U.S. Financial Services Major Secures Sensitive Data with Data Masking Solution from Estuate

single image

Industry       :  Financial Services

Practice Area  :  Information Lifecycle Governance & Security



The client is a leading financial services corporation whose goal is to make financial expertise broadly accessible and effective in helping people live the lives they want. With assets under administration of over $5 trillion, they focus on meeting the unique needs of a diverse set of customers: helping 23 million people investing their own life savings, 20,000 businesses to manage their employee benefit programs, as well as providing 10,000 advisors and brokers with technology solutions to invest their own clients' money.

Business Challenge:

The client launched a corporate initiative three years ago to develop a mature data masking strategy for all their corporate applications, in order to secure sensitive non-production data pertaining to employees and customers. Previous initiatives were largely ad hoc and informal, which was no longer sufficient in this era of high-visibility data breaches.

Client launched a software evaluation process, and selected IBM Optim Data Privacy Solution as a corporate standard for data masking. A Masking Center of Excellence (CoE) was formed to execute a data masking initiative, with a target of masking 15 key applications in the first year, while creating the repeatable processes needed to mask multiple applications consistently.

The Estuate Solution:

The client started with a different Optim partner but that didn't work out very well.  Having seen Estuate’s expertise in action at an Optim User Group meeting, the client engaged Estuate to do a best practices review of their CoE.  Estuate found that the implementation was inefficient, which contributed to massive performance issues, causing a lot of support attention from IBM. Estuate reworked the solution based on its extensive knowledge of IBM Optim and the Information Lifecycle Governance and Security (ILGS) domain.

Estuate identified an approach to automate the data masking process from end-to-end, and then moved into an implementation effort using Excel as the automation tool.  Estuate succeeded in mastering a complex set of processes for taking an application and its data elements, and automating the masking process by matching up the right Optim masking policy associated with each data element.

The solution:

  • Identified and categorized data elements to be masked.
  • Defined masking algorithms for each data element.
  • Automated repository of data elements and masking algorithms.
  • Mapped applications to be masked to the Data Masking Repository.
  • Masked 10 applications for “production” purposes for at least a year.
  • Drafted best practices and repeatable processes for masking.

This was a very specialized project around sharing best practices in a complex customer environment with an entrenched competitor. It also involved automation of a complex business process with rapidly evolving requirements that required many iterations to complete. Estuate noticeably moved them forward along the curve with our best practices recommendations and our automation solutions.

The following table summarizes the key technical areas where Estuate made a difference.

Previous Generation - Years 2006 thru 2012Estuate's Solution
Homegrown Tool - Informatica, Java Script and OracleIndustry leading tool - IBM Optim
Masking based on 21 elementsMasking to 124 elements
Immature, inconsistent processes and/or no standardsMaturing, repeatable processes & documented standards
Discovery was “Best Efforts” basedIntelligent Discovery and powerful masking capabilities
Limited to known DB tables/fields without deep diveExpanded beyond DB tables/fields (i.e. files)


Business Impact:

Estuate’s solution helps protect sensitive non-production data and ensures data privacy by creating masked data for development, testing, and training. Key benefits:

  • Faster, secure and automated data masking procedure and policies.
  • Improved maturity in the client’s Masking CoE with clearly identified areas, and a path, for continuous improvement.  
  • Increased capacity to mask more applications faster.
  • Enabled use of production data in nonproduction environments without violating data privacy regulations or risking sensitive data leaks.
  • Addressed stringent regulatory requirements and global data privacy protection laws.

        The nature of our business entails dealing with sensitive private data that not only needs to be protected, but is also subject to stringent regulations. A one-off approach was not going to help. Estuate not only built a solution for us, but also helped us mature a Data Masking Center of Excellence which enables our entire organization to adopt industry-leading standards in data protection. Their domain knowledge, Optim expertise, deep connections with IBM, and above all, their professionalism and can-do attitude made all the difference to the success of this project.

Software Engineering.