Data Security Software

Home Solutions Enterprise Security for IBM i Field Masking

Enforcive/Sensitive Field Masking

Enforcive/Sensitive Field Masking is an implementation of data privacy. Its purpose is to provide access to certain database fields while masking the value of others.
Following the simple definition, masking is started for a file by clicking on the button in the GUI. A masked file is created and users are then given access only to the masked file while access to the original is strictly controlled. The masked file has selected fields masked or blocked from view. Each original production file may have an unlimited number of masked files defined, each with different fields selected for masking. In this way, different users may be given access to only the fields they need.
The masked files carry the original file name but reside in a different library from the original. The masked file and the original may be fully independent of each other or may be made dependent using the option of automatic synchronization between the two.
1
The Main Features
  1. Use of masked files in which sensitive fields values are replaced (masked).
  2. Choice of mask character.
  3. Optional synchronization between files.
  4. Access to original file is blocked using the Enforcive file protection facility.
  5. Applications see the mask rather than original field value.
  6. Selected personnel can view and update sensitive fields while others cannot even see the field value.
Benefits
  1. Provides data privacy.
  2. Dynamic - can be activated/deactivated at any time.
  3. Application independent, no program changes.
  4. Cannot be bypassed with alternative applications or power users.
An example of Sensitive field masking in action.
2
3
Want to learn more?