Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Services
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
Program Agenda
1
Overview
Frequently-asked Questions
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
Overview
Data masking is the process which permanently alters pre-defined columns
in a non-production environment in order to avoid exposing
sensitive/personal data but still make that data useable for the customers
intended purpose
Typically, supports use cases for non-production environments after you
have gone into production
Maintenance and add-on development
Upgrade validation
User acceptance testing of new features, changes
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
Overview (continued)
Subscription-based
Release 10: HCM
Planned for Release 11: ERP & Sales Cloud
Overview (continued)
Production
Data Masking
Process
Non-production
susanf@acme.com
Moose Jaw, Saskatchewan, Canada
January 18, 1991
0384229473
ABZ332049
Academic Student
CA2034938-1
Email
Places of Birth
Date of Birth
Bank Account
Passport #
Visa/Permit Type
Drivers License
sendmail-test-discard@oracle.com
---, ---, --March 30, 1987
2938472
#K49HEL*
Temporary Worker
---
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
Definition
Example
Pre-masking Value
Post-masking Value
Fixed
String
Email Address
fred.smith@oracle.com
sendmail-testdiscard@oracle.com
Country: <null>
Region: <null>
Town: <null>
Null
Places of Birth
Country: Canada
Region: Saskatchewan
Town: Moose Jaw
Random
Date
Date of Birth
Random
Digits
Bank Account
0384229473
2938472
Random
String
Passport Number
ABZ332049
#K49HEL*
Shuffle
Visa/Permit Type
Academic Student
Temporary Worker
Truncate
Drivers License
CA2034938-1
---
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
Frequently-asked Questions
1. Is data masking available to all customers?
Data masking is available to HCM customers at Release 10 or higher who have subscribed to the optional
data masking service. Contact your Oracle Account Team if you would like to subscribe to this service.
2. When will data masking be available for Sales Cloud and ERP customers?
Oracle plans to support data masking for additional Fusion Cloud services with Release 11.
3. What data is masked and how is it masked?
See the following section for details. The data masking service entitlement focuses on masking personallyidentifiable information (PII).
4. Were implementing ERP and HCM in the same Cloud environment. Whats the impact of data
masking in this case?
All data will be masked identically, regardless of the Fusion application which uses it or from which it
originated. Data masking rules are defined at the column level and data shared across applications-primarily Person data--will be masked across the database.
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
You request data masking via a Service Request (SR) using My Oracle Support
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
For data masking with an environment refresh, select a date outside of the refresh blackout period (the
period of time between monthly updates to your non-production environments and two weeks later when
production environments are updated). Also, the date cannot be less than 4 days prior to any other
planned outages for the environment.
9. Should we always mask data in our non-production environment?
Probably not. In some cases, youll want your non-production environment to be identical to whats in
production. A common example is validation of an upgrade in your non-production environment before
your production environment is upgraded.
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
10
12. After our data is masked, will it be possible for someone to figure out whos who on the database? If
yes, why?
Possibly. Even though personally-identifiable information (PII) is masked, you must continue to practice
good data governance and restrict access to masked data to only those persons whose jobs require it. A
determined user could figure out a persons identity through a combination of non-PII data (for example,
location, job, and gender). If we were to mask data to avoid this from happening, the resulting data would
not be useable for user acceptance testing and several consistency edits within the applications could
break. Use data security to restrict the data that a user can see.
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
11
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
12
Masking Technique
Masked Value
Bank Accounts
Email Addresses
Phone Numbers
Addresses
Random Digits
Fixed String
Random Digits; USA phone number format
Address Lines 1 & 2: Fixed String; Address Lines 3 &4: Nulled;
Postal Code, Town or City, Country: Shuffled as a group
Dates of Birth
Places of Birth
Dates of Death
Person Names
Sample: 4936477859
sendmail-test-discard@oracle.com
Sample: 925-692-9270
Sample:
Address Line 1: Station
Address Line 2: Road
Address Line 3: <null>
Address Line 4: <null>
Postal Code: S031 4NG
Town or City: SOUTHAMPTON
Country: UNITED KINGDON
Sample: March 17, 1982
<null>
<null>
Sample: Prabu Ann Chin
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
13
Masking Technique
Masked Value
Documents of Record
Disabilities
Drivers Licenses
Passports
Visas/Work Permits
Table truncated
Table truncated
Passport Numbers: random string
Visa/Permit Number: random string; Visa/Permit Type: shuffle rows
National Identifiers
Termination Dates
Table truncated
Nulled
Sample:
From Date: May 11, 2008
To Date: October 5, 2007
Date Issued: July 9, 2003
Issuing Authority: U#_G
Document of Record ID: TM289384
Issuing Location: I*R@O{C
----Sample: *K^%KE
Sample:
Visa/Permit Number: K%R+KH@
Via/Permit Type: Academic Student
-<null>
Copyright 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential Internal/Restricted/Highly Restricted
14