Data-masking is becoming a important in every organization after multiple news of data being compromised by external people. But now a days Internal Threat is what has to be considered as real problem . Access to data to internal people always raises a question of ” is it ok” , “is it advisable ” etc . Internal people who are bound to sign the data security agreement but its very hard to track the person when the data breach happens . Also marking what data is considered sensitive is also a challenge.

With most of the companies using enterprise software like Oracle EBS ( Ebusiness Suite) , the way data is been used for development work is posing a new threat. Most of the companies mask data like credit card , SSN etc , but still there is data that companies will not consider as sensitive but can we used my miscreants in a useful way. With the increased number of modules being used ( AR , AP , GL , SCM , MSC , CSI , XLA , CSC etc) , its really hard keep track of what is sensitive and who is accessing it.

There are multiple technologies available to Mask data , Audit data etc but are not efficient.

Abotts Data Masking tool for EBS is a simple to use and build specially keeping in mind the sensitivity of data on EBS systems. The reason we say this tool is the best is because we worked at different companies and came up with the table list that covers all the data and also the use cases.

Highlights

We have identified All tables and we have logic to Mask the data . Every Company can decide on Masking logic , data representation if required

  • Easy to setup . Can we scheduled as concurrent programs on development after clone.
  • No need to worry about schedule being missed , we have logic that will make sure the data is always masked.
  • Can Run is background , So don’t worry about instance availability during masking. You can always use the instance but we keep the sensitive data blocked for direct access.
  • Works well on 11.5.10 , R12.1.* , R12.2.*
  • We cover all the areas.
    • Payment Card Industry Data Security Standard (PCI-DSS 2.0)
    • State Privacy Regulations (employees, customers,Vendors etc)
    • HIPAA Privacy Standard/Rule

Abotts Auditor on EBS:

Highlights

  • Why Mask data if we can track access to these tables?
  • Application specific data , if we know who are supposed to access this then why not Just allow them and track there activity?
  • will not affect performance .
  • We have a report of everything. Alerts if there is a violation
  • Builds a data access process.
  • Takes about 1 hr to implement. All we need is a SOX person to say what is can and cannot .