Refer to attached sql script which my DBA colleague plan to use to
"mask" sensitive data in the DB (I presume it's Oracle).
Q1:
Is this a 1-way hashing or the 'masked' data can be 'unhashed' back?
Q2:
Is this MD5 the industry practice or there are more secure ways of 'masking' it
Q3:
How do people verify the 'hashed' data? Do we do 'norows export' & randomly
check the exported tables or is there a way to export out table by table of the
hashed tables?
Q4:
What are the things to look out for in the logs to verify this 'masking' process
completed successfully or how can I amend this script further so that it will
log down its activities for verification?
Q5:
How does the script ensure that the keys that link the various tables are 'hashed'
together so that it does not break the entity relationship & the 'masked' database
can still be used by the vendor we're sending this database to?
Q6:
How do people normally send such a 'masked' Oracle DB out : by encrypted tapes
or USB HDD or slowly via sftp over Internet?