Dynamic Data Masking

By implementing Immuta’s privacy-enhancing technologies (PETs), data teams achieved 400% growth in permitted use cases. Immuta’s advanced privacy-enhancing technologies (PETs) dynamically mask and anonymize sensitive data – with mathematical guarantees – to accelerate data sharing use cases.

Request a Demo

Dynamic Data Masking

Copying data and manually removing or anonymizing values can delay analysis and weaken data utility. Immuta’s dynamic masking policies support hashing, regular expression, rounding, conditional masking, replacing with null or constant, with reversibility, with format preserving masking, and with k-anonymization, as well as external masking — all without ever copying or moving data.

Automated K-Anonymization

Eliminate manual, code-based approaches that require a team of mathematicians to prevent re-identification. Immuta enables data teams to apply k-anonymization at query time from any database it is connected to, allowing you to seamlessly prepare sensitive data for use. Compared to other approaches, k-anonymization has been shown to be the most effective for data masking.

Conditional Data Masking

Protect yourself from data leaks without resorting to manual changes. Immuta automates access restrictions based on masking policy conditions, such as time-based windows, user’s geography, and data in adjacent cells or reference tables. Immuta’s conditional logic in masking policies provides flexible policy enforcement while reducing risk.

Randomized Response

Protect yourself from data attacks without resorting to time-intensive security methods that require coding or new ETL pipelines. Immuta’s randomized response helps achieve local differential privacy for specific columns, making it possible to put mathematically guaranteed limits on an attacker’s ability to exploit your data.

Differential Privacy

Differential privacy statistically guarantees that any individual record within a dataset cannot be identified. Immuta is one of the few data platforms to provide differential privacy. It is one of our dynamic privacy enhancing technologies (PETs) and it works by injecting noise into queries to protect the privacy of individual records and enable increased data sharing.

Masking & Anonymization

Frequently Asked Questions

  • What is dynamic data masking?

    Dynamic data masking is the process of using fake, hidden, or purposefully “noisy” data to hide or mask the sensitive elements of a data set. Working within existing databases, masking techniques including k-anonymization, differential privacy, and randomized response can protect sensitive data from being reverse-engineered or re-identified. These masking techniques help assure the privacy of this data while also maintaining its ability to be analyzed.
  • What is data de-identification?

    Data de-identification is the removal of personal information, such as names, specific geographic locations, telephone numbers, and Social Security numbers, to prevent the identification of specific individuals within a data set. This practice mitigates privacy risks and prepares data for access, analysis, and sharing.

  • Why is it important to de-identify data?

    De-identifying data preserves individuals’ privacy and enables valuable data sharing and use. De-identification is a core requirement for HIPAA compliance, as it ensures that medical and health data can be used in areas such as research, policy assessment, and comparative effectiveness studies, without compromising the individual’s right to privacy.

  • Common masking techniques

    • Dynamic Data Masking shields confidential information in production data in real time, without making any physical changes to the data set, and prevents data requesters from accessing the sensitive information.
    • Dynamic K-Anonymization automatically anonymizes and hides infrequent, identifiable responses when specific columns are queried.
    • Conditional Data Masking uses dynamic access restrictions, based on policy conditions and characteristics, to mask columns, cells, and rows for certain users.
    • Randomized Response introduces plausible deniability into data to anonymize specific columns.
    • Differential Privacy injects noise into queries to protect the privacy of individual records.

Ready to get started?

Request a Demo Build a Policy Now