A recent survey by *Ponemon Institute, claimed that 76% of IT pros said their organization had experienced loss or theft of company data over the past two years. In addition, 88% of end users said their jobs require them access sensitive information. In spite of these staggering findings, they also stated that only 29% of IT professionals said their organizations enforce a privileged user access model to ensure that insiders only have access to company data on a need-to-know basis.
Let’s face it, sensitive information is part of every organization’s business practice. When sensitive data is copied from testing and training environments, more users gain access to systems containing potentially sensitive or confidential data. Therefore increasing the organization’s risk for data theft, loss or exposure. this is a huge threat for any organization.
Essentially, how can organizations balance the need to provide testing and training teams with real data in virtual test environments against preventing data breaches?
Introducing Dynamic Data Masking for testing and training environments.
Dynamic Data Masking enables organizations to mask or randomize any sensitive and personally identifiable information (PII) accessed from application screens, reports, development and DBA tools, by dynamically masking information in real time, based on easy-to-use masking policies. More importantly, no changes are required at the database or the application layer. The information is masked at the presentation layer, and the original data remains the same.
In the past, many organizations avoided using Dynamic Data Masking technologies due to fact that is did not support stored procedures when sensitive data was accessed. Today’s Dynamic Data Masking already supports stored procedures, meaning any application that uses stored procedures in the database, is covered, and the sensitive information will not be exposed. Advanced Dynamic Data Masking provides raw level and conditional masking, accessed locally or through stored procedures. As a result you are in control at the column level as well as the raw level of information.
Dynamic Data Masking provides organizations the ability to replicate the production databases in real time and then transfer it to the testing and training systems. By using Dynamic Data Masking, you make sure that no sensitive PII information will ever be exposed to testing and training systems.
For testing and training environments this solution helps companies save a lot of money, and even more importantly, a lot of time. Lastly, they now know that no matter what their sensitive information is secure.
To learn more about HexaTier Dynamic Data Masking feature, click here.
*Ponemon Institute report “Closing Security Gaps to Protect Corporate Data: A Study of US and European Organizations, August 2016.