Bookshelf Home | Contents | Index | PDF |
Siebel Security Hardening Guide > Performing Security Testing > Using Masked Data for TestingIf making a copy of the data in your Siebel production database for security testing or development purposes, then mask sensitive data. Data masking hides sensitive information by replacing it with similar-looking but nonauthentic data. Effective methods of data masking protect the original data by ensuring it cannot be recovered from the masked data while providing a version of the data that is functionally equivalent for testing purposes. Data, such as personal details and credit card information, must always be masked when used outside the production environment. Siebel Business Applications do not provide data masking features; this functionality is provided by the RDBMS vendor. The Oracle Data Masking pack for Oracle Enterprise Manager provides data masking capabilities. If you are using an MS SQL or DB2 RDBMS, then refer to the vendor documentation for information on data masking products. Methods of Masking DataWhen using a copy of production data for testing or development purposes, you have to mask sensitive data but also ensure that the original data is not changed so much in the masking process that it no longer allows a valid test of the functionality being verified. The most appropriate method of masking data, without substantially changing it, varies according to the type of the data. The following are some methods that can be used for masking different types of data:
|
Siebel Security Hardening Guide | Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices. | |