We’re working through a Cloud upgrade with a remote deployment. I’m running into a lot of performance issues, and I’d like to explore using different antimalware solutions, different public clouds, and different on-prem hardware. Whenever I copy our production database somewhere, though, it creates a significant business risk, so I need a full-sized copy of our system that has been made safe enough to use for this exploratory purpose.

I need to mask or sanitize our entire database to reduce or eliminate the risk of our business data getting compromised.

Question 1: Has anyone scrubbed a database like this? How did you do it?

There’s a pack available for Oracle Database Enterprise Edition called the Data Masking and Subsetting Pack. I saw that it needs to be licensed for the source database, or in this case our PROD 9 database.

Question 2: Does this pack need to be licensed for every user or just the IT users who are working in the sanitized environment?

Even if I can manage to mask all the fields myself, I’d have to mask both sides of each referential integrity constraint. This isn’t so bad for well-behaved fields that are just keys, but the system includes several columns like KEY_REF and KEY_VALUE that would need to be remapped as well.

Question 3: If you’ve done this before, how did you mask partial column values? If you’ve used the Oracle pack to do this, did it cover partial keys?