Workato Tip: Protecting sensitive data with data masking

Table of Contents

In today’s data-driven world, protecting sensitive information is paramount. Whether dealing with personal identifiable information (PII), financial data, protected health information (PHI), or government identifiers, ensuring that sensitive data remains secure throughout your processes is crucial. This blog post will guide you through protecting sensitive data in your recipes, ensuring your automations remain secure and compliant.

Prefer video? Check out this segment of our recent Product Hour:

What is data masking and why should we use it?

Data masking allows you to prevent Workato from storing runtime data for designated steps. Masking sensitive data is essential for any process that requires compliance. Think about scenarios such as employee onboarding, where you handle PII or financial data. While you need this data to move from your source system to your destination system, you don’t want it stored in job history tables, logging service, or anywhere else in Workato. Data masking achieves exactly this, preventing this sensitive data from being stored.

Implementing data masking in Workato

Masking data is an easy process with just a few steps:

  1. Identify sensitive data: Start by identifying which data in your recipe is sensitive. Determine which steps may include PII, financial data, and any other sensitive information.
  2. Right-click and mask: On any step in your recipe that handles sensitive data, right-click and select the “Mask data” option. This action ensures that the runtime data from this step won’t be stored.
  3. Run the recipe and check the results: After masking the necessary steps, test your recipe. When you review the job’s output, the data for your masked steps will no longer be visible. Click into the different steps of your recipe and ensure no more sensitive data is present.

And just like that, your sensitive data is protected!

Best practices

While the process of data masking is straightforward, it’s important to keep some best practices in mind to ensure your automations are set up for success:

  • Think about masking as early as possible: Rather than wait until sensitive data finds its way into your job logs, think about masking proactively. Ideally, you should implement masking throughout your recipe development process while testing in sandbox environments that don’t contain sensitive data. That way there’s no gap in coverage when you deploy your recipe to production.
  • Balance data masking and ease of troubleshooting: It’s important to strike the right balance. Mask sensitive data, but avoid over-masking, as it can make troubleshooting more difficult. It may be worth splitting sensitive data retrieval out into its own step, if possible, so you maintain visibility into your non-sensitive runtime data.
  • Conduct regular reviews: Periodically review your recipes to ensure all sensitive data steps are appropriately masked, especially as your processes evolve and new data fields are introduced.

Masking sensitive data in your recipes is a simple yet powerful way to enhance data security and maintain compliance. By identifying sensitive data and applying masking properly, you protect your organization’s critical information without compromising on functionality. Implement these practices today to ensure your data remains secure and your processes compliant.


Was this post useful?

Get the best of Workato straight to your inbox.

Table of Contents