Latest White Paper | "Cyral for Data Access Governance"· Learn More
Free Trial

Data Masking
Made Simple

Policy-based data masking.

Obfuscate your data for privacy, protection and compliance

Cyral’s solution automatically discovers and dynamically masks all your structured data. Customers can apply a host of row and column-level masking strategies that can be implemented and managed as code. It enables compliance with privacy regulations and prevents data spillage.

Infrastructure Agnostic

Compatible with both on-premises and cloud environments

Comprehensive Techniques

Powerful, general purpose framework for various needs

Policy as Code

A declarative framework for specifying masking policies

One Platform for All
Data Masking Needs

  • Create devalued copies of data for application and model testing.
  • Preserve referential integrity in datasets for real-world development and testing.
  • Prevent data spillage and improve application quality.

  • Uphold contractual policies on how customer data is handled.
  • Ensure confidential data access is restricted to authorized employees.
  • Eliminate the need for complex views and token management.

  • Limit the users and applications that can access raw data.
  • Minimize copies of customer data created by ETL jobs and services.
  • Enforce a default policy that prohibits access to unmasked data.

  • Comply with GDPR, CCPA, and other data privacy regulations.
  • Implement transparent and auditable data usage and privacy policies.
  • Enable engineering and legal teams to collaborate on privacy goals.

What People are Saying

“The industry has long needed a new cloud security service—one that operates directly at the data layer where the crown jewels of business reside.”
Dr. Dan Boneh
Applied Cryptography Group, Stanford University

Cyral’s Data Masking Platform

Cyral’s platform enables a policy-based approach to masking. Customers can declare the various masking strategies that can be applied in various scenarios for different users, applications and pipelines. These policies are enforced at both a column and row level, and can be defined on various attributes of the data consumer, the access request or the data being read.

Examples of Masking Restrictions

Limit raw data access to certain named individuals

--data_tag == "PII"
--user == ""
--action == "Read PlainText"

Limit raw data access to individuals based on name of the column 

--column_name == "SSN"
--user == "SSO:Analytics"
--action == "Null Mask"

Limit raw data access to individuals based on the value of record they are accessing

--column_name == "Country"
--user == "SSO:USA"
--action == "Redact Where {value} == 'FRA'"
A Practical Guide to Risk-based Data Security Governance

A Practical Guide to Risk-based Data Security Governance

Read White Paper
White paper Challenges With Managing Permissions Using Database Roles

Challenges With Managing Permissions Using Database Roles

Read White Paper

How To Save Time and Effort With Policy as Code

Read White Paper

Get Started in Minutes with our Free Trial