Sometimes, accessing two tables separately doesn't violate compliance regulations, but accessing these two tables when they are joined creates a serious privacy problem. Immuta can help avoid creating these toxic combinations of data.

Tables are joined on a key, a column in one table that matches a column on the other table and allows the join. To prevent joining those tables, you would mask the keys so they no longer match one another. This is an important distinction: you do not make data anonymous only because it’s directly sensitive (a direct identifier) or because it’s indirectly sensitive (an indirect identifier) but potentially because it’s a join key that you may not want to be used for joining.

Because of this risk, Immuta uses a unique salt for hashing per table when masking a column to break referential integrity by default, making sure the masked values aren’t able to join. This means you can’t join on two masked columns unless you tell Immuta you want to allow that. To do so, you have to add those tables with the masked keys to a project and enable masked joins. When you enable masked joins in a project, Immuta uses a consistent salt across all data sources in that project, which returns referential integrity and allows joining.

Key takeaway

Projects give you control over toxic data combinations.

While masked joins are allowed, only project owners can add data sources to the project. Additionally, masked columns can only be joined if they are masked using hashing.

In order to join mask columns across data sources, those data sources must be linked by a project.

Requirement: You must own the project

1. Create a project or select an existing project.

2. Navigate to the Overview tab.

3. Click the Allow Masked Joins toggle.

4. Click Confirm.

Masked joins allow masked columns to be joined within the context of a project.

How-to guide

Enable a masked joins guide: Enable masked joins for data sources within your project.

Concept guide

Why use masked joins?: This explanatory guide offers an example use case for implementing masked joins to highlight their business value.