Introducing Salesforce data masking in Gearset

Tom Smith on

Share with


Using realistic data for testing is a great way to find bugs earlier in your CI pipeline. The best data that you’ll ever be able to use for testing is your production data. It contains the intricacies that your code needs to deal with. However, regulations and controls restrict access to sensitive information stored in production. In the past, this might have prevented you from using production data for testing.

The good news is that Gearset now supports data masking during data deployments. Data masking obfuscates sensitive information while maintaining the complex relationships within your data.

Why should I mask my data?

Developers can test their changes against different categories of data.

Fictional data is usually a good starting point. Typically, this will be simple data that a developer has invented, perhaps for a unit test. While great for testing simple cases, fictional data is often used in theoretical test cases. The data doesn’t capture complex relationships that exist and the ways that users actually behave.

The other extreme is deploying production data to a sandbox for testing. This captures real life complexity, helping developers find bugs before changes hit production. Catching bugs earlier is great, but using your production data isn’t always possible. Regulations (such as GDPR) and other controls restrict access to personally identifiable information (PII). Developers probably won’t have access to this sensitive data.

Data masking hits that sweet spot in the middle. It lets us conceal sensitive information such as names and emails. The complexity of the data still exists, but the developers can’t access real customer information.

How to use data masking

Salesforce data masking is part of Gearset’s data loader, so to get started we kick off a data deployment as usual by selecting the objects we want to deploy. In this example, we’ll deploy some Contact records and their related Account records.

Deploy Contact records and their related Account records

When we click Next, we’ll go to the data masking page. This shows the objects in the deployment with the fields that Gearset can mask. We also see a sample of the masked output for each field.

Choose which fields to mask

Masking can be turned on or off for individual fields or entire field types. The toggles on the left let us turn masking on or off for all Email fields. The list on the right configures masking for individual objects or fields.

Once we’re happy with the masking selections, we can go ahead with the deployment. In our example we’ll mask the FirstName, LastName and Email on the Contact object.

The deployment masks 18 Contact records

We can see that the Contact in the source and the Contact in the target have different values for FirstName, LastName and Email. The Contact is still attached to the correct Account.

The Contact records in the source and the masked record in the target

Keep your data secure

Businesses, consumers and developers are more conscious of data security than ever — with stricter regulation introduced, such as GDPR and CCPA, and higher expectations of how businesses handle personal data. Be sure to meet compliance regulations and customer expectations with Gearset’s robust data masking. It’s free and simple to see how you can keep your data secure with a 30-day free trial of Gearset and data masking.

Try all of Gearset for free