February 11, 2025 – Prime Factors, a leader in application-level data protection, has been recognized as a Representative Vendor in the 2024 Gartner  Market Guide for Data Masking and Synthetic Data. 

According to Gartner, “Interest in static data masking (SDM) and dynamic data masking (DDM) remains robust across various geographies and industries and is expected to continue growing through 2030, driven by expanding privacy laws, advanced analytics, artificial intelligence/machine learning (AI/ML) projects and zero-trust requirements.” Gartner also states that “DSPs (data security platforms) with DDM have strong momentum for data authorization in environments where clients need to simplify or speed up data authorization, — for example in environments that have more than 100 to150 role-based access control (RBAC) roles.” but warns that “Ignoring [data masking] could lead to severe repercussions from regulators, customers and stakeholders, further damaging an organization’s reputation in the event of a data breach.” 

"We continue to see data masking as an essential component of data privacy and compliance with industry standards like PCI-DSS and the EU GDPR," said Justin Teitt, COO and CMO of Prime Factors. "As privacy laws evolve and data security requirements become more demanding, there is a greater urgency to protect sensitive information, especially at the points when data is created or consumed within applications. We're committed to providing a solution that not only incorporates robust data masking but also leverages a broad range of data security techniques in a way that reduces complexity for our customers and strengthens their overall security posture." 

Gartner shares that “While many DDM vendors have successfully reinvented themselves as data authorization tools and DSPs, many SDM vendors and products frequently continue to fall short in addressing customer requirements for privacy-enhancing computation capabilities.” However, Gartner recommends the need to “reduce complexity by adopting DDM capabilities included in DSPs or data integration products. This will minimize complexity by reducing the number of database roles and access rules.” 

“We designed EncryptRIGHT as an application-level data security platform with robust data masking capabilities that ensure only authorized users have access to the right data at the right time for a given authorized business need,” Teitt said. "Using a variety of techniques, like tokenization, encryption, redaction, and hashing, EncryptRIGHT can statically or dynamically secure sensitive data and provide partially masked, full access, or no access to specific data according to predefined access permissions. Masks are easily customizable and can be automatically applied for different user groups or individual users based upon centralized data protection policies, allowing organizations to meet their data privacy requirements with ease and flexibility." 

Gartner also discusses tokenization and format-preserving encryption (FPE) as it pertains to data masking, stating that “DM is a crucial component of data security hygiene, integrated into many data security products and platforms. It is essential for creating secure development and test data (SDM) and serves as a late-binding access control to conceal data based on request context, including DDM, field-level authorization, FPE and tokenization.” Gartner adds that “Vendors frequently position FPE as a complete alternative to DM products. However, compared with leading DM products, the options for adjusting the output of FPE products are limited.” 

 “Organizations need a flexible approach to their data security architectures that minimize complexity and can easily adapt over time,” Teitt said. “EncryptRIGHT was designed with crypto-agility at its core, providing a data protection functionality to flexibly address a wide range of data protection use cases, and evolve over time without requiring complex application re-architect.” 

Gartner clients can access the full report here. 

*Gartner, Market Guide for Data Masking and Synthetic Data, 2024, Joerg Fritsch, Andrew Bales, August 26, 2024. 

Gartner Disclaimer 

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.  

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.