When testing with production data, there are always security and privacy concerns to be taken into consideration. Whether you test with a team of internal testers or hire an external party, there’s no need to risk putting data that can identify and negatively impact your business into the wrong hands, or to store it in a location easily accessible by others. Proper data due diligence mitigates risks, protects corporate data, and is necessary to comply with rapidly expanding data privacy laws. In short: data masking is and will become an even greater requirement for corporations.

Generally speaking, there are two ways to effectively comply with data privacy requirements. Data masking, where you take production data and change it so it can no be used to identify persons, or data generation, where you generate complete sets of data from scratch to emulate the production environment data. DATPROF Privacy can do both.

The working principle of Privacy

DATPROF Privacy does not handle privacy sensitive data. Instead, it works exclusively through the usage of database metadata. What this means in layman’s terms is that a connection to the source database gets established, and the data that describes the layout of the source database gets used, instead of looking at the actual sensitive data.

Every deployment package generated in Privacy is a set of instructions for the database to run against itself, which ensures that data never leaves the local environment.

Imagine the source database contains a table called Customers, and this table contains 15 columns.

Privacy can import the names of the tables, and the names of the various columns. It can know that a column named “FIRST_NAME” exists, and that its datatype is VARCHAR, along with other details.

Privacy does not know any of the values of “FIRST_NAME” that exist in the source database. This is an important data privacy feature.

General instructions

Creating a masked database involves, in very general terms, performing the following steps:

  • Creating a new project.

  • Providing a connection to the target database.

  • Importing meta data from the target database.

  • Configuring masking functions, foreign keys and optional scripts.

  • Using DATPROF Runtime to generate a package.

  • Deploying the masking template.