Blog de Joe Freeman

PII tokenization is a way of protecting Personally Identifiable Information (PII) with similar impacts as field-level encryption but without the overhead of key management or rotation.  Tokenization and Encryption both have an impact on data equality checking inside applications and on the fidelity of the data. Plaintext data can be searched and matched us case-sensitive or case-insensitive techniques. Tokenization and Encryption make that impossible because the data is transformed into a form where the case and punctuation are embedded in the data blob.  We can transform the data to a canonical form prior to tokenization.  That makes equality matches easy but makes it difficult to return the originally formatted value because the token/encryption had to same case or character set prior to tokenization in the source data. Video Presentation  Slides and Speaker Notes Slides are provided here for Video reference. Speaker notes to be added Speaker notes t...

The only way to protect sensitive information is to remove the sensitive values everywhere they are not absolutely needed. Data designers can remove the fields completely or change the field values so that they are useless in the case of data theft.  Data tokenization and Data encryption are two possible solutions to this issue.  Both approaches must be implemented in a way that they return the same non-PII value for a given PII value every time they are invoked. We're going to talk about tokenization here. Tokenized field values must be changed in a repeatable way so that the attributes still be useful for joining data in queries or reports. This means every data set with the same value for the same PII field will have the same replaced value.  This lets us retain the ability to join across datasets or tables using sensitive data fields.  Every PII field has a typecode or a key.  That type is used whenever...