Overview
A long-standing DX1 customer identified risk around the use of its Personally Identifiable Information (PII) data. DX1's data engineering practice was engaged to undertake an initial review, with the view to implement a Test Data Masking (TDM) solution.
Challenges
The customer had a manual way of provisioning the non-test databases which resulted in sensitive production data in all non-production environments including Dev. This approach was followed across 6 key applications hosted either on-premises or in the cloud. This risk became an issue when some communications were triggered to actual customers from non-production environments as part of testing. The customer tried manual scripting as a stop-gap solution, however this proved neither accurate nor scalable.
Solutions
DX1 undertook a detailed assessment of the issue and suggested an automated data compliance approach. A detailed cost vs benefit analysis of leading toolsets in the market was conducted and Delphix was selected. Delphix is a leading data masking and virtualisation appliance which works well within DevOps architecture and is scalable for growing data needs.
DX1 undertook a detailed discovery and engaged different stakeholders to develop a data refresh and masking process. A masking architecture was developed complying with customer network topology, infrastructure and security requirements while maintaining referential integrity across multiple interconnected systems. The customer now has the capability to sanitise data in non-production environments from a simple GUI. As this engagement progresses and the customer sees value in compliance uplift, data virtualisation is being considered as part of the next phase of implementation.