Virtual Data & Data Masking - pspinfo.us Data & Data Masking ... backup or stage Write, read Data transfer to target Server and storage ... Full Security, Control, & Resource

1© 2015 Delphix. All Rights Reserved. Private & Confidential.

Virtual Data & Data MaskingThe New Approach to Data Security

Charles Moore, Delphix

September 2016


Identity & Data Breaches

Image goes here


Data breaches in 2015

783Records exposed in 2015

170MAverage incident cost

$3.8M


Data Is The New Perimeter

…and Data-Centric

Security is the new

trend


PRODUCTION DATA

20%

80%

NON-PRODUCTION

DATA

Non-Production Data = Key

Source of Vulnerability


The Surface Area of Risk

is Constantly Growing

Data Sprawl

Copies for

Dev/Test

Offshore

Workers &

Vendors

Different

Databases,

Tools, and

Security

Policies ???


Non-Prod Environments = Less Secure & Greater Risks

80% of businesses

use production &

sensitive data for

non-production

activities such as

training, testing,

development, and

QA.

- Gartner Inc.

Production

Network


Sensitive Data

Could Be In:

MetadataStructured

Data

Comments, Free Text

Fields

Embedded in Large Tables

… and anywhere else you

don’t expect

BLOBs, CLOBs

How Can You

• find PII data and identify risk

• in a reasonable amount of time

• with minimal effort or training

• to reach actionable conclusions

• that can be reported in event of

audit?



How Masking Eliminates Risk

John Smith

331-42-5319

303-623-8911

Mark Stevens

412-51-7533

512-523-7112


How Masking Eliminates Risk

Masking replaces sensitive data with fictitious, but realistic data to eliminate the risk

of exposure to unauthorized parties.

John

Smith

#339-54-8234

5-12-1975

Production Non-Production

Sensitive data is masked as it is

moved downstream

QA

Mark

Stevens

#459-14-3334

4-09-1977

TEST DEV

TRAINING BI


Without Masking With Masking

• Customer PII, Patient PHI

• Employee Info

• Intellectual Property

R HIPAA

R PCI DSS

R SOX

R State Privacy Laws

Secure Test Data

Management

Secure

Collaboration

De-risked cloud

migrations

Reduced

Insider Risk

Offshore

development

Unauthorized

Employees Vendors

Public Cloud


Delphix Data Masking

PROFILE SECURE AUDIT

o VERIFY all sensitive data is

masked

o ALERT admins if

vulnerabilities are Identified

o DELIVER assessment to

auditors

o MASK data without any

programming

o MAINTAIN usability with fictitious,

but realistic data

o APPLY masking with consistency,

repeatability

o IDENTIFY sensitive data across

sources

o ASSIGN masking algorithms to

match data

o REPORT risk profile across the

enterprise


Delphix Value

All at the Same Time

Accelerate Application Release Cycles

Meet Data Privacy Requirements

Tackle Large Scale Data Initiatives

Reduce Infrastructure Requirements


How Customers Leverage Delphix

Faster Data Delivery

Provision and refresh environments in minutes

Eliminate developer and end user wait-time

through Self-Service

Data Center or Public/Private/

Cloud Migration

Migrate 50% - 80% less data

Eliminate downtime

Accelerate migration projects by 50%

Elastic Expansion of Environments

Massive economies of scale

Ability to make critical business decisions

Data Masking

Audit and governance model for distribution of sensitive data to lower

environments

80% surface area risk reduction

Integrated Data Protection

RTO in minutes, RPO in seconds

Additional level of production support

Storage Reduction

50% to 80% reduction in non-production storage

Reduction in servers

Increase Development Agility, Throughput, and Quality

1 2 3 4 5 6

Lower Costs


On-Demand Data Across the Application Lifecycle

THE LEGACY WAY:

Impact on People & Systems

DELPHIX:

Self-service & Non-disruptive

Backups, batch

jobs, extracts

Data transfer to

backup or stage

Write, read

Data transfer to

target

Server and storage

impact

Developer

Submits

request

DBA

Backup

Admin

Storage

Admin

Manager

Systems

Admin

Approves

request

Readies

storage

Restores

version

Configures

database

Readies

target

1

2

4

5

6

3

Developer

Production

Network

Network

Backup

Target

Days, weeks, or

months later

VIRTUAL DATA

FILES,

DATABASES

1 One-Step Self-Service

V

Provision data

in minutes

Eliminates the process of copying

and moving data across systems

1

2

4

5

3

100x Faster


Branch

Refresh

Integrate

Bookmark

Rewind

Delphix Virtualization Engine

APPS & FILES

DATABASES

Compress Provision

MASK PROVISION

RETAIN

VIRTUAL COPIES

SELF-SERVICE

DEV TEST STAGE

COLLECT CONTROL CONSUME

1/10th 1/10th 1/10th


► ► ► ►

C I

H

F

HH

HHH

Capture Application Data


March 22 08:41March 22 12:43March 23 06:11

Continuously Record Changes

► ► ► ►Incremental change data

C I

H

F

HH

HHHH H H


Share Data Blocks Instead of

Duplicating Data

► ► ►

D

C I

B

G

H

F

A

H

D

C IB

GH

F

AH

DEV

D

C IB

GH

F

AH

TEST

D

C IB

GH

F

AH

REPORTING


SOURCEApp files and databases

The Delphix Data Virtualization Platform

NON-PRODUCTIONAny physical or virtual target server environment

DEV TEST STAGE

STORAGE: 1 TB

RDBMS

APP

RDBMS

APP

RDBMS

APP

RDBMS

APP

DELPHIX VIRTUAL MACHINE

Installs on any supported hypervisor

…Scale out to 10x virtual

copies in the space of one

physical

STORAGE: < 1 TB

ANY STORAGE

Configured for high performance

One-time, compressed copy then

unique, incremental changes onlySource


Virtualize Data Across the Application Lifecycle

Prod

Support

Dev

& Test

Backup

& DR

Report-

ing &

ETL

Archive,

Legal

Hold

Redundant Data Across Application Lifecycle Data Consolidation, Automation

10 TB Total, 2 Weeks to Deliver 1 TB Total, 10 Minutes

CapEx: 90% redundant data across application lifecycle environments

OpEx: data management consumes time across multiple teams


DEV:Comprehensive Data Features

to Accelerate SDLC

Self-Service Data Controls

ROLLBACK

Reset to run A/B tests, recover

from errors and data loss

SYNCHRONIZE

Dial multiple applications to

exact same time

BOOKMARK

Mark release changes,

business events

BRANCH

Pass environments to/from

Dev and QA

REFRESH

Refresh to the latest data

for high fidelity testing,

analytics

RBAC

Set up role-based

access controls,

permissions

MASK

Replace private,

sensitive data with

masked values

RETAIN

Store 30 days in space

of one for backup

restore, archiveREPLICATE

Replicate within, across

sites, or to the cloud for DR

SOURCE, TARGETS

Enable, set automation

templates for source, targets

OPS:Full Security, Control, & Resource

Allocation to Enable Self Service


Dev Console: Self-Service UI for End Users

» Self-service portal optimized for app teams,

analysts

» Powerful data control features to accelerate

collaboration, enhance developer flexibility

» Data governance and management framework for

operations teams

» Web-based, Restful APIs enable ready integration

with existing DevOps tools and workflows


Accelerate Data Delivery & Increase Project Output

BEFORE

» Errors more costly to fix later in SDLC

» Setup, teardown, wait-times limit testing

» Delphix enables 10X increase in test cycles

» Reduced re-code results in 50% more output

Dev Test QA Integration

TEST:

20 MIN

RESTORE:

10 MIN

TEST: 20 MIN TEST: 20 MIN TEST: 20 MIN TEST: 20 MIN

RESTORE:

8 HOURS

-----------------DBA, Sys Admin

RESTORE:

8 HOURS

-----------------DBA, Sys Admin

RESTORE:

8 HOURS

-----------------DBA, Sys Admin

RESTORE:

8 HOURS

-----------------DBA, Sys Admin

RESTORE:

8 HOURS

-----------------DBA, Sys Admin

TEST: 20 MIN

RESTORE:

8 HOURS

-----------------DBA, Sys Admin


A Perfect Marriage of

SECURITY + SPEED


Add Masking to Virtualization

► ►

D

C I

B

G

H

F

A

H

Mask Once

D

C IB

GH

F

AH

DEV

D

C IB

GH

F

AH

TEST

D

C IB

GH

F

AH

REPORTING


Data-Centric Security And Reduced Risk

SECURE, VIRTUAL DATA SETS:

» REDUCE PRIVILEGED USER RISK

by automatically masking data prior to access

» REDUCE SURFACE AREA OF RISK

by eliminating admin touch points

» SECURE DATA RECORD FROM VANDALISM

with independent, granular time machine


Over $10M Saved, 2x Faster Releases

App, data explosion due to:

• Regional expansion, Affordable Care Act, HIPAA50% Reduction

In Application Release Schedules

80% Reduced Data Risk With Data Masking

8+ PB Storage Saved6000+ Virtual Apps and DBs

Key ResultsMolina: Case Study for Consolidation

In my 4 years as CIO here at

Molina, the best ROI of any

technology investment that I’ve

made has been with Delphix.

—Rick Hopfer, Molina CIO

CIO 100 Award Winner with Delphix Implementation

A FORTUNE 500 COMPANY


FINANCIAL HEALTHCAR

E

TELECOMMANUFACTURINGRETAILTECHNOLOGY

Over 30% of the Fortune 100 run on Delphix


Thank You!

Documents

Virtual Data & Data Masking - pspinfo.us Data & Data Masking ... backup or stage Write, read Data transfer to target Server and storage ... Full Security, Control, & Resource