Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Masking sensitive data

Updated on May 14, 2021

Secure and protect Personally Identifiable Information (PII) and other sensitive data by creating custom security rules to mask or remove this data. Security rules help to protect your company from exposure to identity theft and other security-related issues.

Pega Workforce Intelligence includes default security rules that remove Social Security Numbers (SSN) and the following types of Credit Card Numbers (CCN):

  • American Express
  • Visa
  • MasterCard
  • Discover
  • Diners Club enRoute
  • Diners Club International/Carte Blanche
  • Diners Club United States and Canada
  • JCB
  • CUCard

You cannot modify or delete these default rules, but you can add new rules. The following use cases and sample values can help you determine how to address common masking needs by using security rules.

Date masking rule

Mask dates if you want to hide sensitive date information, such as the date of birth. You can include multiple date formats in the pattern. Based on the following example values, Workforce Intelligence searches for dates that follow the mm/dd/yyyy pattern and replaces the actual date with the letters mm/dd/yyyy:

Name
Date masking rule
Description
Date masking
Pattern
\d{1,2}\/\d{1,2}\/\d{4}
Replacement
mm/dd/yyyy
Field names
ExecutablePath,ProcessStartArgs,Url,UrlTitle,UrlPath,UrlQueryString,BaseUrl,WindowText

Email address masking rule

Mask email addresses to protect the identity of individual associates or to remove irrelevant data from analysis, if specific email addresses do not add value. Based on the following example values, Workforce Intelligence searches for the pattern that includes any acceptable email characters separated by an @ symbol and a dot. The system replaces the actual email address with [email protected].

Name
Email address masking rule
Description
Email address masking
Pattern
\b[a-zA-Z0- 9._%+-][email protected][a-zA-Z0-9.-]+\.[a-zA-Z]{2,}\b
Replacement
[email protected]
Field names
ExecutablePath,ProcessStartArgs,Url,UrlTitle,UrlPath,UrlQueryString,BaseUrl,WindowText

Outlook consolidation masking rule

If you want to target email masking to Microsoft Outlook title bars, you can create a security rule to remove the individual email addresses from Outlook title bars. For example, this security rule is useful when analysts are only interested in the total amount of time that associates spend in inboxes instead of identifying specific inboxes. The following values provide example patterns, but the patterns you enter depend on how the title bars are formatted in your version of Outlook:

Name
Outlook consolidation rule
Description
Outlook masking
Pattern
(^Inbox -)(.*)( - Outlook$)|(^Sent Items -)(.*)( - Outlook$)|(^Deleted Items -)(.*)( - Outlook$)|(^Outbox -)(.*)( - Outlook$)
Replacement
$1$3$4$6$7$9$10$12
Field names
ExecutablePath,ProcessStartArgs,Url,UrlTitle,UrlPath,UrlQueryString,BaseUrl,WindowText

Tax ID Number masking rule

A TIN is considered Personally Identifiable Information (PII) because it is a unique number used to identify individuals. It is also sensitive information because it used on financial forms, such as tax records. You can protect TINs by creating a security rule that replaces these unique identifiers with xx-xxxxxxx, as shown in the following example values:

Name
Tax Identifier Number masking rule
Description
TIN masking
Pattern
[0-9]{2}-[0-9]{7}
Replacement
xx-xxxxxxx
Field names
ExecutablePath,ProcessStartArgs,Url,UrlTitle,UrlPath,UrlQueryString,BaseUrl,WindowText

Learn more about how to add custom security rules by reading the following article:

  • Adding custom security rules

    Protect sensitive data and adhere to your organization's security efforts to mask Personally Identifiable Information (PII) by creating custom security rules.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us