Posts Tagged ‘encryption’

Is Data Masking better than Encryption?

November 11, 2011 Leave a comment
Is Data Masking better than Encryption?

Data masking vs Encryption. Is one better than another? No, they are two parts of a whole

By Vitaly Dubravin

Strange question, isn’t it? Data masking and encryption are like apples and oranges, but the question is not strange at all. There are many similarities between both technologies, though the differences are substantial. Each of them is designed to ensure data protection, which can be substantially improved when both are used in synergy.

Data encryption is the process of transforming information using some algorithm (a cipher) to make it unreadable to anyone except those possessing a key. It is widely used to protect files on a local, network or cloud disk drives (EFS, PIE), Network communications (IPSEC, VPN) or just a web/email traffic protection (TLS/SSL). All these technologies are designed to secure communication/storage media from the intruders, though provide limited ability to control data privacy on a very granular level (like a database record). There are known methods to make an encrypted document accessible by the multiple people with individual keys, but it requires an expensive investment into the security infrastructure and becomes impractical when applied to the database. Data encryption ensures that only people who should have access to the data will gain safe access to the datasets, including the ones they are not suppose to see. Data encryption is not designed to address a role based security problem.

Read more…