1. Under Security Center, click Data Masking.
2. Under Related Resources, click Masking Policies.
3. Click the name of your masking policy to view its details.
4. Under Resources, click Masking Columns Needing Attention.
5. Locate the rows that have an exclamation mark next to the masking policy. Hover your mouse over the exclamation mark to learn about the issue.
6. Select a different masking format for the rows or edit the existing masking formats to resolve the issues. When a masking format is successfully updated, a message states Masking Format Updated Successfully.

1. Under Security Center, click Data Masking.
2. Under Related Resources, click Masking Policies.
3. Click the name of your masking policy to view its details.
4. Scroll down to the Masking Columns section where all the columns are listed with their associated masking formats.
5. Locate the row for the column for which you want to change the masking format.

   Note:

   You can't change the masking format of a column that is part of a composite relationship. The default masking format will be created following a naming convention of schema.parenttable.datetime. This schema.parenttable.datetime masking format will automatically apply group masking with shuffle format when a masking job is initiated. See Add or Remove a Referential Relationship from a Sensitive Data Model and Group Masking Example Using Shuffle for more information.
6. Perform one of the following actions to change the masking format:
   • From the Masking Format drop-down list, select a different predefined masking format. The Edit Masking Format page is displayed with the new masking format configuration. Edit the values as needed, and then click Continue.
   • Click the pencil button next to the masking format to open the Edit Masking Format page. Select a different masking format, configure the parameters, and then click Continue.
7. (Optional) Repeat step 6 to change the masking formats of other columns.
8. Verify that the highlighted rows are the ones that contain the masking format updates that you want. Note that your updates are not yet saved. If you navigate away from this page without saving, your changes will be lost.
9. To save all masking format updates at one time, click Save Masking Formats.

1. Under Security Center, click Data Masking.
2. Under Related Resources, click Masking Policies.
3. Click the name of your masking policy to view its details.
4. Scroll down to the Masking Columns section and click Add Columns.
   The Add Columns window is displayed.
5. (Optional) If the schemas on the target database have been updated since the stated time and date, click Refresh Database Schemas.
6. Select the sensitive type that best describes the columns that you want to add to your masking policy.
7. Find columns by entering or selecting one or more of the following items, and then click Search.
   • Schema name
   • Table name
   • Column name
   A list of columns that match your selection criteria are displayed.
8. (Optional) Change the sensitive type of a column by selecting a new sensitive type from the Sensitive Type column.
9. Select the columns that you want to add to your masking policy, and then click Add Columns. To select all the columns, select the check box next to the Schema column heading.
   The columns are added to the masking policy.

You can view the list of columns that were removed from a masking policy in the past and add them back to the masking policy if needed.

1. Under Security Center, click Data Masking.
2. Under Related Resources, click Masking Policies.
   A list of masking policies to which you have access is displayed.
3. Click the name of the masking policy for which you want to view or add previously removed columns.
4. Scroll down to the Masking Columns list and click View/Add Previously Removed Columns.
   The Add Previously Removed Columns panel shows the schema, table, column, and data type for each previously removed column.
5. To add all previously removed columns back to the masking policy, select All columns.
6. To add specific columns back to the masking policy, select Select specific columns, and then select individual columns from the list.
7. Click Add Columns to Masking Policy.

1. Under Security Center, click Data Masking.
2. Under Related Resources, click Masking Policies.
3. Click the name of your masking policy to view its details.
4. Scroll down to the Masking Columns section where all the columns are listed with their associated masking formats.
5. To remove a singular column, click the ⋮ symbol to the right of Masking Column to be removed in the Masking Columns list.
   1. Click the Remove option.
   2. Click Remove Column in the dialog box to confirm the removal of the column.
6. To remove multiple columns, click Remove Columns above the Masking Columns list. The Remove Columns window is displayed.
   1. (Optional) Select a sensitive type that best describes the columns that you want to remove.
   2. Enter or select one or more of the following items, and then click Search.
      • Schema name
      • Table name
      • Column name

      A list of sensitive columns that match your selection criteria are displayed.

   3. Select the columns that you want to remove from your masking policy, and then click Remove Columns.
      To select all the columns, select the check box next to the Schema column heading. The columns are removed from the masking policy and the masking policy is automatically saved.

1. Under Security Center, click Data Masking.
2. Under Related Resources, click Masking Policies
3. Click the name of your masking policy to view its details
4. From the More Actions menu select either Add Tags, Update Pre/Post Masking Scripts, or Update Masking Options.
5. (Optional) If you would like to add or update tags for your masking policy, configure them in the pop-up after selecting Add Tags. Select the Tag Namespace, Tag Key, and Tag Value from the drop-down lists.
6. (Optional) To upload pre-masking and post-masking scripts, do the following after selecting Update Pre/Post Masking Scripts:
   1. In the Upload Pre-Masking Script area, drop your SQL file. Or, click the select one link, browse to and select your SQL file, and click Open.
   2. In the Upload Post-Masking Script area, drop your SQL file. Or, click the select one link, browse to and select your SQL file, and click Open.
7. (Optional) To customize the execution of the Masking Policy, do the following after selecting Update Masking Options:
   1. Disable or enable redo log generation during masking. This is disabled by default. Redo log generation allows you to use a flashback database to retrieve the original unmasked data after it has been masked.
   2. Specify the value for parallel execution:
      • NONE - No parallelism is used when data masking process is running.
      • DEFAULT - The default value is the optimum number of CPUs to be used in parallel. This is calculated by the Oracle Database.
      • DEGREE OF PARALLELISM - Allows you to input an integer to set the number of CPUs to be used in parallel. Refer to the Oracle Database parallel execution framework when choosing an integer value.

      Note:

      The degree of parallelism is limited by the number of CPUs you have available. If the integer entered in DEGREE OF PARALLELISM exceeds the number of available CPUs, it will default to the maximum CPUs available when processing.
   3. Specify how you would like invalid objects to recompile after data masking:
      • NONE - Invalid objects do not recompile.
      • SERIAL- Invalid objects recompile serially, only when the previous objects has finished compiling.
      • PARALLEL - Invalid objects recompile using the same value for parallelism as specified above.

        Note:

        If a value for parallelism was not specified, the value used will be the optimized value calculated by the Oracle Database.
   4. Enable or disable dropping temporary tables created during data masking after masking is completed. This is enabled by default. Data Masking creates temporary tables that map the original sensitive data values to the mask values. Preserve these table to track how masking changed your data.

      Note:

      Disabling dropping the temporary tables compromises security. These tables must be dropped before the database is available for unprivileged users.
   5. Enable or disable refreshing the statistics gathered on masked database tables after masking. This is enabled by default.

When a sensitive data model is modified, a comparison to an associated masking policy can be initiated. The comparison identifies any differences between the sensitive data model and masking policy and allows you to select changes that will sync with the masking policy.

To run a comparison between a masking policy and it's associated sensitive data model:

1. Under Security Center, click Data Masking.
2. Under Related Resources, click Masking Policies.
3. Select a masking policy from the list.
4. Under Resources, click Compare with Sensitive Data Model.

   This is only available if the masking policy is associated with a sensitive data model.

5. Click the Compare with Sensitive Data Model button.
6. Click Submit.
7. Once the comparison is complete, review any changes and select any changes that you like to sync under Planned Actions.
8. If you did not select all the changes in the previous step, click the Save Changes for Planned Actions button.
   1. Click Save.
9. Click the Synchronize Masking Policy button.
10. Click the Synchronize Masking Policy button in the confirmation dialog.

Once complete the masking policy will be updated with all changes that were selected.