Skip to content

De-identification Policy#

The De-identification policy is used for masking sensitive data from resource based on the tags specified tags in the policy.

This policy supports scan for HDFS, JDBC, and S3 applications.

The De-identification has the following fields:

  • Name: This field indicates name of the De-identification policy .

  • Type: This field indicates type of policy.

  • Alert Level (Optional) : This field indicates alert level: High, Medium, or Low.

  • Description (Optional): This field indicates description for De-identification policy.

  • Status: This field indicates the status of policy i.e. enable/disable. By default it is disable.

  • Application: This field indicates the name of application.

  • Destination Location: The filed indicates location where the masked sensitive data is moved.

  • Archive Location: This field indicates location where a copy of the original file is kept.

  • Search for tags: This field is used to help in identifying/classifying records to be masked.

  • Apply Encryption Schemes: This field populated with the list of scheme name which have been added under Scheme section of the application. To view the schemes, click and expand the Encryption & Masking from left menu, and then select the Schemes.

Add a Resource in the Data Zone#

To add a resource in the data zone, refer to the Add Resources

Now, when you run the scan on data zone, the policy will be applied and the copy of original resource will be moved to an archive folder, masked the resource and forward to the Destination folder. If you have not given the Destination folder the data will be encrypted on the resource file itself.

Last update: July 23, 2021