To achieve scalability and high performance, you can split records of the same objects into different chunks.
For example, the Contact object contains 18 million records distributed evenly over three years. Suppose we then decide to split the Contact object into three unique mappings – this means that each mapping will now have six million records. This split allows the processing of all three batches of six million records simultaneously instead of processing one contact masking batch containing all 18 million records.
After the creation of the Configuration record, you need to add objects and fields to the object masking and field masking records.
The following steps cover how to create these object-masking and field-masking records.
Step 1: Navigate to the ‘Configuration’ tab
Click on the ‘Configuration’. You will now see all of the configurations that you have created.
Step 2: Navigate to the ‘Object Masking’ section
Click on any configuration record and scroll down to the ‘Object Masking’ section.
Step 3: Create an Object Masking record
Click the ‘New’ button to add an Object Masking record.
You will then be prompted to select a record type: ‘Delete Records’ or ‘Mask Records’
Delete Records: If you want to delete records, select the ‘Delete Records’ button and click ‘Next’. By doing this, the Delete Records Page Layout will display.
Mask Records: If you want to mask records, then select the “Mask Records” radio button. By clicking on this, the Mask Records Page Layout will display.
Select an Object and determine Group, Sequence, Batch Size, Max. Record Per Slice, and Filter Criteria, then select the ‘Use Bulk API’ checkbox. This allows you to process records in bulk and improve masking performance.
The Group criteria decide on masking priority. That means objects that are added in Group 1 will be masked first, followed by objects in Group 2, and so on up to Group 10. You can add an unlimited amount of objects in a single Group and put Standard as well as Custom Objects in the same Group or a different Group
The Sequence criteria work within different Groups. The Sequence criteria allow you to decide the priority for an object to be masked within a Group. For example – an object which has a Sequence value of 1 will be masked first, and so on for an infinite number of values. Manually, you may set as many sequences in a single group on both Standard and Custom Objects.
- Batch size
The Batch Size determines the number of records that should be processed in a single batch. You can set it from a minimum value of 1 to a maximum of 2000 records.
- Max. Record Per Slice
Max. Record Per Slice is used to query records for single with the earliest date as well as a total number of records. After getting a total number of records and starts creating slices of the records as per the max record per slice. The slices are made based on created date. It is designed to handle large volumes of data and execute quickly, making it an essential part of the Data Masker application. You can set it from a minimum value of 50000 to a maximum of 3M records for the best results.
- Filter Criteria
You can use the Filter Criteria to filter records based on your criteria. Everything that can fit into the SOQL WHERE clause can also fit into the Filter Criteria. Logical operators, Literals, LIMIT, and others can be utilized.
Here’s an example of how to mask all active Contacts with the record type of ‘Partner’ and where the Partner is based in the ‘United Kingdom’.
Step 4: Save your changes
Click on ‘Save’. Likewise, you can create multiple records of object masking with different groups and sequences.
Step 4.1: Pick an Object
Click on the Object name for which the user wants to add Field masking. You will be redirected to the field masking component which allows adding multiple fields simultaneously.
Step 4.2: Choose Fields
Here users can select multiple fields at a time. Also, the user can specify the action which needs to be implemented for masking the field. To achieve this user
needs to select the fields by clicking the checkbox. Then select ‘Action’, and ‘Replacing Value’.
Actions: – To replace/erase the field values with another value from the option provided by DataMasker. User can select one of the following actions by clicking the dropdown –
- Erase: To erase the field values.
If you select Erase, select the field from the dropdown list and click ‘Save’. This function is used to erase the field (e.g. name, number, email, address, etc.)
Note – Never add mandatory fields under erase action.
- Random: While selecting ‘Random’ from actions, choose the field by which you want to replace the selected field with a Random text/string.
- Hardcoded Value: Hardcoded values are values where you can add any hardcoded text/string to replace the actual value with chosen one.
Select the field where you want to apply masking to and click ‘Save’. Repeat this until desired field maskings are set up.
Enter any String in the ‘Enter Value’ textbox field by which you want to hardcode the selected field. Make sure the value entered in the textbox is of the same data type of the field selected for masking.
In the following example, the output of the Account Description will be Masked.
- Pattern – Custom List: – While selecting ‘Pattern – Custom List’ from actions, choose the value by which you want to replace the selected field by using patterns.
A Pattern – Custom List can be any combination of items or names from the default list or the lists created by the users.
- Pattern – Regex:- While Selecting ‘Pattern – Regex’ from actions, choose the value by which you want to replace the selected field by using patterns from your sandbox (e.g. email, phone number, etc.).
You can also add your own Masking Pattern.
- Prefix:- While selecting ‘Prefix’ from actions, insert the replacing value which will get appended(just before) with the existing value of the field. In replacing value you can choose any special characters with text or numbers. Prefix action is only available for Text, Long Text, Text area and email.
7. Postfix:- While selecting ‘Postfix’ from actions, insert the replacing value which will get appended(just after) with the existing value of the field. In replacing value you can choose any special characters with text or numbers. Postfix action is only available for Text, Long Text, Text area and email.
8. Apex:- While selecting ‘Apex’ from actions, choose the field by which you want to replace the selected field with Apex texts/strings. For more information about Apex text strings, read this article.
After adding all fields, you can see a list of your field masking, as shown.
Formula Field:- The action ‘Formula Field’ is used to mask the records by formula field return values. Users can enter the API name of the Formula Field at the value in the Field Masking.
Note – While adding a field for masking with the formula field, the user needs to make sure the Formula Field with the respective return type is created. Eg. If the user is adding a Number Field in the field masking then Formula Field with a Number return type should be created for that particular object.
- Click on the Save button and execute the Data Masking
- After masking, users can check that field values will be replaced by the value returned by the Formula Field.
- Likewise, users can perform masking by Formula Field action as per the business requirement.
Note – There may be some variations in the value for Data type ‘Date/Time from the value returned by the Formula Field for it.
Unique Checkbox– Unique functionality is used to create unique values for each field value that has been added to the field masking. Users can check the Unique checkbox in the Field Masking component to create unique values and after masking, the Data Masker will append the ID of that record next to the value.
Note – User can create Unique values for the fields with Text and Text area data types only.
After Masking with Unique Checkbox, the record value will append the Record Id along with the value mapped by the ‘Replacing Value’ action that makes the record value unique.
Middle Name and Suffix Fields-
If the user wants to add a Middle name field and a Suffix field for masking, then two permissions need to be assigned to the user.
- Enable Middle Names for Person Names
- Enable Name Suffixes for Person Names
Users can assign these permissions from ‘User Interface’. To assign those permissions follow the below path,
Setup -> Home -> User Interface ->Scroll Down and click on the ‘User Interface’ -> Go to the section ‘Name Settings’
Users can check the two checkboxes and click on the Save button to assign these permissions as shown in the screenshot below.
Special Use Case – User Masking
Masking User records is considered one of the best ways to protect the personal information of org’s users. When utilized, Salesforce permanently scrambles the user’s object data and replaces it with random character strings. The user’s detail page exists, but all of its fields will contain meaningless strings of characters. Salesforce simply obfuscates or scrambles personal data because you can’t delete a user in Salesforce; you can only disable or deactivate a user. In other words, the user record still remains in the database, but this method performs a soft delete. This masking process does not work on Custom fields.
For further information on masking, and user records read this article.