Big Data Management Security Guide > Introduction to Big Data Management Security > Data Masking
  

Data Masking

Data masking obscures data based on configurable rules. It prevents unauthorized users from reading sensitive data on the Hadoop cluster. Big Data Management supports different methods of data masking to secure data.
For example, an analyst in the marketing department might need to use production data to conduct analysis, but a mapping developer can test a mapping with masked data. You can set data masking rules to allow the analyst to access production data and rules to allow the mapping developer to access test data that is realistic. Alternatively, an analyst may only need access to some production data and the rest of the data can be masked. You can configure data masking rules that fit your data security requirements.
You can use the following Informatica components and products to secure data on the Hadoop cluster:
Data Masking transformation
The Data Masking transformation changes sensitive production data to realistic test data for non-production environments. The Data Masking transformation modifies source data based on masking techniques that you configure for each column.
For more information bout how to use the Data Masking transformation in the Hadoop environment, see the Informatica Big Data Management User Guide and the Informatica Developer Transformation Guide.
Dynamic Data Masking
When a mapping uses data from a Hadoop source, Dynamic Data Masking acts as a proxy that intercepts requests and data between the Data Integration Service and the cluster. Based on the data masking rules, Dynamic Data Masking might return the original values, masked values, or scrambled values for a mapping to use. The actual data in the cluster is not changed.
For more information about Dynamic Data Masking, see the Informatica Dynamic Data Masking Administrator Guide.
Persistent Data Masking
Persistent Data Masking allows you to mask sensitive and confidential data in non-production systems such as development, test, and training systems.
You can perform data masking on data that is stored in a Hadoop cluster. Additionally, you can mask data during data ingestion in the native or Hadoop environment. Masking rules can replace, scramble, or initialize data. When you create a project, you select masking rules for each table field that you want to mask. When you run the project, the Persistent Data Masking uses the masking rule technique to change the data in the Hadoop cluster. The result is realistic data that you can use for development or testing purposes that is unidentifiable.
For more information about Persistent Data Masking, see the Informatica Test Data Management User Guide and the Informatica Test Data Management Administrator Guide.