Globalization of business processes as well as advancements in Information Technology have resulted in extensive use of computer based information systems for transmitting and retrieving business related data across physical locations. IT services now enable organizations to manage data across various offices located around the world. Organizations are now able to share customer data with each other without being restricted by geographical boundaries. Further, business needs have driven organizations to resort to outsourcing of certain business services for increasing productivity and efficiency. Outsourcing of business services may entail outsourcing consumer data to foreign countries. As a result of extensive sharing of customer data both within and outside organizations for various purposes, data privacy has become a prime concern for businesses involved in handling sensitive customer data.
Countries around the world are developing regulations designed to support confidentiality. Legislations are being passed insisting that companies outsourcing consumer data to foreign countries assume responsibility for the data. To address the issues of data privacy, various techniques such as Anonymization, Randomization, Perturbation, Cryptographic Approach, Privacy Policy Languages and Data Masking are frequently used in the industry. However, the aforementioned techniques are dependant on type of operating system/software platform or software language in which the customer data has been implemented. Commonly used data masking techniques implemented for maintaining customer privacy involve tasks such as explicitly setting up distinct software environments for masking data pertaining to different operating systems/software platforms.
Commonly used data masking solutions in the industry include offering data masking as a static software solution in the form of a standalone product. Organizations using standalone data masking products have to take care of issues such as deployment of the software product by creating software installers and integrating the product with business processes already in operation. These issues may thereby involve high developmental cost and use of special hardware. Moreover, usage of such a product may include implementing operations for scheduling backups and disaster recovery. Since a data masking software product is physically installed in the software system of an organization using the product, it may face a threat of physical access by unauthorized persons. Also, regular updates or bug fixes become cumbersome, as the standalone product is tightly integrated with other organizational processes. Further, there may be scenarios where use of data masking solution is very minimal involving access by a single application for a limited period of time. In such a case, deployment of a standalone product is a significant overhead for an organization.
In light of the above, there exists a need for a data masking solution that offers real time on-demand masking while maintaining data privacy.