Data masking is a data security technique in which a dataset is copied but with sensitive data obfuscated. This benign replica is then used instead of the authentic data for testing or training purposes.
Data masking does not just replace sensitive data with blanks. It creates characteristically intact, but inauthentic, replicas of personally identifiable data or other highly sensitive data in order to uphold the complexity and unique characteristics of data. In this way, tests performed on properly masked data will yield the same results as they would on the authentic dataset.
Data masking is essential in many regulated industries where personally identifiable information must be protected from overexposure. By masking data, the organization can expose the data as needed to test teams or database administrators without compromising the data or getting out of compliance. The primary benefit is reduced security risk.
Data masking is difficult because the changed data must retain any characteristics of the original data that would require specific processing. Yet it must be sufficiently transformed so that no one viewing the replica would be able to reverse-engineer it. Commercial software solutions are available to automate masking and provide confidence in the obfuscation quality.