Data protection types

This topic describes the types of protection that you can apply to your data via Protect.

Tip Data refers to the tables and columns in a database.

Access-based protection

Access-based protection is the most basic type of protection that you can apply to your data. It involves providing the right users or groups access to the data based on the Collibra assets.

Note Access-based protection is available only in data access rules.

Column-based protection

Column-based protection allows you to mask the data in specific columns so that the original data is not shown; for example, masking a column that contains credit card numbers.

You can mask the columns that are a part of a data category or a data classification. When granting access to a certain asset, you can apply the masking on only a subset of the asset if the subset is also a part of the data category or the data classification.

The following masking options are available:

• Default masking: Shows the data as 0.
• Hashing: Shows the data as a set of different letters, numbers, and symbols.
• Show last: Shows the last few characters of the data. You can choose to show the last 1 through 20 characters of the data. The most common choice is 4.
• No masking: Shows the original data.

Example Suppose that you want the Human Resources (HR) group to be able to access a data set of US-based customers. Suppose that certain parts of the data set need to be hidden from the HR group because they contain restricted data, such as personally identifiable information (PII). Then, you can further protect the data by applying column-based protection or row-based protection.

Row-based protection

Row-based protection uses row filters to allow you to show or hide specific rows of a table. It is based on the values stored in the cell of a table.

Note Row-based protection is available only in data access rules.