Archive

Posts Tagged ‘proxy’

Dynamic Data Masking Inside Out

Dynamic Data Masking Engine plays an essential role in the Enterprise Security and Data Privacy frameworks

By Vitaly Dubravin

Dynamic Data Masking has grown over the years into a robust and mature product. It has become one of the primary tools to combat private information leaks from production environments. It limits, if not completely eliminates, all sensitive data exposures due to the application security design flaws, inadequate testing, ever changing regulatory requirements and aggressive production release schedule.

It is important to understand that Dynamic Data Masking (DDM) is not a replacement for a traditional data protection and security measures. It was designed to address a very specific but extremely damaging situation when private data gets in the wrong hands. Data Masking works as a proxy that secures only data communication channel and should be deeply integrated with the Enterprise Authentication and Authorization infrastructure as well as network security tools to gain maximum advantage and significantly reduce implementation and operation costs. Read more…

Dynamic Data Masking Engine as an Enterprise Security Proxy

Dynamic Data Masking Engine as an Enterprise Security Proxy

How to reduce application development costs by including dynamic data masking in the data security infrastructure.

By Vitaly Dubravin

Data leaks happen, it’s a fact. These leaks cause reputational damage, they impact day-to-day operations and trigger costly litigation processes for non-compliance. Although there is no solution that guarantees 100% assurance against data leaks there are data protection systems available to help minimize the probability of such an event. Here I’ll explain how a Dynamic Data Masking engine can operate as an Enterprise Security Proxy for all enterprise applications and why it should be a part of system and application design from day one.

Physical database server access should be prohibited and a decent firewall with intrusion detection is a necessary part of design; I’m not going to even consider the possibility of their absence. Most databases expose only one port to applications for data exchange and that single port is the source of most data leaks. Read more…