Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

GEODI can mask or anonymize files or databases based on discovery results.

Masking means blacking out sensitive data, and anonymization means replacing data with fake but real-looking ones. Both functions allow you to share content with less concern. Masking hides sensitive information, and you can identify whether a document is masked. But anonymization creates a completely real-looking version of the content. Anonymization is more suitable for testing or data scientists.

Each finding is replaced with a real-looking value. Currently, the following entities are anonymized

  • Name → Name

  • Money → Money

  • Dictionaries(Placename, part number or other) → random value from the same dictionary

  • Creditcard → Creditcard

  • IBAN → IBAN

  • Tel → Tel

  • e-Mail → e-Mail

  • Date → Date

Anonimization has 2 mode. In the Default mode, the same value takes the same value. That is, a name (John Smit) is converted to the same name everywhere. In the other mode, conversion is always random, and you can not even see the same results in a single session.

Set ANO.SameToSame:False in the project generic settings for the second mode.

Profiles

Profiles defines which findings are to be anonimyzed. Ypu may anonimyze all, or PII or Financial data. The functions ask you to choose from existing profiles.

Anonimyze chocies

  1. Persistent File Anonymization: Selected files are persistently anonymized. You can choose to keep the original values or replace all findings, PII, or just financial values.

  2. Dynamic Anonimization: Dynamic option allows you to set visibility of sensitive i,nformation by permissons. Same content (a PF, word, ..) looks different to different users based on permissions.

  3. Database Anonimization: It is possible to mask/animiyze a database for software development teams. This capability should not be confused with products that perform dynamic database masking.

Persistent File Anonimization

GEODI creates a copy of the content undergoing masking to perform the process. The operation functions in the "Mask and Download" manner.

You may also use batch anonimization options on the actions menu. Batch process allows you to convert thousands of files at the same time.

  • Masking operates in the following formats:

    • Word (*.doc, *.docx, *.rtf)

    • Excel (*.xlsm, *.csv, *.xlsx, *.xls)

    • PDF (*.pdf)

    • Powerpoint (*.ppt, *.pptx, *.ppsx)

    • LibreOffice (*.odp, *.odt, *.ods)

  • In the viewers of supported formats for the masking process, access is available under the (info) button.

  • You can mask all discovered data or a selected subset by creating as many definitions (Masking Metadata) as needed.

    • By default, the following definitions are provided. Changes and additions can be made using the method specified on this page.

    • For example, with masking, a name like "Hasan Hüseyin" can be masked as "[NAME]" or "****". Different masking formats can be defined based on different identifiers using definitions. This means that names, IBANs, and currency expressions can all be masked differently.

Dynamic Anonymization

  • With dynamic masking, the results of the discovery are visible in screens such as the viewer, words, network graph, summary, etc., in a masked form.

  • Masking in the viewer is applicable to the following types, regardless of their source, whether they are embedded in a File Server, SharePoint, or a Database.

    • Office Files (Word, Excel, PowerPoint)

    • Open Office (ODT, ODS, ...)

    • PDF

    • TXT, XPS

  • On the last page of the project wizard, the "Dynamic Masking" box is selected, and settings are configured.

  • Once adjustments are made, files in the project are displayed to users in a masked format.

    • It operates with group-based authorization.

    • A masking metadata is defined for each group.

    • When group members open a file from the project, it is displayed in a masked form according to the defined masking metadata.

  • The "No Masking" setting displays the results without masking for the defined group.

  • Any group or user not matched with a profile is assumed to use the MaskALL profile.

  • When downloading files, it also downloads them in a masked form.

Database Anonymization

Database masking performs permanent masking on the given database. If you want the original data to remain intact, you can also work on a copy.

Database masking provides several use cases:

  1. When you need to share your database with software or testing teams. Masking permanently removes sensitive data from your database for this use case.

  2. When you share your database for data analysis, it permanently removes sensitive data, allowing you to safely share the database.

Permissions

The authorization for masking is the same as the document download permission. Those with download permission can use masking.

Dynamic masking allows authorization at the user and discovery layer levels.

License

A MASKING and DISCOVERY license is required.

  • No labels