In order to maintain high quality of code, a company needs to use production quality source data for development, unit test and QA functional test purposes. There could be situations when the company uses unscrambled production source data, which potentially exposes customer sensitive data. Customer sensitive data must be protected. Given that there is a correlation between the quality of test data and the quality of code delivered to production, all efforts should be made to minimize the disruption/distortion of test data, while satisfying the privacy concerns.
Try to desensitize data that is brought down to Development from Production while maintaining its quality such as referential integrity between files/tables/entities that needs to be maintained. Some projects, such as fraud detection, need to maintain meaningful data in fields such as ‘name/address/postal code’ so that patterns and groupings can be detected. All fields are within some field specific domain. The field domain or context cannot be specified ahead of time and may vary with projects. Some projects may need to maintain certain relationships of the field.
Security Guidelines
- Data that would or deemed to have very serious or significant impact, if exposed, on confidentiality of a customer or an entity should be decoupled. The decoupling of data should be accomplished in such a way, so that after treatment it will not be possible to trace back the sensitive customer data to their real owners.
- Data that would or deemed to have very serious or significant impact after decoupling process, if exposed, on confidentiality of a customer or an entity should be masked.
Separation of Duties
- A developer shall determine and request the data that needs to be downloaded to development, however the request has to be reviewed and approved by a person responsible for the data.
- The personnel executing the extraction and transformation of the data should not be the requester (or developer) and should have the approval for the execution from a person responsible for the data.
- The above mentioned approvals will be obtained on a per project basis and not per request.
Maintaining and Protecting Referential Integrity
- Referential Integrity shall be maintained to the records downloaded to development; however the key that maintains referential integrity may help in identifying a customer in production and should be protected. This option is possible only if the source system start protecting it.
- Developers who have access to downloaded files should not have access to production, since the key that maintain the referential integrity may help identify a customer and associated details in production. In some cases, this option is not practically possible since developers may need to have read access to production for triage purpose.
Audit trail
- Appropriate mechanism should be in place to properly demonstrate trail of activities (including approval) that led to the execution of a particular extraction.