Test Data Privacy
Compuware’s Test Data Privacy solution leverages Topaz® for Enterprise Data for a consistent, familiar and secure method to easily understand, mask and manage both test and production data across all environments.
Two core areas that increasingly require mainframe teams to implement a test data privacy solution for more secure test data are 1) data breach prevention and 2) compliance with data privacy laws.
During the application testing process, your customer information may be exposed to development teams, IT vendors and even third-party developers. Any accidental or malicious misuse of test data would be costly and reputation damaging. To counteract this, Test Data Privacy supports static data masking (SDM), enabling the masking or desensitization of personally identifiable information (PII) in data to mitigate the risk of breaches and misuse of production data in test, analytics or training environments.
Using live data for testing creates risk because data used in test environments tends to be less secure. Data privacy regulations require that all data, whether used in production or test be secure. By using Test Data Privacy to apply consistent data disguise techniques across all environments, companies can address requirements to protect PII throughout the application testing process and comply with tightening data privacy laws and company policies.
To help mainframe teams improve these areas, Test Data Privacy provides a wide range of unique capabilities for ensuring test data is secure while remaining realistic.
Test Data Privacy reduces the complexity and tedium involved in masking test data by eliminating the coding of masking rules for every column/field. It groups columns/fields of the same category into one entity that is masked by a single rule.
The name of the Data Element is abstract and has nothing to do with the physical column names (in this example, “Telefon” will work for all columns whose names contain “PHONE”).
Test Data Privacy also provides developers with data masking techniques. Format-preserving encryption keeps the original format of input data, thus making it more usable and realistic for data testing purposes. The translation technique uses existing values stored within files as replacements for sensitive test data values and fits well for fields that require resulting values to be fictionalized, yet still readable to a user and valid for an application test.
Many data manipulation functions are built into Test Data Privacy to handle commonly requested actions like aging dates, standardizing upper/lowercase and calculating check-digit values. In addition, user-defined custom functions can be added to handle unique disguise requirements.
You can include business rules and logic within the disguise rule using a Java-like syntax. This includes the ability to interrogate incoming source values and apply the appropriate disguise actions to each value.
The combination of robust disguise techniques, built-in and custom functions as well as rule logic will allow you to satisfy whatever disguise requirements your business mandates.
Test Data Privacy’s test data masking technology performs data normalization into and out of the masking process, which ensures consistent masking across both mainframe and distributed files and databases, irrespective of the operational platforms or encodings.
Test Data Privacy uses unique technology to associate masking with sensitive test data elements such as card numbers, account numbers and names independent of objects (file/table) or platforms. A privacy rule is defined once for each data element. At disguise execution time, the appropriate disguise rules are dynamically applied to the file or database being disguised. The very same disguise rule is applied to each instance of the data element. That test data could be in a VSAM file, a Db2 table, an IMS segment or a distributed DBMS (Oracle, SQL/Server, Db2 LUW, Sybase).
One of the unique features of Test Data Privacy is its ability to enable you to locate and disguise pieces of data within a larger field. This functionality is often used to disguise names and addresses, since there are many different formats in which that data is stored. Sometimes each part of the name is stored in a separate field, and sometimes the name is stored as a full name.
Composite processing allows you to locate the parts within the full name field so both formats can be disguised in the same way.
Topaz for Enterprise Data’s data selection and sub-setting capabilities allow focused and relevant test data to be extracted while maintaining integrity, ensuring high-quality test data. Test Data Privacy includes capabilities for desensitizing copies of primary data containing PII, which can then be used for testing, QA or transmission to other business partners.