Clonetab’s Advanced Data Scrambling (ADS) is an irreversible process that it is used to obfuscate or nullify sensitive data with a wide range of algorithms supported based on the datatype of the column from the database. It is defined to support both E-Business Suite and Database Columns Scrambling.
• For Oracle e-Business Suite & Database
• Data Scrambling for SAP S/4HANA for SAP BTP or on-Premise
• Multiple algorithms for different needs
• Integrated with cloning or standalone.
• With Compliance Manager role
• High-speed scrambling
For more information visit https://clonetab.com
or send an email to info@clonetab.com.
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
CloneTab Advanced DataScrambling.pptx
1.
2. Clonetab ADS – Advanced Data Scrambling
Clonetab Appliance
Clonetab
Ctengine
Ctmon
Cloneengine
Masking Engine
Clonetab ADS
Data
Masking
Examples of Sensitive Data
Employee Data
• Social Security Number
• Salary Data
• Performance Review Information
• Address & Contact Information
• Bank Account Info for Direct Deposit
Customer Data
• Credit Card Number
• Bank Account Number
Vendor Data
• Bank Account Info for Direct Deposit
Company Data
• Credit Card and Bank Account Info
3. Supported Algorithms
• Substitution
• Number
• Date
• Phone Number
• Email
• SSN-TIN-ZIP
• Creditcard-BankAccount
• Nulling Out or Deletion
Clonetab ADS – Advanced Data Scrambling
4. Data Scrambling in Non-Prod Cloned Environments
Production Development
Same sensitive data as
production after clone
• Non-Production environments have meager or low level
of Access Control
• Redact sensitive data to prevent fraud/theft
• Meet statutory & compliance obligations – HIPPA, PCI,
SOX etc.
• Non-Production data may be shared with outside
persons such as non-employees
• Production environments have higher security and
hence non-production environments are vulnerable to
attacks.
5. Modules for Data Scrambling
Clonetab Data
Scrambling Base
Module
Data Scrambling for HANA,
MS SQL, MYSQL
Clonetab Advanced
Data Scrambling
Module + Referential
Integrity Checks
In-Memory Advanced
Data Scrambling Module
(not available yet)
Clonetab Data Security Modules
6. Pre-Seeded Algorithms
Replaces the existing data with random values from a pre-prepared
dataset
Pre-Seeded
Algorithms
Substitution
Varies the existing values in a specified range in order to obfuscate them.
Example, birth date values could be changed within a range of +/- n days
Date
Replaces the numeric data with same length
Number
Simply removes the sensitive data by deleting it.
Nulling or
Deletion
Replaces the existing data with same length and type of data
Credit Card or
Bank Account
Replaces the existing data with same length and type of data
SSN-TIN
Replaces the existing email with same length and type of data while
leaving the special character @ unchanged.
eMail
Replaces the existing phone numbers with same length and type of data
while leaving special characters such as (, ), -, . and so, on
Phone
Replaces the existing data with some static text irrespective of the
algorithms selected
Static Text
Scrambles the subset of the data depending on the where clause provided by
the user. Will be effective for the EIT concepts of Oracle e-Business Suite
Subset
* The algorithm list may change with new developments in Clonetab
7. Approach
Define sensitive column along with
integrity constraints (master/child
relationships).
Attach one of the pre-seeded
scrambling Algorithm.
Schedule or Run the scrambling job.
Subject to licensing terms, may run
as standalone or as part of Clone job
Steps to setup scrambling
Advantages
One-time Simple definition
by appropriate
privilege/role holder
Consistently scrambles
sensitive data after every
clone.
8. Register your Non-Prod instance to be scrambled in the Clonetab’s UI as
a target instance with the required information
Select Data Column to be scrambled (Schema, Table )
select the pre-seeded algorithm to be used for scrambling.
Create the scrambling task as a stand-alone task
Optionally monitor the task within Clonetab UI
An alert is sent out after completion (or failure) of the task via email
The Process
When you have license for CTClone & CTSnap, using the appropriate
privilege, you may optionally revert the scrambled values to Pre-
Scramble snapshot in case you see issues with scrambled data
Target
Registration
Define
Scrambling
Attributes
Create the Task
Monitor
Scrambling Task
Receive Alert
CTSnap Option
The process followed for Data Scrambling
Pool sync frequency can be set as needed depending on RPO needs
Application and Database volumes will be synced (with an assumption of CTSnap in use)
Storage size provided on primary is what is needed on HA as well
In-case of a failure, a complete switch to HA host is performed through UI. (Which includes all instances to be switched
Pool sync frequency can be set as needed depending on RPO needs
Application and Database volumes will be synced (with an assumption of CTSnap in use)
Storage size provided on primary is what is needed on HA as well
In-case of a failure, a complete switch to HA host is performed through UI. (Which includes all instances to be switched
Pool sync frequency can be set as needed depending on RPO needs
Application and Database volumes will be synced (with an assumption of CTSnap in use)
Storage size provided on primary is what is needed on HA as well
In-case of a failure, a complete switch to HA host is performed through UI. (Which includes all instances to be switched
Pool sync frequency can be set as needed depending on RPO needs
Application and Database volumes will be synced (with an assumption of CTSnap in use)
Storage size provided on primary is what is needed on HA as well
In-case of a failure, a complete switch to HA host is performed through UI. (Which includes all instances to be switched
Pool sync frequency can be set as needed depending on RPO needs
Application and Database volumes will be synced (with an assumption of CTSnap in use)
Storage size provided on primary is what is needed on HA as well
In-case of a failure, a complete switch to HA host is performed through UI. (Which includes all instances to be switched
Many vendors do not maintain integrity constraints.