Jagadeesh G

How to secure personally identifiable information (PII) of customers

Secure Personally Identifiable Information

Information security has been a constant challenge for enterprises. Especially in a software test environment, enterprises face the threat of exposing the personally identifiable information (PII) of customers and commercially sensitive data (financial, operational, and strategic) to the test teams (external vendors).

Test data management (TDM) is one of the effective ways to tauten data security. It helps businesses to improve the security of sensitive information and prevent their exposure to the test environment. Some of the many features offered by TDM tools are:

  • Data profiling
  • Data sub-setting
  • Data masking
  • Synthetic test data creation
  • Test data repository

These functionalities not only improve information security but also provide features such as on-demand test data and reusability of test data. A typical TDM implementation will include source data, TDM tool, and test environment. The standard source data is connected to a TDM tool to provide maximum security and filter out sensitive data before it is exposed to the test environment.

Challenges of Test data management (TDM) Tools

Although TDM is an effective method to manage data security, there are still certain issues that need to be addressed to enhance data security and process agility. Some of them are:

  • Integration with source system: A lot of source systems do not use any industry standard databases (DBs) like Oracle, SQL etc. Accessing such No-SQL DBs and understanding the table structure, relationship etc. is a challenge for the TDM tool. (For e.g. Salesforce has NoSQL DB and TDM tools face integration challenges with Salesforce).

  • Sensitive data exposure: TDMs provide data security to a certain level. However, sensitive data (Customer PII information, financial information, strategic moves etc.) is still exposed to the TDM users/teams.

  • Delays in test data creation: TDM can create synthetic data rather quickly. However, extracting huge data from production and processing it is often time consuming.

Adding a data security layer to enhance security and efficiency in TDM

In order to overcome the challenges discussed above, it is recommended to add a data security layer on top of the TDM tool. This data security layer should be custom built with data security & integration agent and automated data loader to enhance the security and performance.

Data security and integration agent

One of the effective ways to enhance the security and ease the integration challenges is to introduce an agent between the source and TDM tools. This agent provides quicker integration APIs to integrate a TDM system with any of the source systems, irrespective of the database management systems.

Data security and integration agent analyzes the source database schema, tables, and relationships and create tables, triggers, and sequences in accordance with the TDM tool’s DB structure.

These agents not only solve integration issues but also provide an additional layer of security through automated data-masking scripts that minimize data exposure.

Data security and integration agent should be capable of extracting only relevant and minimum possible data (tables and relationship) from the source thus enabling faster processing. Agents also provide configurations for sensitive data/personally identifiable information (PII), data access and masking policies.

Automated data loader

Automated scripts play a crucial role in enhancing data security and expediting the extraction process. Automated scripts securely extract the data such as a table, relationship, and schema information from the source system without manual intervention and load these data from source to TDM and further from TDM to test environment in a secured (password-protected) and effective way. This helps avoid exposing sensitive personally identifiable information (PII) to test teams.

Secure Personally Identifiable Information 

Benefits of data security layer on TDM:

  • PII compliance, as no production data is exposed to testing or TDM environment
  • Increase in productivity through agent-based slicing
  • Faster data extraction through automated data loading scripts
  • Faster data masking through an agent and automated scripts
  • Customized test data management can help enterprises secure their data in a test environment and generate test data covering all the scenarios in less time
  • Test data repository enables enterprises to access test data on demand

By Jagadeesh G, Technical Lead, Prodapt

Jagadeesh has 12+ years of automation testing and test lifecycle management experience in integrating complex technologies such as Salesforce Cloud, Netezza DWH and Hadoop big data for test data management. 

Cloud Syndicate

The 'Cloud Syndicate' is a mix of short term guest contributors, curated resources and syndication partners covering a variety of interesting technology related topics.

Contact us for syndication details on how to connect your technology article or news feed to our syndication network.

Security Audits, Cyberattacks and other Potential Front Line Issues

Security Audits, Cyberattacks and other Potential Front Line Issues

Defending the Organization When people talk about security audits in an organization, thoughts immediately go to malware, cyberattacks and other front line issues. These appear as the most obvious types of threats and are consequently given the greatest attention. As ...
15 Promising Cloud-Based Video Conferencing Services

15 Promising Cloud-Based Video Conferencing Services

Cloud Video Conferencing Services We have put together a compilation of some of the best cloud based conferencing services for businesses. The cloud video conferencing services market is expected to reach US$ 6.40 Billion by 2020 from the current $3.31 ...

SPONSORS

The Shift from Monolithic to Microservices: What It Means for CTOs

The Shift from Monolithic to Microservices: What It Means for CTOs

The Shift to Microservices The shift in application development strategies is moving from monolithic design to isolated and resilient components ...
HPE

How Printers Help Hackers Hide In Plain Sight

Printers and Hackers Spies and thieves often do their best work by hiding in plain sight. No one suspects the ...

Cloud Community Supporters

(ISC)²
AWS
HPE
CA Technologies
Cisco

Cloud community support comes from sponsorship, service opportunities and collaborative network partnership initiatives.

Apcela

Can your network meet the challenges of Office 365?

Network Challenges of Office 365 Microsoft's focus on growing commercial adoption of Office 365 in 2018 has resulted in the number of licensed seats growing an average of 29% on a yearly basis for each quarter of fiscal 2018. With an estimated 135 million commercial
Remote Patient Monitoring – One of the Most Important Applications of IoT in Healthcare

Remote Patient Monitoring – One of the Most Important Applications of IoT in Healthcare

Remote Patient Monitoring The application of IoT in Healthcare services is bringing the paradigm shift in terms of how this industry operates, the accuracy of diagnosis and quality of treatment. It is changing the model from ‘hospital-centric’ to ‘home-centric’, making medical attention more affordable to

"Top 100 Brand Influencer, Cloud”
-ONALYTICA

"Best Cloud Computing Blog"
-SYSADMIN MAGAZINE

"Top 10 Sites For Cloud Computing"
-DIGITALISTMAG SAP

"Top 10 Cloud Computing Blogs”
-MARKETING ENVY

"Top 25 Must Read Cloud Blogs"
-CLOUDENDURE