Presentation is loading. Please wait.

Presentation is loading. Please wait.

Optim and UMask Introduction

Published byIrene Bradley Modified over 6 years ago

Similar presentations

Presentation on theme: "Optim and UMask Introduction"— Presentation transcript:

1 Optim and UMask Introduction
Extending Optim to the Unstructured (& other IBM governance tools) September 15th, 2017 | Allan Martin

2 What is unstructured Data?
Structured - Information with a high degree of organization, such that inclusion in a relational database is seamless and readily searchable by simple search operations. Unstructured - information that either does not have a pre-defined data model or is not organized in a pre-defined manner. DB2 . Oracle . SQL Server . Informix . Sybase . Teradata … Scanned Images . PDF . Web logs . . Office docs …

3 Why Unstructured Stringent regulations are increasing
Financial Crimes Enforcement Network (FinCEN) is taking more aggressive stances against businesses Anti-Money Laundering, HIPPA compliance, Audits are all on the rise Government is requiring more cooperation between consumers, businesses, law enforcement agencies, and legislators. At the same time, more data is being kept exponentially each year to capture customer habits, historical and transactional data, and trending analysis. Big Data, Cloud, IoT and mobile all contribute to the challenge of keeping data secure. Over 70% of data currently generated is unstructured.

4 Why UMask + UMask = Completing the Compliance circle
IBM Information Governance solutions are market leaders for protecting Structured Data (data residing in databases) both for Test Data Management and Dynamically in Production. Unstructured data is growing exponentially compared to structured. ABMartin’s UMask product works in conjunction with IBM’s Optim and other Governance solutions by addressing and masking unstructured data types (such as PDF, Office docs, scanned Images...) UMask provides IBM a competitive advantage. By including UMask, IBM’s customers are provided a more complete data privacy solution that no other vendor can currently offer + UMask = Completing the Compliance circle

5 Unstructured Data IBM & ABMartin – Where we fit Breach entry point
Breach Prevention Breach wall Structured Linux Unix DB2 Oracle SQL Server… Windows Unstructured Data Unstructured web logs MS office Scanned images HL7, EDI… CSV, XML Not if a breach happens, but when

6 Structured protected protected? unstructured web logs MS office
ACCTNO FIRST LAST SSN 10010 Sally Jones 10020 Tony Calvert 10030 Bruce Mercante ACCTNO FIRST LAST SSN 10010 Angie Smith 10020 Tony Martin 10030 Jack Wayne Structured protected & other IBM governance tools … protected? unstructured web logs MS office Scanned images CSV, XML HL7, EDI… Completing the Compliance circle

7 Products and Solutions:
Complete the compliance circle in production and test

8 UMask IRM Unstructured Data Masking - UMask Intelligent Redaction Module File Reduction Module Unstructured Data Archiving FRM UDA TEST PROD

9 Unstructured Data Masking - UMask
Mask over 65 primary file types including PDF, Images, Office Docs, HL7, EDI, Web logs… Maintain referential integrity ensuring data is masked consistently both within the database and within the files Mask and replace data with contextually accurate and fictitious data : SSN with fictitious SSN, credit card number with fictitious credit card number Run standalone or in conjunction with IBM’s Optim Data Privacy and Data Governance solutions

10 JPG, TIF. GIF, TGA, BMP … Direct pixel manipulation
BEFORE Drivers Licenses. Passports, NID W2, Check Images MRI, X-Rays Insurance Claims Schematics, Blueprints And more. Sensitive data ‘Masked’ data

11 <xml> <to>Bryan Jameson</to>
BEFORE AFTER <Lotusgl: ab-gc> <to>Bryan Jameson</to> <from>James Sanborn</from> <heading>Payment Details</heading> <body>Morning Bryan, just to confirm we received your request to deduct $ from MasterCard: Thanks, Jim</body> </ Lotusgl: ab-gc > <Lotusgl: ab-gc> <to>Allan Martin</to> <from>James Sanborn</from> <heading>Payment Details</heading> <body>Morning Allan, just to confirm we received your request to deduct $ from MasterCard: Thanks, Jim</body> </ Lotusgl: ab-gc > Sensitive data ‘Masked’ data

12 Challenge of masking PDF’s (solved)
Free form text stored in Adobe ‘compressed’ format Bitmap image

13 Regions Bank Use Case The Challenge: The solution: The benefits:
Regions Financial Corporation is a bank and financial services company headquartered in Birmingham, Alabama. The company provides retail and commercial banking, trust, securities brokerage, mortgage and insurance products and services. Its banking subsidiary, Regions Bank, operates 1,906 automated teller machines and 1,527 banking offices across 15 states in the southern United States. The Challenge: To speed development and provide the best test data, Regions Bank would copy production data directly into their Test environments. Regions used IBM’s Optim to mask sensitive data in the databases prior to moving to test, but had 2 million associated bank statements, outside the databases, stored as PDFs and AFPs which also contained sensitive PII data. Without masking this unstructured data, they were out of compliance and the customer data was still vulnerable to breaches. The challenge was to mask this sensitive information in these unstructured formats the same as what Optim masked in the databases to maintain referential integrity while still maintaining the look and feel of actual data for development and test. The solution: ABMartin’s UMask solution was able to take the obfuscated data from Optim and apply the same masking techniques to the sensitive data in the PDF and AFP files. UMask was the only data privacy solution to mask the data in their unstructured data formats. The benefits: The customer was able to complete the compliance circle by leveraging UMask along with IBM’s Optim solution to intelligently obfuscate data the same across both structured and unstructured data to ensure the referential integrity and compliance are maintained. And so as organizations develop a data growth management strategy – incorporating an enterprise-wide data archiving strategy, there are key questions that organizations need to ask both business and IT teams to understand the scope of the overall archiving project.

14 Search/Replace Methods
Direct: Find and Replace: Lt Bruce Mercante | Lt Wayne Andrews To: Lt Bruce Mercante from the U.S. Department of Defense Executive branch. To: Lt Wayne Andrews from the U.S. Department of Defense Executive branch. RegEx: Pattern matching Replacement: ^\d{3}-\d{2}-\d{4}$| …Social Security Number: Date of Birth: 07/29/1963. Account num… …Social Security Number: Date of Birth: 07/29/1963. Account num… Region: Replace Area or Region: <from:> | </from:> | ‘REDACTED’ <LotusNotes234> <to> Bryan James </to> <from> Angela Mace </from> <subject> Team meeting </subject> <LotusNotes234> <to> Bryan James </to> <from> REDACTED </from> <subject> Team meeting </subject>

15 UMask File Extension Modules
FXM File eXtention Modules - compiled programs that perform specific masking operations against data types Flat File Module - Files which can be viewed within Notepad (.LOG, .HTML, .TXT, …) PDF Module - Adobe PDF editing at raw base level (no Adobe engine required) XML Module - XML MSDOC Module – Microsoft Document editor (.DOC, .XLSX, PPT, …) EX Module - Manipulate Outlook PST file and MS Exchange EDB files DI Module - Edit digital images (DICOM, MRI, JPG, TIFF, BMP…) DB Module – Mask databases (DBF, DB2, SQL Server, Oracle, …)

16 UMask Input Flat file – lists documents and rules
Column Map Procedures and Exits Scan folder or Network DB Table – lists documents and rules CLI – direct call to UMask

17 Intelligent Redaction Module
Mask at the Glass. Dynamic unstructured data masking in Production and Test! Intelligent redaction masks data with similarly like data desensitizing the document while maintaining document integrity and ‘look and feel’. Multi-level redaction. Redact document depending upon requestor permissions and authority. Redaction rules based on user request or network location/device Save storage costs. Keep original repository and redact as needed.

18 Production: Redaction-on-the-fly
unredacted document Redaction rules based upon user, groups, roles as well as network location or device… Manager [elevated privileges] Multi level redaction Fully or partially redacted document Hotel folio Customer Service Rep [restricted privileges] Standard redaction or replace data with ‘like-for-like’. (standard redaction shown)

19 Increasing the value of StoredIQ
Delete Quarantine Move Delete, Quarantine, Move Mask Redact Standard StoredIQ report Enhanced StoredIQ report Match type: SSN, Credit Card… Sample Value: return part of found value Location: PDF paragraph 2, Excel Sheet 4, line 23… Action: Redact, Ignore, Delete, Browse file Date Scanned

20 Increasing the value of Information Analyzer
The Search for sensitive data. Table EMPLOYEEX contains various data column types Including BLOB and CLOBS… IA limited to specific data types. ? ? ? BLOBS, CLOBS, XML oh my!

21 Who is Allan and ABMartin?:
Established in 2009 by ex IBM Information Management Specialists Specializing in Complex Data Privacy, Test Data Management, and Decommissioning Unstructured data masking leader Heterogeneous systems expertise spanning across Mainframe, iSeries, Distributed, to Handheld and Embedded systems All ranges of DBMS: Relational, Object Oriented, Hierarchical Services, toolsets, products, software utilities

22 ABMartin - Data Privacy Specialist
Allan Martin ABMartin - Data Privacy Specialist P: (408) E: ABMartin LLC 1999 S. Bascom Ste 700 Campbell, CA 95008

Download ppt "Optim and UMask Introduction"

Similar presentations

CLEARSPACE Digital Document Archiving system INTRODUCTION Digital Document Archiving is the process of capturing paper documents through scanning and.

CLEARSPACE Digital Document Archiving system INTRODUCTION Digital Document Archiving is the process of capturing paper documents through scanning and.
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
DOCUMENT TYPES. Digital Documents Converting documents to an electronic format will preserve those documents, but how would such a process be organized?

DOCUMENT TYPES. Digital Documents Converting documents to an electronic format will preserve those documents, but how would such a process be organized?
Client Lunch & Learn (12:15). Association for Information & Image Management Nov. 2010 Research Scanner Utilization.

Client Lunch & Learn (12:15). Association for Information & Image Management Nov Research Scanner Utilization.
1 DB2 Access Recording Services Auditing DB2 on z/OS with “DBARS” A product developed by Software Product Research.

1 DB2 Access Recording Services Auditing DB2 on z/OS with “DBARS” A product developed by Software Product Research.
SOFTWARE PRESENTATION ODMS (OPEN SOURCE DOCUMENT MANAGEMENT SYSTEM)

SOFTWARE PRESENTATION ODMS (OPEN SOURCE DOCUMENT MANAGEMENT SYSTEM)
Databases Chapter 12. 12-2 Distinguish between the physical and logical view of data Describe how data is organized: characters, fields, records, tables,

Databases Chapter Distinguish between the physical and logical view of data Describe how data is organized: characters, fields, records, tables,
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
AN OVERVIEW OF MAC PDF TOOLS 1. PDF Tools for Mac PDF files can be used either in Windows, Unix or Apple’s Mac OS operating system commonly. It still.

AN OVERVIEW OF MAC PDF TOOLS 1. PDF Tools for Mac PDF files can be used either in Windows, Unix or Apple’s Mac OS operating system commonly. It still.
Lecture-8/ T. Nouf Almujally

Lecture-8/ T. Nouf Almujally
Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.
Clinton Ho Program Manager Microsoft Corporation SESSION CODE: SIA311.

Clinton Ho Program Manager Microsoft Corporation SESSION CODE: SIA311.
OCLC Online Computer Library Center CONTENTdm ® Digital Collection Management Software Ron Gardner, OCLC Digital Services Consultant ICOLC Meeting April.

OCLC Online Computer Library Center CONTENTdm ® Digital Collection Management Software Ron Gardner, OCLC Digital Services Consultant ICOLC Meeting April.
Forms Management: Compliance, Security & Workflow Efficiencies.

Forms Management: Compliance, Security & Workflow Efficiencies.
Module 9 Configuring Messaging Policy and Compliance.

Module 9 Configuring Messaging Policy and Compliance.
Chapter 8 Browsing and Searching the Web. Browsing and Searching the Web FAQs: – What’s a Web page? – What’s a URL? – How does a browser work? – How do.

Chapter 8 Browsing and Searching the Web. Browsing and Searching the Web FAQs: – What’s a Web page? – What’s a URL? – How does a browser work? – How do.
Executive Invitation – Oracle Data Finder Service Oracle Corporation.

Executive Invitation – Oracle Data Finder Service Oracle Corporation.
Database Design and Management CPTG 424. 10/23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,

Database Design and Management CPTG /23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,
ITGS Databases.

ITGS Databases.
Internal Adoption of the MISMO V3.1 Data Model Jim Metzger Senior Analyst, Harland Financial Solutions, Inc. January 13, 2014 MISMO Winter 2014 Summit.

Internal Adoption of the MISMO V3.1 Data Model Jim Metzger Senior Analyst, Harland Financial Solutions, Inc. January 13, 2014 MISMO Winter 2014 Summit.

Similar presentations

Ads by Google