By: Tim Young

First, the hackers went after the Target customers, which was an annoyance to customers and briefly caused them to seek their chevron-print cocktail trays and 24-roll packages of toilet paper elsewhere.

Then it was the Home Depot customers, which caused a fair number of headaches and briefly drove some customers to Lowe’s or Menard’s (or at least gave them a good reason to put off fixing their squeaky garage doors).

Then it was Sony, but the outcry about data security was muted by the simultaneous realization that emails about Spiderman are entertaining. (Arguably more entertaining than Spiderman 3 or The Amazing Spiderman 2.)

But then the hackers went too far. They went after our cheating spouses.

(Well, at least our cheating husbands, who accounted for the vast majority of Ashley Madison clients.) And that’s when consumers, service providers, retailers, and any other organization that collects and stores sensitive data got serious about keeping that data private.

Just kidding. It’s still a big problem. The Ashley Madison hack stole the spotlight for obvious, lascivious reasons, but the breaches at the United States government’s Office of Personnel Management and health insurers Anthem, Premera Blue Cross and CareFirst BlueCross BlueShield highlight the potential consequences than can occur when Big Data is also sensitive data.

Reducing the risk

But the good news is that there are efforts underway to make sure that maintaining massive databases of information can be undertaken with a reduced threat of external exploitation of that data.

Encryption is one angle, though as Paul Venezia from InfoWorld points out, backdoors are weakening encryption efforts. What’s more, encryption limits the extent to which data is available for a wide range of other uses. When you need user data for research, development, testing, regulatory compliance, or other uses, encryption doesn’t do much good. It doesn’t matter how safe your vault is if you have to leave your treasure sitting on your coffee table.

And the regulatory compliance angle is of particular interest as regional regulations related to subscriber behavior and network activity continue to grow. From the USA FREEDOM Act’s shifting of metadata storage from the NSA to individual carriers to a wide variety of other financial and legal regulations (DFAST, Dodd-Frank, CCAR, BASEL III, LEI, etc.), there’s mounting pressure for carriers to store an enormous amount of data and a corresponding need for robust Big Data solutions to manage it all in a secure and organized way. And with the Fed looking at additional regulation that would impose fines for failing to adequately secure customer data, it's getting serious.

That’s where data masking comes in.

Masked and anonymous

Also referred to as redaction, data masking (DM) is defined by Gartner as “a technology aimed at preventing the abuse of sensitive data by giving users fictitious (yet realistic) data instead of real sensitive data.” In its Magic Quadrant for Data Masking (available for download through IBM), Gartner analysts further break down the technology into static data masking (SDM), which masks resting data in non-production databases, and dynamic data masking (DDM), which protects data in transit, usually at work in production databases.