Why risk using live data in testing and development when data masking is simple?

Testing troubles - the dangers of testing with real data

data masking logo

Using masked and anonymized data in non-production is quickly becoming the industry standard. Not only are organizations being pressured to comply with industry regulations like HIPAA, the PCI DSS and the GLBA, but using copies of live production databases has, in recent times, resulted in industry embarrassment. Many organizations are losing credibility from customers and peers as a result of unfortunate (and preventable) data leaks.

With this recent raft of legislation and various reports of data theft, it has become essential for organizations to look again at their use of personal data for testing and development. Indeed, most organizations spend a high degree of effort securing their production databases from hacking or data theft, as the data stored in these databases is usually incredibly valuable.

Yes, Grid-Tools agree production databases are subject to a high degree of security and auditing. Passwords need to be protected to the highest levels and data must be encrypted to ensure maximum security. However, the real question is, what is happening with live data in testing in development? Who is looking at what data and how/where is it being shared?

Given the overall importance organizations place on the security of production data, it is certainly puzzling that many companies allow copies of personal, completely identifiable production data to be copied into areas where little security exists. In addition, the use of outsourcing and offshore development means our sensitive and personal data is being shipped offsite with little or no restrictions.

"Unless you have formal consent from the people whose data you are using, then simply sampling the production system for test data is illegal: you are using the data for purposes for which it was not provided"

Bloor research

Why risk using live data in testing and development when data masking is simple?

Simple Data Masking™ is a universal, flexible data masking solution offering simple, repeatable methods for securing sensitive data. You store your masking rules within the tool, you use one tool for all of your database types and you can quickly add in your own custom masking rules. You’ll experience immediate results and be using unrecognizable data within minutes!

So, why risk using live data? It seems the case for Simple Data Masking™ is copper-bottomed.