Financial Institution does masking of sensitive data

BMG achieved a 20% real gain in performance
25 de May de 2020

The Horus Solutions project for a large Financial Institution was to obtain a qualified and complete database, so that registration data, personal data of customers and confidential data of the companies would not be exposed and viewed by unauthorized people.



The institution's problem was the exposure of real data and the privacy of its customers, as well as the sizing of storage space. When gathering data from the production environment, the use of a copy of the development and testing environments makes the space required for data storage equivalent to that of the production environment, which naturally has large volumes of data.


In order to be able to reduce the requirements and costs regarding data storage in the test and development environments, it is necessary to gather a reduced set of the total volume of data, respecting existing links and co-relationships, ensuring that this data sampling is complete and consistent from a business point of view. Therefore, Horus Solutions worked with the IBM Optim solution, creating data movement policies, using production environments as the source for creating development and testing environments with data reduced sets, complete and consistent with business rules.


With this solution, it was possible to ensure that all sensitive data was kept private using masking and overlay techniques that maintain the nature and characteristics of the data, but de-characterize its real meaning or value, so that its development and testing teams can handle and interact without any risk and in accordance with the rules of controllership and information security of the entire company.

The project acted in a total of 15 instances contemplated by 157 databases in three different technologies: Sybase ASE, Microsoft SQL Server and Oracle. In addition to hundreds of internal and third-party applications involved, several developers, analysts, project managers and 1,308 tables, 3,790 of which are masked fields.

The InfoSphere Optim Test Data Management tool made it possible to create more realistic and ideally sized test databases to run tests on applications and also allowed data editing to reinforce the occurrence of errors and return conditions and compare baseline data with data resulting from massive tests to identify application errors. It not only extracts, copies and transfers a data set from several source tables to the corresponding destination tables, it also keeps the complete data references and provides a wide and complete report.

In addition, the tool offers data transformation and encryption techniques to effectively protect sensitive corporate information through applications, reports and databases. Ensuring the privacy of sensitive data in relational database tables, maintaining their referential integrity. With that, it is possible that they will be masked on demand, at any time.