k2v-academy / K2View-Academy

Other
0 stars 0 forks source link

TDM - How to mask / encrypt PII field that is root_id in child LU #1071

Closed yBqdo2VLaCdftea1MqgSdtEhrPZtV5oJRr4eIUo closed 6 months ago

yBqdo2VLaCdftea1MqgSdtEhrPZtV5oJRr4eIUo commented 6 months ago

Hello - in one of our customers implementation they use PII field (like SSN) as a link between parent and child LUs.

They do not need any masking as such while they are moving data from source to target, but they want data to be encrypted when we store it in fabric.

Currently with SSN as a root_id for one of LU, they will see all extracted SSN values in our entity table (under ID column) as well as in few TDM tables - and this is a concern.

Is there any option we can suggest other than use different field for root_id ?


Best regards, Andrey

eHK5dcC00peRJzSmBkzpRSXRdBTJxvlzYiuW95S commented 6 months ago

Hi.

It is not recommended to use the SSN (or any PII field) as the entity ID, since the entity ID is displayed in the TDM reports and TDM window. Please check for another unique identifier in the source system. If the source system does not have it, you can create in advance a mapping table in the source DB with the list of SSNs and generate an ID on each SSN to have a synthetic entity ID.

Tali