MongoDB Data Masking Made Easy: No More a Challenge

Our valued client, a leading healthcare provider, handles a large amount of sensitive data, including patient medical records and health information. With stricter data privacy regulations, securing this information is crucial for maintaining trust and compliance. To address this, we suggested using Protecting Sensitive Data: Queryable Encryption in MongoDB link

Challenges:
Yet another client, a leading financial services company, handles a large amount of sensitive data, including customer financial information and transaction records needed to secure their MongoDB database against potential data breaches while ensuring regulatory compliance. However, they were using an older version of MongoDB that doesn’t support queryable encryption. Traditional security measures were insufficient, so a more advanced solution was needed to protect sensitive data from unauthorized access. They required encrypted data that could still be queried securely.

Solution:
To meet the client’s needs, we proposed a data-masked, read-only view in MongoDB. MongoDB’s view functionality allows us to define data categories accessible to clients. By securing these views with role-based access controls (RBAC), only authorized users can view the data.

Implementation:
We identified Personally Identifiable Information (PII) such as social security numbers, card names, secret codes, and transaction details as the primary targets for masking. We designed a data-masked, read-only view to ensure this sensitive information is obfuscated and accessible only to authorized users.

Sample:
For example, we identified card_name, card_num, and card_sec_code as PII data. We mask these fields so they cannot be deciphered.

1. Rs0 [direct: primary] Bank> db.customers_info.find()
2. [
3.   {
4.     _id: ObjectId('6648829655fef720c5bde3ed'),
5.     card_name: 'Mr.Rexjo moj',
6.     card_num: '8765345728934565',
7.     card_expiry: ISODate('2024-12-13T08:58:42.920Z'),
8.     card_sec_code: '123',
9.     card_provider_name: 'Credit MasterCard Gold',
10.     card_type: 'CREDIT',
11.     transaction_id: 'ab2ty77836e8713656d9bf2debba8900',
12.     transaction_date: ISODate('2024-05-13T09:32:07.000Z'),
13.     transaction_amount: Decimal128('5000.98')
14.   }
15. ]

Aggregation part of data masking

1. var MasksStage1 = {
2.     //TEXT REPLACEMENT WITH ASTERISK
3.     'card_sec_code': '***',                    
4.     //TEXT OBFUSCATION RETAINING LAST NUMBER, eg: '1234567890123456' -> 'XXXXXXXXXXXX3456'
5.     'card_num': {'$concat': [
6.                     'XXXXXXXXXXXX',
7.                     {'$substrCP': ['$card_num', 12, 4]},
8.                 ]},  
9.     //TEXT OBFUSCATION RETAINING LAST WORD, eg: 'Mrs. Jane A. Doe' -> 'Mx. Xxx Doe' (needs post-processing in a subsequent pipeline stage)
10.     'card_name': {'$regexFind': {'input': '$card_name', 'regex': /(\S+)$/}},
11. };
12. var MasksStage2 = {
13.     //PARTIAL TEXT OBFUSCATION RETAINING LAST WORD (post processing from previous regex operation to pick out 'match')
14.     'card_name': {'$concat': ['Mx. Xxx ', {'$ifNull': ['$card_name.match', 'Anonymous']}]},
15. };
16. //FULL PIPELINE 
17. var pipeline = [
18.     {'$set': MasksStage1},
19.     {'$set': MasksStage2},
20. ];

Create a view with the masked data:

db.createView('customers_info_view', 'customers_info', pipeline);

Output of the masked data

1. Rs0 [direct: primary] Bank> db.customers_info_view.find()
2. [
3.   {
4.     _id: ObjectId('6648829655fef720c5bde3ed'),
5.     card_name: 'Mx. Xxx moj',
6.     card_num: 'XXXXXXXXXXXX4565',
7.     card_expiry: ISODate('2024-12-13T08:58:42.920Z'),
8.     card_sec_code: '***',
9.     card_provider_name: 'Credit MasterCard Gold',
10.     card_type: 'CREDIT',
11.     transaction_id: 'ab2ty77836e8713656d9bf2debba8900',
12.     transaction_date: ISODate('2024-05-13T09:32:07.000Z'),
13.     transaction_amount: Decimal128('5000.98')
14.   }
15. ]

Here you can see card_name,card_num and card_sec_code fields are masked in a way that they cannot be deciphered.

Additional features that can be achieved through the data masking, which will be covered in the upcoming blogs.

• Data - masked aggregation on demand
• Data - masked copy of original data
• Overwriting original data with masked values

Implementing data masking in MongoDB provides our client with a strong security measure to protect sensitive information and maintain regulatory compliance. Using MongoDB’s encryption capabilities, we ensure that customer data is protected from unauthorized access, strengthening trust in our client’s services.

At Mafiree, we are dedicated to delivering customized solutions to meet your specific security needs. For inquiries or assistance with data masking and enhancing data security in MongoDB, please contact us.