The problem of data masking comes up surprisingly often in the world of IT. Any time you need to share some potentially sensitive data, you may need to hide, obfuscate, randomize, or otherwise dissimulate some of that data — we’ll call that the secret data.
In this article, we’ll focus on the mechanics of data masking and gloss over a massive issue: data classification — knowing who can access what data. Data classification is a whole different problem, especially in organizations with huge amounts of sensitive data. I’ll refer you to a different article that touches on this topic. For the rest of this article, we’ll assume that this problem has been solved and that we know who can access what data. The question is — how do we hide the secret data?