3 months to go: 6 tips to make test data GDPR compliant

Yesterday marked the 3 months to go mark until GDPR comes into effect. Jes Breslaw, director of strategy, EMEA at Delphix, discusses what needs to be considered when preparing for compliance.

While data owners scramble (pun intended) to protect their production data, what about multiple copies that sit in test and reporting systems? This can account for as much as 80% of the total data in an organisation. Data privacy is soon to become a basic human right with just 3 months until GDPR, what should you be considering when protecting this large volume of data?

1. Minimise your data – Do you really need to copy all tables and fields into your test or reporting system? It may be less administration to copy the lot, but consider minimising the data you send.
2. Govern data access – Dynamic Data Platforms enable businesses to centrally control all data that sits in test and reporting environments and mask it at the same time. Data operators can manage who has access to what data, for how long, and when, and quickly erase datasets when no longer required. Data consumers can access and use data independently, while administrators retain full control over masking, privileges and physical resources.
3. Mask once, deliver many – The trouble with traditional masking solutions is they have to be scripted for each new project, taking a lot of resource and time. Ensure data masking is designed into your data platforms so that no matter the source or the application, you can build the masking policy once, and delivery the secure data wherever you need to.
4. Use technology shortcuts – With GDPR impending, businesses need to protect sensitive data as quickly as possible. Modern data masking solutions have database profiling tools that scan tables and fields to detect confidential information such as email addresses, credit card numbers, or patient records. Some even recommend masking algorithms which dramatically cut down the time it takes to build and enforce data masking.
5. Mask everywhere – Whether now or in the future you will at some point need to send data into the cloud, but masking data before it gets to the cloud slows down projects and increases costs. This goes against the very benefits the cloud should bring. Ensure that your data platform can replicate continuous updates and mask data to realise the agility and savings from the cloud.
6. Everyone should win – Data Protection doesn’t have to be a battle between risk and time-to-market. Use GDPR as an opportunity to design new processes and bring in new platforms to help manage, secure and deliver data that adds agility to your business.