Our initial experience with Oracle Data Masking Tool
November 07, 2016
Our initial experience with Oracle Data Masking Tool
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Oracle Data Masking and Subsetting
We often send client information to external entities (other agencies, non-profit organizations, etc). While the detailed data is required (they need to be able to drill down from the summary information), there's no need to provide the real name, real SSN, real address, etc. However, we have to maintain referential integrity with the data (that is, if Steve Parker is being masked as John Smith, we need all instances of Steve Parker to yield John Smith). The Oracle Data Masking tool allows us to do just that. We also use it now to create a development/test copy of production data, without risking exposing HIPAA information. Since the access to dev/test environments is not as tight as the access to production, the masking relieves us from worrying about exposing client information in less-secured environments.
- It offers several ways in which you can mask your data; for example, you can choose to replace all names with "real fake names", or choose to replace all SSNs with existing SSNs, but randomly assigned. You control the algorithm.
- It works on non-Oracle databases as well (in our case, we use it for both Oracle and SQL/Server).
- The overhead is minimal (it doesn't take long to run, and it doesn't consume too many system resources.
- The learning curve was not trivial - but we got through it.
- Cost - this product is not cheap.
- We have many compliance regulations we need to adhere to. Without this tool, we were always taking a risk of exposing client information, and get penalized by the State of the Feds (the financial consequences are significant).
- So while the tool doesn't save us money directly, it greatly reduces the risk we had been taking all these years. To some degree, this is much like an insurance policy.
- Given the above, it also allows us to share information with other departments/agencies, in situations where before we simply couldn't take the risk of exposing client information.
We also looked at Delphix: the tool was quite powerful, easy to use, and competitive from a cost standpoint. However, since our entire data warehouse environment is built on the Oracle technology stack, it made sense to us to use the Oracle product here, as it integrates very well with other Oracle database and ETL products.