Privacy Application Infrastructure: Confidential Data Masking

Handling of confidential and sensitive data is an important issue facing any professional service provider that wishes to use services from a third party company. This paper describes an infrastructure, the Privacy Infrastructure Appliance that was designed to protect confidential information when outsourcing service fulfillment. A comparison is made with an embedded solution that does not use an infrastructure.There are two use cases to consider, one use case is the outsourcing of back-end service fulfillment, such as executing foreign exchange trade orders and the second use case is the outsourcing of back-office activities, such as non-core competence office work. In considering back-end service delivery, we look at the use of computer systems and processes, which are not privy to confidential information. In considering back-office clerical activities, we look at the human component of service fulfillment, the clerical office worker. The clerical office worker that is outsourced, will still use the applications of the outsourcing company, but he is no longer privy to confidential information. This paper describes and contrasts two solutions. An infrastructure that was built to meet confidential information requirements for doing outsourcing of solution delivery systems and an application approach to mask confidential information from outsourced back office workers.