Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
DECEMBER 2015
Disclaimer
The following is intended to outline our general product direction. It is intended for information
purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
material, code, or functionality, and should not be relied upon in making purchasing decisions. The
development, release, and timing of any features or functionality described for Oracles products
remains at the sole discretion of Oracle.
Standalone
Combined with a Fusion environment refresh that is coordinated with a Taleo Zone
Refresh
The data masking service is available to Oracle Cloud Service customers with a paid subscription to the
data masking service. If you have any questions about your service subscriptions, contact your Oracle
Account Team.
CHARACTERISTIC
DESCRIPTION
Compatible
Release(s):
Release 11 and above for ERP Cloud Service and Sales Cloud Service
Service Type:
Security
Definition:
You have loaded real worker data into a non-production environment using an inbound
integration tool such as HCM Data Loader and want to mask PII before releasing it to
users; or
You previously copied data from your Fusion production environment to a nonproduction environment using the environment refresh service and now want to mask
PII before releasing it to users.
You previously copied data from one Fusion non-production environment to a second
Fusion non-production environment using the environment refresh service and now
want to mask PII before releasing it to users.
Important Note: For the second use case above, customers typically request that data
masking occur as part of the environment refresh service because doing so is an available
option when requesting an environment refresh. If you want data to be masked as part of
the environment refresh service, you should request this as part of your environment refresh
service request and NOT as a standalone data masking request. If your environment refresh
has already been completed, you should use this standalone data masking service
entitlement.
To see the database columns that are masked and the masking techniques applied during
the process, along with sample masked values, review the table in Appendix A. Also see the
appendix for frequently-asked questions (FAQs).
Business Need
Standalone data masking limits access to your workers real PII after it has been migrated
Met:
user acceptance testing with production like data in non-production, while remaining in
compliance with regulatory requirements such as Sarbanes-Oxley, PCI DSS, HIPAA, as well
as numerous other laws and regulations.
Typical
As needed, and timed to support the intended use of the production-like data in a non-
Frequency:
production environment.
Fulfillment
SR and Oracle Support: You file the SR and Oracle Support works with you to ensure the
Method:
request is fulfilled.
Fulfillment
The data masking service is available to HCM Cloud Service customers on Release 10 or
Considerations:
above with a paid subscription to the data masking service. You may request this service for
non-production environments only. Data masking will not be applied to your production
environment.
Plan ahead.
Two weeks advance notice is required. Submit your data masking request at least
two weeks prior to the date needed,
Downtime
Oracle will notify you in advance of any planned downtime. The manner in which data is
masked is the same for all customers. You cannot request that your data be masked in a
specific way.
You will request a fulfillment date when you request standalone data masking. Oracle
makes every attempt to provide the service on the date that you request. If that date is
unavailable, Oracle Support works with you to find an alternative date. You will receive a
planned outage notification which confirms the date and start time for this service.
Oracle cannot not apply data masking if maintenance or any other service is planned for the
environment to be masked. At a minimum, this includes the first weekend of every month
when Monthly Updates are applied to non-production environments. Also, data masking will
not be provided five or fewer days prior to a planned upgrade for the environment. When
requesting a date for data masking, consider these and other services or maintenance
planned for the environment.
The timing of the Fusion HCM data masking service to coordinate with any nonFusion systems planned content migration, cloning or other refresh activities in
order to avoid potential data integrity issues;
Any impact of masked data to downstream processing and systems. For example,
the data masking process truncates all national identifier data rows. Therefore, if
the national identifier field is a mandatory field in some downstream test system,
then validation will fail since no national identifier value exists.
SR Filing
You log a Service Request (SR) to request standalone data masking by completing the
Guidelines:
following steps.
Log on to My Oracle Support (MOS).Select Create SR from the Services Requests section
or tab.
Under the What is the Problem? section, enter Problem Summary = Standalone Data
Masking
Enter Problem Description: Provide a description of why you require standalone data
masking.
Under the Where is the Problem? section, select the Cloud tab and enter the following:
Service Type: Oracle Fusion Global Human Resources Cloud Service
Environment: Select the HCM Cloud Service non-production environment to which data
masking will be applied.
Problem Type: Hosting Services Application -> Data Masking - Standalone
Support Identifier: Defaults to your CSI number.
Click Next and provide requested information, which will be similar to the following items.
1.
Confirm that you have read and understand, HCM Cloud Service Definition
Data Masking Standalone available in My Oracle Support document, Doc ID
1534683.1.
a.
payroll calculation and any process that uses data input values that
would be modified by the data masking process; 2) your test
purpose is to verify interfaces to downstream systems that require
real data that is not modified. Select Yes to confirm you understand
limitations with usage of masked data and want to proceed with this
service request.
1.
1)
Enter the date on which you would like data masking to begin.
2)
Please provide Technical Contact details (Name, Email, Office phone number,
Cell phone number) for the individual that will be able to assist with any
question that may arise, and can be available to test once data masking is
applied.
3)
Please provide any additional information that will help clarify the timing and
special considerations for this request.
Click Next.
Select Severity level 3. Any SR submitted for this type of request will be treated as a nonseverity 1, non-emergency issue.
Click Submit. Once the SR has been fulfilled, the SR will be closed.
SR Template provided
How to Validate
You can confirm that data masking has been applied by querying any person on the
Service
database through the user interface and verifying that their email address is sendmail-test-
Fulfillment:
discard@oracle.com.
Related
Fusion Environment Refresh (P2T/T2T). If you wish to request data masking as part of a
Service(s):
Related
Not applicable
Information on
MOS:
Masking Technique
Masked Value
Random Digits
Nulled
Sample: 4936477859
<null>
Email Addresses
Fixed String
sendmail-test-discard@oracle.com
Phone Numbers
Random Digits
Addresses
Sample:
Address Line 1: Station
Address Line 2: Road
Address Line 3: <null>
Address Line 4: <null>
Postal Code: S031 4NG
Town or City: SOUTHAMPTON
Country: UNITED KINGDON
Dates of Birth
Places of Birth
Nulled
<null>
Dates of Death
Nulled
Person Names
First Name, Middle Name, Last Name: Shuffled Sample: Prabu Ann Chin (masked from
Separately from One Another and across
original name of Elizabeth Mary Jones)
Workers
Documents of Record
Disabilities
Table truncated
Drivers Licenses
Table truncated
Passports
Sample: *K^%KE
Sample:
Visa/Permit Number: K%R+KH@
Visa/Permit Type: Academic Student
National Identifiers
Table truncated
Termination Dates
Nulled
<null>
Sample:
From Date: May 11, 2008
To Date: October 5, 2007
Date Issued: July 9, 2003
Issuing Authority: U#_G
Document of Record ID: TM289384
Issuing Location: I*R@O{C
<null>
Note that the manner in which data is masked is the same for all customers; you cannot request that your
data be masked in a specific way
2.
Your data will look different every time you mask it. This is due to the use of random dates, random
strings, and shuffling. With shuffling, dataeither at the column level or a group of columnsis randomly
reassigned across the database from one row to another. The shuffled values actually exist on the
database and, in the case of addresses where Postal Code, Town or City, and Country are shuffled as a
group, represent a valid combination of values; with shuffling, however, this group of columns is not the
masked persons data.
3.
In many cases, the use of masked data will result in different, noticeable results than the pre-masked data
because the values will be different. In addition, any process that leverages this data may render different
results. Notable examples include:
a.
Email notifications sent from the masked non-production environment are all routed to the same
discard domain, sendmail-test-discard@oracle.com and will not be delivered to individual email
addresses.
b.
Addresses: Masking will shuffle Postal Code, Town or City, and Country values. Therefore,
masked persons on the database may have data that is inconsistent with their assigned home
address. Also, any process that leverages address components will give different results due to
the shuffled values. Examples include processes to determine eligibility, or to perform benefits
and payroll calculations.
c.
Dates of Birth are randomly assigned within a range of January 1, 1945 and December 31,
1990, so worker ages will be different after masking. This impacts age-based reporting and
processing.
d.
Person Names: Components of a persons name are separately shuffled across the database,
so the resulting full name likely will be inconsistent with the assigned persons gender.
e.
Documents of Record, Disabilities, Drivers Licenses, Passports, Visa, Work Permits, and
Termination Dates likely will be unusable by any report or process that leverages them due to the
masking techniques applied to these types of data.
f.
National Identifiers are removed via data masking. Although payroll calculation processes do not
require a National Identifier, payroll reports, pay slips, and outbound payroll extracts will not
contain National Identifiers.
4.
Even though PII is masked, you must continue to practice good data governance and restrict access to
masked data to only those persons whose jobs require it. Some sensitive information, such as
compensation, benefits and performance data, is not masked because it is not personally identifiable. A
determined person with access to masked data still could discover the identities of persons on the masked
database. As a general recommendation, you should not assign to users any security roles that provide
access to masked data, if they do not or will not have access to that same production data when
unmasked.
5.
The data masking process does not mask the user login account for Fusion applications. If you create
user login accounts that could reveal the user (for example, firstname.lastname), it could be possible for a
determined individual to infer the identities of persons on the masked database via that account.
Data masking is available only to HCM customers at Release 10 or higher who have subscribed to the
optional data masking service. Contact your Oracle Account Team if you would like to subscribe to
this service.
2. When will data masking be available for Sales Cloud and ERP customers?
Oracle plans to support data masking for additional Fusion Cloud services with Release 11.
3. What data is masked and how is it masked?
See Appendix A in this document on My Oracle Support. The data masking service entitlement
focuses on masking personally identifiable information (PII).
4. Were implementing ERP and HCM in the same Cloud environment. Whats the impact of data
masking in this case?
All data will be masked identically, regardless of the Fusion application which uses it or from which it
originated. Data masking rules are defined at the column level and data shared across applications-primarily Person data--will be masked across the database.
5. What are the various options available for data masking?
You can request the data masking service using one of three options. The second and third options
are less common.
1. Most common is when you request data masking as part of an environment refresh (P2T).
This assures that the production data you have migrated to a non-production environment via
an environment refresh (P2T) is masked before you provide users access to it.
You request standalone data masking if you have loaded real Person information from
another system directly into your Fusion non-production environment; or
You request standalone data masking if you previously migrated data to your nonproduction environment via an environment refresh and subsequently wish that data to be
masked.
For data masking as its own standalone service, refer to the Data Masking Standalone white
paper in My Oracle Support document, Doc ID 1534683.1.
For data masking as part of a standard Fusion environment refresh, refer to the Environment
Refresh (P2T/T2T) white paper in My Oracle Support document, Doc ID 2015788.1.
For data masking with a coordinated Taleo Zone and Fusion HCM Refresh, refer to the Taleo
Zone Refresh with Fusion HCM Environment Refresh white paper in My Oracle Support
document, Doc ID 1534683.1.
For standalone data masking, select the following Problem Type: Hosting Services
Application -> Data Masking Standalone
For data masking combined with a standard environment refresh (P2T), select the following
Problem Type: Hosting Services Application -> P2T Standard Production to Test Copy
For data masking combined with an environment refresh (P2T) that must be coordinated with
a Taleo Zone Refresh, select the following Problem Type: Hosting Services Application ->
P2T Taleo Zone Refresh with Fusion HCM P2T
A determined user could figure out a persons identity through a combination of non-PII such as
Location, Job, and Gender. If we were to mask data to avoid this from happening, the resulting data
would not be useable for user acceptance testing and several consistency edits within the applications
could break.
13. Can I request that data be masked exactly how I want it?
No. There is no option to customize what data is masked or how that data is masked. Oracle has
certified data masking using the standard methods identified in this document on My Oracle Support.
14. What other limitations exist?
Important! Be sure you understand limitations with using masked data before you request the
data masking service.
Do not request the data masking service if:
Your intent is to replicate the same results as when using real, unmasked data. Key
examples are payroll calculation and any process that uses data input values that would
be modified by the data masking process.
Your test purpose is to verify interfaces to downstream systems that require real data that
is not modified.
Refer to Appendix A for the list of all data objects that are masked with each request, and be
sure to analyze and consider potential impact to your intended test purpose, scope and
downstream processing.
10
Worldwide Inquiries
Phone: +1.650.506.7000
Fax: +1.650.506.7200
CONNECT W ITH US
blogs.oracle.com/oracle
facebook.com/oracle
twitter.com/oracle
oracle.com
Copyright 2015, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only, and the
contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other
warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or
fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are
formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any
means, electronic or mechanical, for any purpose, without our prior written permission.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and
are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are
trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. 1215
Oracle Applications HCM Cloud Service Definition
Data Masking Standalone
December 2015
11