1 / 59

Test Data Privacy Best Practices Methodology

Test Data Privacy Best Practices Methodology . Bill Mackey Subject Matter Expert. Introduction Why Do Companies Care About Data Privacy? . Worldwide Data Privacy Drivers. Regulatory Compliance… United States Gramm-Leach-Bliley Act, Sarbanes-Oxley Act

aletha
Télécharger la présentation

Test Data Privacy Best Practices Methodology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Test Data Privacy Best Practices Methodology Bill Mackey Subject Matter Expert

  2. IntroductionWhy Do Companies Care About Data Privacy?

  3. Worldwide Data Privacy Drivers • Regulatory Compliance… • United States Gramm-Leach-Bliley Act, Sarbanes-Oxley Act • European Union Personal Data Protection Directive, 1998 • Health Insurance Portability and Accountability Act (HIPAA) • Australia Privacy Amendment Act of 2000 • Japanese Personal Information Protection Law • Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) • Internal auditors are forcing data protection controls and procedures, especially for offshore use/outsourcing arrangements • Risk of exposure can cause significant damage • Corporate embarrassment, lawsuits, negative press, fines/penalties, loss of customers, etc.

  4. Data Breaches Reported Since the ChoicePoint Incident 2846 Incidents Reported Between 2-15-05 – 1-19-12 543,066,426 Consumers Impacted • The catalyst for reporting data breaches to the affected individuals has been the California law that requires notice of security breaches, the first of its kind in the nation, implemented July 2003. • Personal information compromised includes data elements useful to identity thieves, such as Social Security numbers, account numbers, and driver's license numbers. A Chronology of Data Breaches Reported Since the ChoicePoint Incident Privacy Rights Clearinghouse, January 19, 2012

  5. How are Companies Addressing this Issue? • Signing non-disclosure agreements • Restricting security access to sensitive/confidential data • Applying minimal “de-identifying” rules • Implementing a complete data disguise solution with processes and procedures Low Effectiveness High Effectiveness

  6. Best Practices ApproachtoData Privacy

  7. Technology alone is not the answer Comprehensive Solution • Methodology • Data Analysis • Analyze metadata • Discover PII • Classify data • Design • Associate disguise rules • Define extract criteria • Identify target environment(s) • Identify load method(s) • Define population strategy • Develop • Extract data and relationships • Apply rules across data sources • Load data • Deliver • Produce reports • Audit results • Enable best practices • Technology • Related Data Extraction • Data Sub-setting • Data Format Conversion • Disguise Rules Definition • Common Rules Across the Enterprise • Unified Rules Repository • Support for Mainframe and Distributed Environments • Roles Based Authorization • Audit and Reporting • Services • Repeatable Best Practices • Assessment • Implementation • Superior Expertise with • 3rd Party Software • Financial • Healthcare • Government • Meet dates within high risk projects

  8. Analyze – Understand each application’s sensitive information Design – Define strategies for disguising test data Develop – Build the processes to disguise test data Deliver – Deploy and maintain data protection processes Process: Data Privacy Methodology

  9. Data Privacy Best Practices

  10. Data Privacy Project Plan

  11. Data Privacy Best Practices Process Overview

  12. Deployment Approaches • Two project approaches: • Progressive: Organizations that have large numbers of applications and multiple lines of business benefit more from a progressive approach. The progressive approach builds upon the success of early efforts, building up a library of disguise routines and process definitions that align with existing projects within the organization. • Parallel: Organizations that have small to medium numbers of applications benefit more from the parallel approach. The parallel approach covers a wider range of applications at the same time, which is possible when the applications are less intertwined or more independent. Both approaches use a risk based methodology.

  13. Operational Structure Centralized- A single team responsible for performing the data masking function for all lines of business or application areas. This organization is also often referred to as a center of excellence model. Benefits Fewer resources need to be trained on the data disguise software and activities; Increased control over consistency of the disguise techniques and behavior; and Increased productivity of these resources as they work across applications. Drawbacks Increased effort during the Analyze phase as these resources gain the necessary application centric knowledge; Increased duration as there are typically less of these resources, so more effort with less people results in long duration. Decentralized- Each application group is responsible for the data masking functions. Benefits Existing application domain knowledge can be leveraged; The duration of Analyze phase may be shortened as activities can be performed in parallel; and This model streamlines the communication model between the groups. Drawbacks Increased effort related to training; and Increased demand on communications in order to maintain consistency.

  14. Process: How we get there • Establish an actionable roadmap • Determine the scope • Establish a strategy • Identify constraints (internal and external) • Select the technology • Recognized and adaptable • Support multiple environments, platforms, & techniques • Partner to gain the experience • Minimize first time hurdles, pit-falls, & dead-ends • Maximize analysis and design efficiency

  15. Project Overview – Planning

  16. Project Phases

  17. Data PrivacyAnalysisPhase

  18. Analysis Analysis phase can be broken down into two major activities: • Identification and documentation of the data model (DM), • identification and documentation of the functional model (FM) components of the application. These two activities provide the cornerstone for a Data Privacy initiative, and as such, are arguably the most critical of the entire project scope. 

  19. Managing Analysis Tasks

  20. Data Model Analysis The goal of the Data Model Analysis activities is to provide knowledge about the environment’s data. • determine the elements that are considered sensitive • define their association to other data objects.

  21. Data Privacy_1.1.1.4_Data_Model_Analysis

  22. Function Model Analysis identifies and documents information about the application processes. • determine what business rules and logic apply to the data considered sensitive or private. • Outline how the affected data should be changed. • Identify all data validations and checks done against sensitive fields within the application programs.

  23. CUSTOMER _ TBL PK CUSTOMER _ NUMBER COMPANY _ NAME ADDRESS CITY STATE ZIP _ CODE COUNTRY AREA _ CODE TELEPHONE _ NUM CONTACT _ NAME CONTACT _ TITLE CONTACT _ ADDR CONTACT _ CITY CONTACT _ STATE CONTACT _ ZIP CONTACT _ COUNTRY CONTACT _ AREA _ CD CONTACT _ TELEPHONE ORDER _ TBL CONTACT _ TBL PK ORDER _ NUMBER PK , FK 1 CUSTOMER _ NUMBER PART _ TBL PK CONTACT _ ID PK PART _ NUMBER FK 1 CUST _ NUM SOC _ SEC _ NUM CONTACT _ NAME PART _ NAME CREDIT _ CARD _ NUM TITLE EFFECT _ DATE MOTHERS _ MAID _ NAME CONTACT _ CODE EQUIVALENT _ PART ORD _ TYPE ADDRESS PURCH _ PRICE ORD _ DATE CITY SETUP _ COST ORD _ STAT STATE LABOR _ COST ORD _ AMOUNT ZIP _ CODE UNIT _ OF _ MEASURE ORD _ DEPOSIT COUNTRY MATERIAL _ COST ORD _ LINE _ COUNT AREA _ CODE REWORK _ COST SHIP _ CODE TELEPHONE _ NUM AVAILABILITY _ IND SHIP _ DATE ENGR _ DRAW _ NUM ORD _ DESCRIPTION SUPPLIER _ TBL ORDER _ LINE _ TBL PK , FK 1 PART _ NUMBER PK , FK 1 ORDER _ NUM PK SUPPLIER _ CODE PK ORDER _ LINE _ NUMBER SUPPLIER _ NAME FK 2 PART _ NUM SUPPLIER _ MODEL _ NUM PLAN _ QTY WHOLESALE _ PRICE UNITS _ COMPLETE DISCOUNT _ QUANTITY UNITS _ STARTED PREFERRED _ SUPPLIER SCRAP _ QTY LEAD _ TIME START _ DATE LEAD _ TIME _ UNITS LINE _ STATUS CUSTOMER _ HIST _ TBL CUSTOMER _ ROWID CUSTOMER _ NUMBER COMPANY _ NAME TELEPHONE _ NUM CONTACT _ NAME CONTACT _ TITLE Analysis Tasks Data Modeling Tools Data Management Tools File-AID/DB2 / DBA-Xpert Impact Analysis File-AID/Data Solutions Analysis

  24. Utilize Technology For Analysis

  25. Understand the Sensitive Elements

  26. Document Analysis Results

  27. Data Privacy_1.1.1.5_Data_Model_Analysis

  28. Design Overview Design is the second phase of the Compuware Data Privacy Best Practices methodology and it is broken down into three major activities: • Documentation of the Data Extracts to be created • Identification and documentation of the data disguise rules to be created/implemented • Documentation of the Data Loads to be created These activities provide the background for the creation of the actual rules and specifications to create a Disguised copy of the data 

  29. Design Define application disguise strategy and process • Field-level disguise rules (encrypt, translate, age, generate) • Source extract criteria for data (filters, naming conventions, etc.) • Security rules for supporting files • Structure, value domain (content), population strategy for translate table(s) • Target environment(s) and load method(s) to be used

  30. Managing Design Tasks

  31. Data Extract Design  Identifies the required information to extract the data from the original source tables/files/environments. • Includes the following: • environmental data (region, subsystem, server, etc), • driving object identification (which table/file do we drive the extract from), • selection criteria information, • extract specific information needed to pull the needed information from the source tables/files. • Finally, the overall extract execution strategy will be documented (when to execute, frequency of execution, etc)

  32. Data Disguise Design  • Takes the fields to be disguised and begin to scope out what exactly will be done to these fields to create a disguised test environment. • Identifies the specific disguise technique • selection criteria to be applied • field masking to be applied • If any translations will be done, the Translation Table information is also documented (creation data, fields to be created, etc).

  33. Replace sensitive values with formulated data based on a user-defined key Replace sensitive values with meaningful, readable data using a translation table Replace sensitive dates consistently while maintaining the integrity of a date field Conceal partial fields Generate fictitious data from scratch or from some other source Data Disguise Techniques Encrypt Translate Age Mask Generate

  34. Data Privacy_1.2.2.1_Disguise Rule Design

  35. Data Privacy_1.2.2.3_Disguise Rule Design

  36. Data Privacy_1.2.3.3_Data Load Design

  37. Data Privacy_1.2.3.4_Data Load Design

  38. Data Privacy Develop Phase

  39. Develop Phase

  40. Develop Data Privacy Manager Production Test z/OS z/OS Load Maintain Integrity Subset Extract Distributed Distributed • Build • Test • Validate

  41. Develop - z/OS Relationships Production AR/RI z/OS

  42. Develop - z/OS Extract Production Subset Extract z/OS

  43. Develop - Distributed Related Extract Production Subset Extract Distributed

  44. Develop - Disguise Test Data PrivacyManager • Build • Test • Validate

  45. z/OS Disguised Extract Develop - z/OS Load Test Load Maintain Integrity

  46. Extract File Develop - Distributed Load Test Load MaintainIntegrity Distributed

  47. Validate Results

  48. Execution Reports

  49. Audit Reports

  50. Data Privacy Deliver Phase

More Related