynamic Masking.

  4. The next step is to create a connection in RDBMS Connection Manager screen for both Masking and Detection. In the Add New Connection screen, select the Location, Service and the Connection Details from given list. Now, fill the details for the selected data source for which you need to create a connection. To know more on how to create a Detection and Masking connection in RDBMS, refer RDBMS Detection Connection and RDBMS Masking Connection.

  5. In the next step, create detection & dynamic masking task in RDBMS. Detection task is optional but highly recommended. If the user has executed the detection task and fetched the details of all the sensitive columns, then the user can create and push the dynamic masking task with the appropriate policy group to the dynamic masking engine. This will automatically create various masking policies for all the detected sensitive columns in Dynamic Masking Config > Masking Policies.
    To know more on how to create a Detection and Dynamic Masking task, refer Create RDBMS Detection Task and Create Dynamic Masking Task.

  6. In the last step, you can verify the results by connecting to the proxy server via any database client.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.