Europe is gearing up for the arrival next year (on May 25th, 2018 to be exact) of its new data protection standard, the General Data Protection Regulation (GDPR). While the focus here is regional and it’s European companies that have to respond to the new law, the reality is that data protection is a global issue and stringent regulatory requirements worldwide are making anonymization functionality table stakes both from an operational and data integration and management software perspective.
At DigitalRoute, our response to GDPR (and also to the more general question of data security) is the integration of new ‘data masking’ functionality into the core MediationZone technology. But before we look at it in some detail, let’s briefly step back and clarify the regulatory requirements it’s designed to address.
GDPR guarantees individual telco (and other enterprise) customers a series of rights related to their personal data such as the right to be forgotten, the right to portability and the right of consent before data can be used. Generally, the mandate drives a requirement for Sensitive Data Pseudonymization and that is what Data Masking directly addresses. It also includes a series of harsh penalties for failure to comply.
Our Data Masking technology comes in the form an “agent”. That is a self-contained module within our product that can be inserted as required into one of its configurable workflows. Typically, other workflow agents would account for functions such as collection, forwarding and data processing.
The new Data Masking agent can be deployed in any Use Case where data will be processed in the Cloud (which is the key driver of GPDR, given that it potentially exposes data outside the data centre) but needs to be anonymized so the original source cannot be identified. This will help companies comply with the new regulation in the area of data protection because it lets them make sure their customer’s personal data can only be accessed in a controlled manner.
Data Masking works by allowing the user to select fields of data that need to be protected to be mapped in a configurable Masking Profile. This means the relevant information can be.
- Anonymized – one-way, non-reversible.
- Pseudonymized – where original values are stored or encrypted and data can subsequently be de-masked (reversible).
Masking also makes it possible to create synthetic data, information that is persistently stored and used to conduct business processes but which is not obtained by direct measurement. When pseudonymizing data, different storage options are available to fit user requirements in terms of cost, performance, volume and scalability.
In addition to its role in regulatory compliance, DigitalRoute data masking technology delivers advantages including:
- An easy way to mask data by drag-and-drop of an agent to a workflow.
- Easy to adapt to any type of masking situations, making it possible to solve any requirement.
- Different storage options available to support the customer’s requirements.
- Does not require any coding. The agent itself does all the mapping for the user.
While performance numbers are highly dependent on the specific use case (or the nature of the workflow in which the masking agent is placed), in testing a single real-time workflow with 3 fields masked / de-masked per record, on Intel I7 2.1Ghz CPU, 16GB Ram, SSD Disk the agent processed 15-30,000 records per second based on total volume of 1 million records.
As we noted earlier, GPDR is making the issue of Data Anonymization table stakes, particularly as the penalty for failing to comply with regulatory requirements is punitive. If you’d like to speak to us to learn more details about our new agent and and learn how it can help you address GDPR and other similar requlatory requirements in a fast, cost-effective and self-sufficient way please respond via the link below.
Read the next blog post in this series: