Data Anonymization

Various laws and regulations require the anonymization (masking) of personal data, but programmers and QA personnel must have access to the data in order to ensure quality requirements.

Anonymizing data is not without its challenges, handling key field relationships, etc, Further, auditors may dictate that data must be anonymized before arriving into the test system to avoid potential PII data exposures. The ability to anonymize ‘in-flight’ when copying from source to the target environment is desired. By copying ‘in-flight’, such a tool can ensure that anonymization is enforced during the copy process. Data leaving the secured area (production and preproduction) is transferred to target systems without PII exposures. This task is easily performed by tools on the market such as XDM™ by UBS-Hainer.

Unload/Load based procedures have their drawbacks. Conventional methods unload data, apply anonymization rules on the unloaded data and finally load the anonymized data in the target system. Since the data must be transferred to a separate external sequential data store, there is a potential exposure. Not to mention the additional DASD space considerations.

Anonymization requires:

  1. The preparation of the anonymized data. This means the definition of columns to be masked, and the implementation of the modification rules (how will be anonymized/replaced).
  2. The efficient execution of the rules while copying from a secured to an unprotected area.

XDM-CDI™ provides a solution to this problem. It supports the analysis and the identification of critical columns and implements anomymization rules and automatically handles structural and other operational issues through intelligent