Video
Overview: Masking Oracle with Perforce Delphix
Managing large Oracle environments presents a significant challenge: balancing the need for rapid innovation with the mandate to protect sensitive data. Exposing this information in non-production environments creates vulnerabilities, increasing the risk of data breaches and non-compliance with regulations like LGPD and GDPR. Perforce Delphix delivers a powerful solution to this problem, empowering organizations to automate data compliance for non-production environments and accelerate development without compromising security.
With Perforce Delphix, enterprises can effectively transform their Oracle data masking:
- Automate Sensitive Data Discovery: The Delphix platform connects to your Oracle databases, running profiling jobs to automatically scan thousands of tables and identify sensitive data. It then assigns appropriate out-of-the-box or custom masking algorithms to secure data, drastically reducing risk exposure.
- Ensure Enterprise-Grade Compliance: Mitigate the risk of compliance violations with pre-built profiles for major regulations, including Brazil's LGPD, GDPR, and CCPA. Delphix allows you to apply these policies directly, ensuring your data masking practices are consistently compliant and audit-ready.
- Maintain Referential Integrity Across Datasets: A common challenge in data masking is breaking application logic. Delphix ensures that relationships between tables are consistently maintained post-masking. This provides development teams with fully functional, realistic, yet fictitious data that behaves like production data.
- Accelerate Development and Testing Cycles Securely: Remove data bottlenecks by providing teams with fast, self-service access to secure and compliant data. Provision and refresh masked Oracle environments on demand, enabling teams to build and test faster while ensuring data for development and testing is always secure.
- Mask Data at Enterprise Scale: For organizations with massive data volumes, Delphix Hyperscale Compliance provides a horizontally scalable solution to mask billions of rows per hour. This enables performance testing against fully protected, production-sized datasets without sacrificing speed.
See How Delphix Can Transform Your Oracle Data Security
Discover how you can accelerate your development workflows while ensuring robust data compliance. Request a personalized demo to see how Delphix enables you to innovate faster and more securely with your Oracle data.
Full Transcript
Hello. My name is Ilker Taskaya, and I work as a sales engineer at Delphix. Today, I am going to discuss Delphix data masking for Oracle with you.
For our larger customers and governments, Oracle tends to be the bedrock: the single largest data source you will find. It has two particular features that make it difficult to protect.
First, it has usually been around for a long time, so you have hundreds, if not thousands, of objects or tables, making it complex to identify what is sensitive. Second, these environments have a lot of transactions, so they are very big. We are talking about hundreds of terabytes of data that you potentially need to protect.
It also needs to be consistent with other data sources. You might have SAP or Oracle Financials running on Oracle, giving you an ERP system. You might also have downstream environments where datasets need to be compliant or maintain integrity with the Oracle data.
Thus, you need a product line that helps you: A) identify what is sensitive, B) preserve referential integrity, and C) do so at scale.
To discuss this further, I want to show you some datasets we can use. I have a demo environment here with Oracle data. We have worked with hundreds, if not thousands, of data sources in Oracle.
We cover every kind of environment you would expect with Oracle: Exadata racks, multi-tenant environments, and Oracle datasets in Oracle Cloud. The short answer is that we cover all of them out-of-the-box.
When masking Oracle, I have an environment here. The first thing I want to showcase is our ability to protect this dataset based on policy.
In an enterprise environment, understanding the policy you want to protect helps drive your compliance goals. Today, I am going to be working with a dataset in Portuguese from Brazil, so I want to apply Brazil's data privacy law, LGPD, in the context of identifying what is sensitive.
With Delphix, you can either use out-of-the-box specific policies — such as GDPR Italy or the Brazilian data privacy law — or you can identify other specific datasets for regulations like CCPA and HIPAA. This means you have the out-of-the-box capability to apply a policy directly.
For our Oracle environment, I am interested in going to my dataset that is in Portuguese, and I want to apply a discovery mechanism that shows me what is sensitive in this environment.
Our discovery mechanism allows you to scan both metadata and data across all objects. In a single run, you can identify what is sensitive in that environment and then map a specific policy item, or domain, and thus an algorithm to it. Applying this policy to any data source—whether a Parquet file, an Aurora PostgreSQL, or an Oracle environment—allows you to create referential integrity across all these data sources.
Once you have identified your sensitive dataset and how you want to protect it in your environment, you can run masking against it. Here is what my dataset looks like in one of these tables. I have names, emails, phone numbers, and addresses.
Since we ran a profiling job, the next thing I want to do is run a masking job that executes against this environment.
When we run the masking job, we pick up the application of that policy at runtime, including which domains were sensitive and how they map to those attributes. We then read the data directly from that environment, transform it in memory, and write it back to create a zero-trust environment in your Oracle data sources.
Using our core compliance engine, this process can create, on average, one to five million rows a minute, giving you the ability to protect the dataset. Now that I have run the masking job, let's look at what the data looks like. I have these names, last names, emails, and phone numbers. When I run my dataset again, it looks realistic but fictitious.
The datasets have been changed with synthetic data in this particular Oracle environment. Now I can use this environment for my testing and still achieve an integrated testing mechanism. Because if I am using the same algorithms here, I can use the same algorithms in any other data source that you treat with Delphix and thus create consistency in the dataset.
In summary for Oracle, we have just seen the ability to discover what is sensitive, apply a policy such as Brazil's data privacy law, and mask the data in Portuguese with datasets that reflect the specific country, language, and outcome.
The last thing I want to give you a sense of is that we have wide coverage for different use cases for Oracle.
The product case I showed you is our core data compliance product. But let's say you are a large company that needs to protect one hundred billion rows because you need to do performance testing against a protected, full-size Oracle dataset.
In this case, you can use our Hyperscale product to horizontally scale across many Delphix worker nodes to protect that base dataset. The graphic here showcases that it will use bulk reading mechanisms, transform data at a billion rows per hour, and write that data back to an Oracle environment.
Thus, if you are an Oracle or Delphix customer and you want to protect very large datasets, you can also achieve that.
Thank you for your time today.