Get Started
Set up and know better about hoop.dev’s AI Data Masking
Prerequisites
- Have properly installed hoop.dev through one of the options available in the installation area
- Be on an enterprise plan
- Enough access to your infrastructure so you can load environment variables to your hoop.dev instance
- Have admin access to your hoop.dev instance
This page is dedicated to the setup of AI Data Masking in self-hosted instances. If you are looking for the Learn Guides of AI Data Masking, click here.
Set up
You can either use Google Cloud Data Loss Prevention hosted by Google on GCP, or Microsoft Presidio, an open-source project that you can host yourself.
Google Cloud Data Loss Prevention
You must be on an enterprise plan to have access to the AI Data Masking feature.
Create an account at Google Cloud Data Loss Prevention and a service account with the permissio roles/dlp.user
.
When installing hoop.dev, you need to set the environment variable GOOGLE_APPLICATION_CREDENTIALS_JSON
with your GCP DLP credentials in hoop’s Gateway.
Hoop.dev uses Google Cloud’s DLP at our protocol layer to mask sensitive data in real-time in the data stream of any connection you configure.
Host yourself with Microsoft Presidio
Install
Check the Microsoft Presidio documentation to install it. We recommend you use the Docker Installation setup.
Microsoft Presidio Documentation
Visit the Microsoft Presidio documentation to install it using Docker.
Set up
Set the new environment variables in hoop.dev’s Gateway with the following values:
Environment variable key | Value |
---|---|
DLP_PROVIDER | presidio |
MSPRESIDIO_ANALYZER_URL | <host-to-analyzer:port> |
MSPRESIDIO_ANONYMIZER_URL | <host-to-anonymizer:port> |
Run hoop.dev's Gateway with the new configs
After setting up the environment variables, hoop.dev will use Microsoft Presidio to mask sensitive data in real-time in the data stream of any connection you configure.
Activate to your connections
Navigate to your Web App instance > Open the Manage toggle > click at AI Data Masking > Activate by connection and to configure which fields you want to set, hit the “Configure” button.
How it works
At the protocol layer when communicating with a database or server, hoop.dev will open the package and communicate with DLP provider to mask sensitive data in it. This happens in memory and in real-time, so the data is never stored in the database or server in its original form.
After the setup, we automatically give you a bunch of default and most used fields, so you don’t need to worry much about that part either. You can remove or add fields as much as you like. To see all fields available, check our documentation page for all fields supported.