Blog

Bridging the Data Security Gap with APIs

Delphix understands the changing landscape of data security and has built into its data masking capabilities for API support.
Thumbnail

As new technologies like Delphix and EMR transform data from monolithic and heavy  to lightweight and seamless objects that can be returned via an API, we’re seeing a new need to secure that data with just an API call.

In one of the first ways we secured data, the focus was on encryption. Encrypted data does not need to be application compatible or formatted, and the resultant ciphertext is always gibberish. However in reducing data to gibberish, we also lose the ability to glean insights from it. As a result, we’ve moved toward data masking, which is run for a much higher volume of data in non-prod read environments. So far, this function has been available only as batch and interactive executions. It’s clear that we need to evolve our thoughts about data security even further, this time, through the development of data-masking APIs.

Delphix understands the changing landscape of data security and has built into its data masking capabilities for API support, as follows:

  • Data collections and systems to handle ever more complex and heterogeneous projects including distributed databases, and  files, and providing higher performance and scalability

  • Programmatic interface to extend to new sources and scale existing workloads; with support for advanced masking algorithms

  • Progress towards full automation; making data security pain-free

When using Delphix Data masking with APIs, end users have access to the following capabilities:

  • Restful API callable from all/any platform;

  • All endpoints are available for your use case;

  • Easy: All code snippets are available on console.

Users then are able to automatically identify scope, direct integration into existing processes via orchestration, scale and extend, and integrate fully with SEIM and log monitoring tools.

While it may be not easy to imagine the immediate changes you’ll see when you use this, there are a few cases where we can compare a traditional masking v/s API based masking:

fig4


Scenarios where masking as a true service can be utilized:

masking Masking SDLC
Users can develop and reuse masking components as needed; they can complete whole DevOps cycle with on-demand masked data starting with scanning and creating risk profiles automatically.
test Portability
Users can MASK data the same way across you platforms while maintaining usability, they can share algorithms in-between teams; test and promote them to production.
test Monitoring
Masking (or rather masking leaks) can now be extended to event based /SIEM tools, users can create as verbose log as needed and integrate with external reporting and monitoring tools like Splunk or Sumo Logic.


Delphix makes the CI/CD/CS policy very easy to implement. Users can now integrate fresh virtualized masked data to their docker / Kubernetes containers and immediately see the benefits of the secure, seamless, fast integration. In addition users can now deploy and test masking HA/DR as per your organization’s policies. Every Delphix engine comes with a ready reckoner of API call models e.g. and inline testbed ( illustration below).

With masking now available as a true service, its applications are endless.

illustration
Tags