Data masking

Data masking is the process of applying a mask on data to hide sensitive information and replace it with new data or scrubbed data.

Data masking divides into two categories:

Static Data Masking vs. Dynamic Data Masking:

Static Data Masking

Dynamic Data Masking

Happens on a physical copy of the database

Happens on the original database

Original data not retrievable

Original data intact

Mask occurs at the storage level

Mask occurs on-the-fly at query time

All users have access to the same masked data

Mask varies based on user permission

In Querona both data masking techniques are available, yet are implemented slightly differently than in a database server: static data masking is automatically used when a persistent cache is built, meaning that data written to the DBMS handling the cache is replaced with masked values.

Original data can be retrieved only by Querona and the seed value used to scrub the data must be known.