We were engaged by our client, and international investment and asset manager, to execute a General Data Protection Regulation (GDPR) exercise to identify Personally Identifiable Information (PII) on their most business critical Risk Data Warehouse and then mask the identified data.
The data was contained within SQL Server RDBMS and also CSV files on Linux OS.Our client uses the Delphix Data Platform for the virtualisation of data and was looking to extend the product to include the data masking toolset. This toolset has a basic profile of financial datasets that can be used to identify the relevant information, though is not comprehensive. FWD View developed the PII dictionary specifically for the capital markets industry, that is used to compliment the Delphix Masking profile.
As part of the exercise FWD View introduced the functionality of a data cataloguing tool, which would enable us to design and build a GDPR workflow, that would then automatically crawl terabytes of data; identifying, tagging and profiling the relevant PII.
We implemented Waterline Data as the Cataloguing tool, designing a data centric security model which allows for enhanced security and compliance at the data level without impacting agility from a reporting, development or testing perspective.