CipherTrust Data Masking Solutions

CipherTrust Data Masking solutions help protect your compliance, reputation and budget by masking or replacing sensitive data while maintaining the usability of the data for testing and business analysis.

What is Data Masking?

Data masking protects sensitive data by keeping some data in the clear and replacing the remaining data with symbols or realistic characters that are fictitious.

Dynamic Data Masking (DDM) is used for real-time activity when different aspects of the customer data are needed by different roles.
Static Data Masking (SDM) is used for massively repeated data queries, prior to third-party data sharing or adding a data set to a data lake, or sharing with Development/QA/Research/Data analysts.
Redaction is used when the intent is to permanently remove confidential information – the ultimate form of data protection for sensitive data

Benefits of CipherTrust Data Masking

CipherTrust Data Masking solutions can be used in conjunction with tokenization or encryption.

Least-privileged access

Define who sees sensitive data and how

Regulatory Compliance

Comply with strict data protection laws

Improve business agility

Share data securely and efficiently across locations and teams

Just as you use different keys for different columns in your database, you use different ciphers for different types of data. Learning and applying the rules of cryptography is time-consuming and you have more exciting projects to work on.”

Marc Seguin Director, Product Management CipherTrust Developer Solutions

Invisible Shield, Visible Impact

Rapid growth brings new partners—and new risks to organizations. Sharing real data for testing opens doors to breaches, fines, and lost trust. Then comes data masking. Realistic, fake data lets teams build, test, and collaborate—safely. Hackers hit a wall of noise. Compliance tightens, customer trust deepens, and innovation thrives. Data masking doesn’t slow organizations down—it makes everything safer.

Protect sensitive data used in non-production and production environments

Static and Dynamic Data Masking are recommended for development, testing, training and production environments. Use to obscure sensitive information, keep some data in the clear and replace some data with symbols or realistic characters that are fictitious. Static Data Masking increases performance when the same set of characters is repeatedly needed in the clear. Dynamic data masking can vary which set of characters will be in the clear.

Permanently obscure data

Dynamic Data Masking and Redaction permanently remove or obscure sensitive information – they are not reversible.

Fine-grained access control

Centrally-managed Connectors have an additional layer of security provided by an access policy specific to the Connector. REVEAL provides data to a specific user based on the method assigned to the user. If the specific user is not listed, they receive data as defined for a DEFAULT user.

The Forrester Wave™: Data Security Platforms, Q1 2025

Cost savings and business benefits enabled by the CipherTrust Data Security Platform

Thales’ vision for data security is holistic and distinguishing, with market impact resulting from its focus on enabling postquantum preparations and crypto agility. Thales is underway with efforts to combine Thales CipherTrust and Imperva Data Security Fabric into a combined DSP. It boasts an impressive roadmap and robust community strategy for engagement."

Read the Report