Home » Products » FieldShield
Field Encryption, De-ID and Data Masking 
 
» Products
CoSort (Transform)
Fast Extract (Oracle)
Fast Extract (DB2)
RowGen (Test Data)
FieldShield (Masking)
NextForm (Conversion)
FieldShield is a uniquely powerful data-centric security tool for sensitive files. FieldShield masks private data at the field level with obfuscation and encryption functions that you apply according to your business rules. If you need fast, targeted, and auditable data protection for your text, CSV, LDIF, XML, COBOL or other files, consider a FieldShield solution.

Summary
FieldShield shields sensitive fields in flat files with a choice of protections. Encrypt, mask, and filter your data according to your business rules to de-identify or remove individualizing characteristics in your files without cutting off access to the rest of the data or changing its basic appearance. FieldShield's optional audit trail verifies compliance with data privacy laws.
Selected Features
• Field encryption (e.g. AES-256)
• Data masking and obfuscation
• Built-in de-ID function
• Lookup pseudonym support
• XML audit (compliance) log
• Open, interoperable metadata
• Compatible test data creation
Introduction
Does your company process or keep files with personally-identifying information, and are you responsible for manipulating or protecting them? If so, you know that data = risk, and the physical and logical security measures that are in play. Consider these questions next:

  • Would the data be safe from misuse even if it were stolen?
  • Is your department in compliance with data privacy regulations? Can you prove it?
  • Do you protect only the data at risk, so you can see and use non-sensitive data?
  • Can you protect different data elements (fields) with different protection methods?
  • Does the protected data look real enough to present, outsource, or test against?
  • Are your metadata or processing tools integrated with your protection methods?
  • How much money and time is wasted encrypting safe data or just one database?

Transaction data containing personally-identifying information (PII) are commonly stored in flat-file formats like CSV, text, index and record sequential, variable block, LDIF, and XML. Flat files feed databases and spreadsheets, are attached to emails, travel on laptops, are posted to the internet and copied onto CDs, thumb drives, etc. These fundamental sources of business information, whether at rest or in motion, can put your organization at risk.

IRI's flagship CoSort technology has a 30-year track record of granular data manipulation for large and varied file formats. Now you can leverage that expertise for shielding the sensitive fields in your files with auditable, role-based access controls.

Description

FieldShield is a "Start point Data Protection" tool because it shields enterprise fields within files at rest or in production. There are several uniquely beneficial aspects to the tool:

Versatility. FieldShield can secure (just) the sensitive data in your files by applying a given protection to one or more fields at a time. Based on the business rules for protecting each field, you can choose from:

Encryption & Decryption
De & Re-Identification
Masking via Anonymization
Masking via Pseudonymization
Masking via Custom Functions
Filtering & Redaction
Consider for example an insurance claim file with 12 PHI fields, three of which are sensitive. FieldShield's choice of protections would allow you to comply with HIPAA by encrypting the SSN field, de-identifying the diagnosis field, and using another obfuscating mask on the zip code field.

Efficiency. Meanwhile, the other (non-sensitive) fields are visible, and available for use along with anything else that need not be encrypted. This is more efficient than device-centric encryption which protects data and devices far beyond what is needed - taking more time and cutting off your ability to work with non-sensitive data.

Flexibility. FieldShield also allows you to specify data protections on a conditional basis, so you can target a particular protection function based on a pattern, value, or range in a specific field or substring. Beyond field-level security, you can also tell FieldShield to encrypt, mask, de-identify or filter entire records, or even one or more files at a time. Your business rules determine every place for, and type of, security among multiple file formats.

Safety. By using different security functions or encryption keys for fields, even if one field were to be compromised, the others are not, and the remaining data remains anonymous. This is more secure than database encryption and other single-method protection methods. You can also use multiple encryption functions or keys for different fields and recipients.

Simplicity. By applying role-base field protections, you need only produce a single version of the secured file for multiple recipients. A uniform output reduces production time and the complexity of managing disparate versions of the file. Also, by specifying all the protections in one FieldShield program, there is only one job script to create, manage, and audit.

Clarity. FieldShield uses a popular, self-documenting 4GL to define the layouts and protections (or recovery) of your files' input and output fields. The open-text job scripts can be secured in your operating system as needed, and saved within XML audit logs for verifying the steps taken in compliance with data privacy regulations.

Interoperability. FieldShield runs on all Unix, Linux, and Windows platforms, and operates on the flat files common to all of them and mainframes. And, FieldShield uses the same metadata as:

  • CoSort for data transformation and reporting
  • RowGen for realistic test data generation
  • NextForm for file and data type conversion
  • Fast Extract for unloading Oracle and DB2

The data definition files are interchangeable among all IRI products, and compatible with the Meta Integration Model Bridge. MIMB's .ddf support means you can quickly convert file layouts in third-party ETL, BI, and modeling tools for use with FieldShield and other IRI software.

Platform and Data Availability

FieldShield functionality is currently available through command-line operations only, and as such works identically across all Linux, Unix and Windows platforms. There are no restrictions on file sizes or the number of fields, and most FieldShield functions can be applied to more than 100 single- and multi-byte data types. Records must be in a common format in each file, and the current record length limit is 64Kb.

Licensing and Support Information

During its preview phase, IRI can offer free or low-cost licenses to beta users in exchange for their feedback on functionality and/or participation in case studies. FieldShield in standalone, command-line mode will be licensed for perpetual use in the third quarter of 2009.

Please email fieldshield@iri.com or click on the free trial icon if you would like to evaluate this tool in confidence.

make text smaller make text larger print this pageemail this page
» Resources
case studies Case Studies
white papers White Papers
data sheet Brochure
» Next Steps
1-800-333-SORT
1-321-777-8889
livechatLive Chat
request additional infoRequest Info
find agentFind Agent
eval requestDownload Demo
page feedbackGet Newsletter
page feedbackPage Feeback
Did you find what you were looking for on this page?
YesNoUnsure

What you were looking for:

Include your email address if you would like a response.