Known issues for Data Privacy (Masking flow)
The following limitations and known issues apply to Masking flow.
Characters formatting option rules mask as redact masking method
Characters formatting option rules might mask as redact instead of identifier method. For more information about characters formatting options, see Identifier masking method topic.
Applies to: 4.6.5
Some emails do not follow the masking rules
Although masking rules are set, some emails are unexpectedly masked with XXXXXXXXXX
.
Advanced masking rules might not work as designed for some of the emails due to validation failure on the domain suffixes, such as .name
and .info
. In these cases, the data is masked with default value of XXXXXXXXXX
.
Applies to: 4.6.4 and earlier
Fixed in: 4.6.5
Cannot mask identifier when input data contains quotations
The known issue and its workaround depend on which version of Cloud Pak for Data that you installed:
For advanced obfuscate, the identifier masking does not work properly when the input data contains quotations. However, the data is masked to the default masking for the data type.
For advanced obfuscate, if any of the characters formatting options were included with the identifier method, the mask data does not work properly when
the input data contains quotations. However, the data is masked to the default masking for the data type.
To workaround to obfuscate the columns that contain quotation mark, go to Action page of your data protection rule and under Select masking method section, select one of the following workarounds depends if you want to use basic or advanced data masking:
-
For basic data masking, select Obfuscate as the masking method and clear the Enable advanced masking options checkbox.
-
For advanced data masking, select Obfuscate as the masking method and then select the Enable advanced masking options checkbox. In the Advanced masking options section, under the Obfuscate method list, select Identifier method with the following default settings:
- Reversibility:
Irreversible masking
- Consistency:
Repeatable
- Input Validation:
No validation
In addition, click the Reset to default values button to clear the following checkboxes: - Characters formatting options:
Uppercase
andRemove
Trim
Copy or replace
- Reversibility:
Applies to: 4.6.0 and 4.6.1
Fixed in: 4.6.3
The Partial redact option masks all of the sensitive data
The Partial redact option that is available for email addresses, social security number, credit card classes, and US phone numbers, does not do the partial masking. Instead the sensitive information is fully redacted.
Applies to: 4.6.0
Masking doesn't work if rules are created to obfuscate custom data classes
If rules are created to obfuscate custom data classes, masking doesn't work because the rule interpretation and policy generation fail. The failure is because a regex pattern isn't available. The An error occurred attempting to preview this asset
error occurs during asset preview, and the QPE005: Unexpected empty policy.
error occurs during masking flows.
If you create rules to redact or substitute custom data classes, masking works as expected.
Applies to: 4.6.0
Parent topic: Masking data with Data Privacy