Masking Policies
Data masking in TrustLogix allows organizations to protect sensitive information by obscuring data based on defined access policies. This document outlines the steps for creating data masking access policies, including defining conditions, applying masking techniques, and selecting available options.
The Condition Builder simplifies policy creation for non-technical users, while the SQL Builder offers advanced customization for precise control over data masking rules.
Steps to Create Data Masking Policies
Navigate to Data Masking Policy Configuration
Log in to TrustLogix.
Click on Data Sources.
Select the relevant Data Source (e.g., Health Care Services).
Click on Access Policies.
Click Create Policy.
Define Data Masking Policy
Select Data Masking as the policy type.
Enter the policy name (e.g.,
Mask_Sensitive_Data).Click Next.
Configure Policy Conditions
Select Named As or Classified As options to define data classification.
Click on Tags and enter classification keywords (e.g.,
SENfor sensitive data).Drop down will list all the tags available in data souce which are tagged at column level.
Click Close after selecting the relevant tag.
Apply Masking Techniques
Select the Masking Type from the dropdown options:
Hashing (SHA2)Partial MaskingNull ReplacementRegular ExpressionPlain Text
Click Next.
Masking patterns vary based on the data source type. Not all masking patterns supported across data source type.
Define Conditions to Unmask the data for users
Click Use SQL Editor or Use Condition Builder.
Click Add Condition.
The Attribute drop down will list all available principal type options along with entitlement attributes.
Choose one of the option based on the condition wanted to be built.
Select the appropriate operator (
Equals,Not Equals,Contains,Starts With).Based on the attribute chosen Match with drop down will show up with available option
Choose the option from the Match with drop down. Value option will be provided with additional options based on selected Match with option
Select or enter the value
Click Add Condition or Add Nested Condition to add multiple criteria.
Click on Save
Modal window popup to show policy generation progress. If there are no errors policy is created and ready to be deployed
If required, review and update conditions before deployment.
If there are any validation error due to duplicate policy or column conditions mismatch correct them get the policy created and ready to be deployed
Click on Deploy button to deploy the policy from the modal.
Understanding Condition Builder and SQL Builder
User-friendly interface for defining access conditions without requiring SQL knowledge.
Attribute Selection:
Role NameUser GroupDepartmentGeographical RegionCountry
Operators:
EqualsNot EqualsContainsStarts WithEnds WithIn ListNot In List
Logical Operators:
ANDORNested Conditions
Value Assignment:
Static values (e.g.,
USA,EU,APAC).Dynamic values based on user attributes.
Advantages:
User-friendly interface for defining access conditions without having SQL Knowledge.
Allows nested conditions for complex policies.
Provides drag-and-drop options to select attributes, operators, and values.
Best suited for non-technical users who prefer a guided configuration.
Supports logical operators like AND, OR, and grouping conditions.
SQL Editor Options:
Advanced tool for writing custom conditions in SQL syntax.
Allows for:
Fine-grained control over policy conditions.
Using
JOINs,subqueries, andcomplex expressions.Applying row-level security based on dynamic queries.
Example Query:
Advantages :
Advanced tool for writing custom conditions in SQL syntax.
Allows fine-grained control over policy conditions.
Supports JOINs, subqueries, and complex expressions.
Best suited for technical users familiar with SQL.
Provides query validation to ensure correctness before applying conditions.
Last updated
Was this helpful?