Data masking is the process of replacing sensitive information with fully functional data when copying data from a production environment to a non-production environment.
Why is data masking important?
Data masking is necessary for situations where you need to share sensitive data from a production environment with non-production users, such as application developers. Production environments contain valuable and sensitive data, like phone numbers and credit card details, and require protection.
Copying sensitive data into a development environment without data masking increases the likelihood that the data is used inappropriately. Data masking ensures that the original sensitive data cannot be retrieved or accessed outside of the production environment. However, data masking still ensures that the masked records are fully functional in a development and test environment.
Security and Regulatory Compliance
With the Salesforce App, data only travels between your network and Salesforce. Data and credentials never pass through any third-party servers.
Masking data is a business practice that minimizes the risk of data leaks and is also required by law. The Salesforce App can help organizations comply with the following regulatory requirements.
Health Insurance Portability and Accountability Act (HIPAA)
HIPAA protects the privacy and security of Protected Health Information (PHI) of patients. PHI-related data that is stored in databases or transmitted over a network needs to have complete data protection. The requirements for data protection as they relate to data masking are the following:
- Standard: Access Control. Implement technical policies and procedures for electronic information systems that maintain electronically protected health information to allow access only to authorized users or software programs.
|Unique user identification (Required)||Assign a unique name and/or number for identifying and tracking user identity.|
|Emergency access procedure (Required)||Establish (and implement as needed) procedures for obtaining necessary electronically protected health information during an emergency.|
|Automatic logoff (Addressable)||Implement electronic procedures that terminate an electronic session after a predetermined time of inactivity.|
For a complete list of specifications, see Section 164.312 - Technical safeguards.
Payment Card Industry (PCI)
Requires cardholder data security as part of the Payment Card Industry Data Security Standard (PCI DSS) enforced by Visa and MasterCard.
Data Protection Act (DPA)
Requires all public and private organizations operating in the UK to protect personal data in databases, applications, and endpoint devices.
Personally Identifiable Information (PII)
Requires that sensitive information, which can be used to identify an individual, should be accessed on a strict and need-to-know basis. Also, data protection is required for most US states, the UK, and the European Union (EU).
General Data Protection Regulation (GDPR)
Requires data protection and privacy for all individuals within the EU. It also applies to personal data outside the EU.
Supported Field Types
The Salesforce App supports data masking for the following field types:
- Date Time
- Encrypted string
- String / Text Area
Data Masking Definitions
The Salesforce App enables you to mask data at the organization level, the project level, and/or the data template level. As a best practice, apply a data masking definition at the organization level to mask commonly regulated data. This also ensures the consistent masking of sensitive data across the entire organization.
You can create data masks in the Salesforce App using the following two ways.
On the Salesforce App console, navigate to Settings -> Data Mask to create a data mask at the organization or project level.
Click the Data Template tab to create a data mask for a specific data template.
For more information, see Applying a Data Mask.
Ensure that the required profile permissions are set to begin with data masking. The profile permissions for data masking are Manage Data Templates and Perform Data Copy. For more information, see Profiles.
Data mask definitions created at the organizational or project level take precedence over those created within the current data template. Consider the following example:
The administrator of an organization creates a data mask definition to mask Social Security Number fields using a regular expression pattern or substitution values.
A developer also adds a data mask definition to mask Social Security Number fields with a different regular expression pattern or substitution values.
In this scenario, the data mask definition created by the administrator is applied as it is created at an organization level.
Deterministic and Non-Deterministic Masking
Data mask substitutions can be both deterministic and non-deterministic.
Deterministic masking ensures that a given input value from the source environment always maps to the same output value in the destination environment.
For example, if the email firstname.lastname@example.org is masked as email@example.com, then every occurrence of firstname.lastname@example.org in the data copy is masked as email@example.com.
Non-deterministic masking generates different masked values for a given input value from the source environment.
For example, if the email firstname.lastname@example.org is masked as email@example.com in the first occurrence, then the second occurrence of firstname.lastname@example.org in the data copy will be masked to a different value.
Note: The Salesforce App uses non-deterministic masking substitution by default. To set deterministic masking substitution, see Mask Type.