Data masking

Protect sensitive information with advanced data masking

Written By Frieda Yip (Super Administrator)

Updated at November 27th, 2024

The data masking feature allows you to hide or encrypt sensitive details in incoming messages, contact information, custom object properties, and records through pattern masking using regular expressions (regex). This powerful tool helps maintain confidentiality and ensures compliance with data protection regulations. By implementing data masking, you can safeguard personal information while still leveraging the data you need for analysis and decision-making. In this article, we will guide you on how to effectively use data masking to enhance your data security and privacy.

This feature is currently available by request only. Contact our Sales team if you’re interested in enabling it for your company workspace.

 

 

🔒 The information in this section applies only to Admin account users

 

 

Why does data masking matter?

Data masking is essential for several key reasons:

  1. Enhanced security: Data masking minimizes the risk of unauthorized access by obscuring sensitive information. This is particularly crucial in environments where data is shared among multiple users or systems.
  2. Regulatory compliance: Many industries are subject to strict data protection regulations. Data masking helps organizations comply with laws such as GDPR and HIPAA by ensuring that personal data is not exposed unnecessarily.
  3. Risk mitigation: In the event of a data breach, masked data can help limit the exposure of sensitive information, thereby reducing potential liability and financial losses.

 

How does data masking work?

To effectively protect sensitive information, it's important to understand regular expressions (regex). Regex is a powerful tool used to identify and manipulate specific patterns in text. Think of regex as a tool for defining patterns to match specific text sequences such as phone numbers, email addresses, or social security numbers. For instance, a regex pattern can be created to match an email format like hi@sleekflow.io, allowing the system to recognize and work with that data.

The data masking feature utilizes this concept of regex through pattern masking, enabling you to easily hide specific types of sensitive information while keeping the overall structure intact.

 

What does it do?

  1. Hides sensitive information: For example, if you configured a Hong Kong phone number regex pattern as the masking pattern, the feature can mask the customer phone number from view, changing 98769876 to ********. This ensures that sensitive information is not exposed to unauthorized users.
  2. Maintains data structure: While the actual data is hidden, you can still see that the data is a phone number or an email address without revealing the real information.
  3. Customizable patterns: You can set up your own regex patterns for masking data based on your needs. Whether it’s hiding credit card numbers, email addresses, or other sensitive details, the feature allows you to define how data should be masked.

 

Setting up data masking

Access the “Data masking” page

To reach to the “Data masking” page, follow these steps:

  1. Go to the “Settings” page by clicking the icon on the left-hand navigation bar
  2. Under the “Company Settings” section, click “Data masking”
  3. You will be redirected to the “Data masking” page

 

Create a masking pattern

You will need to create a masking pattern to mask information on SleekFlow.

To create a masking pattern, you can follow these steps below:

  1. Click. on the “Create new pattern” button on the right top of the page
  2. A “Create new masking pattern” modal will pop up and you can configure your masking pattern
  3. Below are the details for each field:
Name Details
1 Name Provide a name for this pattern, masking it easy to reference in the future.
2 Regex pattern Provide the regex pattern to mask the targeted text. You can find some common masking patterns we recommend here.
3 Add new regex pattern Add an addition regex pattern if needed.
4 Content Test the masking pattern by enter ample content in this field to ensure that the pattern masks the information as intended.
5 Preview After entering sample content in the “Content ” field above, you can preview the masked content to check if the test input is masked as expected.
6 Hide from Configure which role(s) will have the masking pattern applied. For example, when selecting “Staff", all users assigned to the “Staff" role in the workspace will have the relevant data masked for them.
7 Masked location Configure the location where the masking pattern will be applied, such as incoming messages, contact properties, custom object.
8 Enable/Disable API response

Configure whether data from API responses should be masked. 
When this option is enabled, any value in the API response that matches the regex pattern for the selected “masked location” will be masked.

For instance, if a masking pattern for phone numbers is applied to “contact properties”, and API response masking is enabled, phone numbers returned by any contact API will be masked.

If you are using API integration/third party integration, you may also receive masked data. 

4. Once you have completed the configuration, you can click “Create” to create your new pattern

 

Edit a masking pattern

To edit a pattern, follow the steps below:

  1. Hover on the pattern you would like to edit
  2. Click on the icon, and a drop-down menu will appear
  3. Select “Edit”, and a “Edit masking pattern” pop-up modal will appear
  4. Once you have updated the pattern. click “Done”. Your masking pattern will be updated

 

Delete a masking pattern

⚠️ Once you have deleted a masking pattern, all the previously masked data will be unmasked and will be visible to all users in your workspace. You will need to create a masking pattern again to mask the sensitive data. 

 

 

To delete a pattern, follow these steps:

  1. Hover on the pattern you would like to delete
  2. Click on the icon, and a drop-down menu will appear
  3. Select “Delete”, a warning modal will appear. Click “Delete” to confirm the deletion
  4. The pattern will be deleted. All the previously masked data will now be unmasked.

 

Common masking patterns

SleekFlow’s ‘Data Masking’ feature provides you with the flexibility to customize the masking pattern based on your business needs, allowing you to protect sensitive data. Below are some common regex pattern examples you can use in SleekFlow. 

 

Please note that this list includes common patterns available in SleekFlow and may not cover less common patterns.

 

 

Email address

Basic email regex

Regex ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$
Description Matches most standard email formats, such as exmaple@domain.com

 

Allow subdomains

Regex ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}(?:\.[a-zA-Z]{2,})?$
Description Matches emails with subdomains, like user@mail.example.com

 

Allowing special characters

Regex ^[a-zA-Z0-9!#$%&'*+/=?^_{|}~.-]+@[a-zA-Z0-9.-]+.[a-zA-Z]{2,}$`
Description Matches emails that include additinal special characters, such as example+test@domain.com

 

Credit card number

Basic credit card number

Regex ^\d{16}$
Description Matches a standard 16-digit credit card number without spaces or dashes

 

Credit card number with dashes

Regex ^\d{4}-\d{4}-\d{4}-\d{4}$
Description Matches credit card numbers in the format 1234-5678-9012-3456

 

Credit card number with spaces

Regex ^\d{4} \d{4} \d{4} \d{4}$
Description Matches credit card numbers fomratted with spaces, like 1234 5678 90123 3456

 

Flexible credit card number (spaces/dashes)

Regex ^(\d{4}-?\d{4}-?\d{4}-?\d{4})$
Description Matches credit card numbers with optional dashes or spaces, like 1234 5678 9012 3456 or 1234-5678-9012-3456.

 

American Express

Regex ^3[47]\d{13}$
Description Matches American Express card numbers, which are 15 digits long and start with 34 or 37

 

Visa

Regex ^4\d{12}(\d{3})?$
Description Matches Visa card numbers, which are typically 13 or 16 digits long and start with 4

 

Mastercard

Regex ^5[1-5]\d{14}$
Description Matches MasterCard numbers, which are 16 digits long and start with 51 through 55

 

Discover Card

Regex ^6(?:011|5\d{2})\d{12}$
Description Matches Discover card numbers, which can start with 6011 or 65 and are 16 digits long.

 

Diners Club

Regex ^3(?:0[0-5]|[68]\d)\d{11}$
Description Matches Diners Club card numbers, which are 14 digits long and can start with 300 to 305, or 36 or 38

 

JCB Card

Regex ^(?:2131\d|1800\d|35\d{3})\d{11}$
Description Matches JCB card numbers, which can start with 2131, 1800, or 35 and are 16 digits long.

 

Phone number

Hong Kong

Regex ^(\+?852)?[56789]\d{3}\d{4}$
Description Matches HK phone numbers without hyphens, where the optional country code +852 can precede the number, such as 51234567
Regex ^(\+?852)?[56789]\d{3}-\d{4}$
Description Matches HK phone numbers specifically with a hyphen, allowing for the optional country code +852, as seen in 5123-4567

 

Singapore

Regex ^(\+?65)?(8|9)\d{7}$
Description Matches Singapore mobile numbers strictly starting with 8 or 9 without spaces or hyphens, and it allows for the optional country code +65, for example, 91234567
Regex ^(\+?65)?(6|8|9)\d{7}$
Description Matches Singapore mobile numbers starting with 6, 8, or 9, permitting the optional country code +65, such as 61234567

 

Malaysia 

Regex ^(\+?60)?1[0-9]{1}\d{7,8}$
Description Matches Malaysian mobile numbers without hyphens, where the optional country code +60 may precede the number, like 0123456789
Regex ^(\+?60)?1[0-9]{1}-\d{7,8}$
Description Matches Malaysian mobile numbers with a hyphen, allowing the optional country code +60, for instance, 012-3456789

 

Indonesia

Regex ^(\+?62)?(8\d{1,3}-?\d{7,})$
Description Matches Indonesian numbers starting with 8 (mobile) and allows an optional country code +62, as in 0812-34567890
Regex ^(\+?62)?[2-9]\d{2}-?\d{7,}$
Description Matches landline numbers starting with 2 to 9, permitting the optional country code +62, for example, 021-12345678

 

United Arab Emirates

Regex ^(\+?971)?(5[0-9]|7[0-9])\d{7}$
Description Matches UAE phone numbers starting specifically with 5 or 7, with the optional country code +971, such as 0501234567
Regex ^(\+?971)?(6|7|8|9)\d{8}$
Description Matches UAE numbers starting with 6, 7, 8, or 9, allowing for the optional country code +971, for example, 0612345678

 

Brazil

Regex ^(\+?55)?(11|[1-9][0-9])\d{9}$
Description Matches Brazilian mobile numbers with 9 digits after the area code, allowing for the optional country code +55, like 11987654321
Regex ^(\+?55)?(11|[1-9][0-9])\d{5}-\d{4}$
Description Matches Brazilian numbers formatted with a hyphen, permitting the optional country code +55, for example, 11 91234-5678

 

Identity card

Hong Kong (HKID)

Regex ^[A-Z]{1,2}\d{6}\(\d\)$
Description Matches HKID formats like A123456(7) or B123456(8)

 

Singapore (NRIC)

Regex ^[STFG]\d{7}[A-Z]$
Description Matches Singapore NRIC formats like S1234567D or T1234567A

 

Malaysia (MyKad)

Regex ^\d{12}$
Description Matches MyKad numbers, which are typically 12 digits long, such as 123456789012

 

Indonesia (KTP)

Regex ^\d{16}$
Description Matches KTP numbers, which are 16 digits long, such as 1234567890123456

 

United Arab Emirates

Regex  ^\d{9}$
Description Matches UAE ID card numbers, which are typically 9 digits long, such as 123456789

 

Brazil (RG)

Regex ^\d{1,2}\.\d{3}\.\d{3}-\d{1}$
Description Matches Brazilian RG formats like 12.345.678-9