Oracle EBS R12 and Delphix Agile Data Masking

The Business Challenge

Over the past 25 years I worked for various clients in the Defence, Aerospace and Finance industries, one business challenge which I frequently come across is ‘Data Masking’. During many engagements I frequently have to consider the management and use of many different security classifications and types of data, my experiences suggest that even though everyone agrees and acknowledges the need for ‘Data Masking’ it’s largely been parked or ignored, I believe this could be due to many factors including:

  • Required time to implement traditional Data Masking solutions
  • Experience of failed Data Masking projects
  • Unknown impact on existing process and productivity
  • Lack of application and data knowledge
  • No Data Masking tools and or skills
  • Undocumented database interdependencies, schemas and tables
Data at the centre
Security Onion

Historically the approach taken by many of these organisations to mitigate the lack of Data Masking and the associated risk of data loss was to rely on Physical and Network security.

Organisations have and continue to invest heavily in physical and network security implementing physical and organisational access control system and ‘Hardening’ the outer shell of their corporate networks by deploying Firewalls, De-militarised (DMZ’s), Intrusion Detection Systems (IDS) and Anti Virus (AV) solutions. The Application and Data access layers have remained the poor relation.

 

As we can see from my Security Onion this approach has only addressed part of the problem,  the biggest cause of data loss continues to be internal incidents, be that intentional or accidental. This problem has grown considerable over the last few years with a high number of very public data breaches and will only increase as organisations embrace the ‘Cloud’ and migrate more and more development and test activities to partners, 3rd parties and off-shore teams.

Remember we should need to consider all the layers of data access, do you know everyone who has access to your non-Production data, are you part of their HR on-boarding process ?

This is where Data Masking has a significant role to play in Risk mitigation for Data Loss

Delphix Agile Data Masking

During the summer Delphix announced the Delphix Compliance Engine so I thought I would get the top down and take it out for a Test Drive against an Oracle Vision R12.1 database to see how easy it is to get up and running.

Having worked on Defence ‘Black’ projects I have seen data security issues with Project descriptions, so I thought I would try masking Project descriptions for this posting.

PA_PROJECTS_ALL_Pre

A quick query of the PA_PROJECTS_ALL table before I applied any Masking rules.

After logging onto the Agile Data Masking UI I configuring my database connection, I  uploaded some masked data (a text file with DESCRIPTION1 to DESCRIPTION600) I then selected the ‘PA’ schema and navigated to the ‘PA_PROJECTS_ALL’ table and selected the ‘DESCRIPTION’ column, provided Domain and Algorithm and was ready to create and run my Masking Job

PA Project All

Now a couple of clicks to create the Masking Job

Create Masking Job

 

A check of Job completion summary screen

Overview

 

Now lets validate that the Oracle EBS R12 form shows the Masked Project description.

Project_Search

Now lets re-run the PA_PROJECTS_ALL query to see the Data Masking results in SQL*Plus

PA_PROJECTS_ALL_Post

Conclusion

The Delphix Agile Data Masking feature when combined with Database Virtualisation provides a solution that is able to address all the previous concerns and issues with rolling out an Enterprise Data Masking project.

With the Delphix Agile Masking, Delphix Replication and Amazon Web Services (AWS) support you now have all the tools you need to take your Oracle EBS R12 environment up into the Clouds allowing you to share your data with partners, 3rd parties and anyone else you need to collaborate with.

Check out the Delphix Agile Data Masking solution to see how Delphix can address your Data Governance, Data Protection and Security requirements.

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s