Hi All
We have Production and UAT tenant. The UAT tenant has some PII which I would like to mask. Can anyone suggest me the best practice to be followed in ISC or provide me some suggestions based on your experience ?
I found something on the idea portal https://ideas.sailpoint.com/ideas/GOV-I-1720
I was thinking of a solution like having a lookup transform so that the information is not seen on the UI . Any thoughts?
Hi @rajeshs
This is a good discussion, indeed this is required.
AFAIK we don’t have any masking available, yes you can create some lookups to encode (kind of) the data, so that some codes will be displayed in UI.
There is a masking tool from IBM, guess it is Guardium or something like that, it will not display all the details. For example, Credit card number. Only some digits are displayed to admins as well.
We have to see when this Idea will be considered for implementation.
But for now, I would say Lookup transform is the best to encode and decode the data.
Thanks
Krish
Assuming this data is coming from a source, you would have a source attribute in the cloud that should also be masked, correct? If you have correlated data, you can see that source attribute through the UI.
I think the best practice is not to have PII data in the cloud period. One such example is that SailPoint doesn’t allow pulling from a source field with the word password in it. They don’t store the password and want to discourage anybody wanting to do so. The best solution is to handle the masking on-prem using best practice methodologies.
Thank you @MVKR7T and @ts_fpatterson for the response.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.