Test data protection solutions

There has a been a lot of comment in the UK about testing with live data and the security implications. Nice to see that there is interest in other places as well such as in this article

Creating artificial data is not only time-consuming and expensive, but it does not reproduce the real environment, subsequently most companies rather use production data for testing purposes, states João de Oliveira of MigrationWare.

He says that security around personal data tends to be less stringent in the testing than it is in the production environment and companies failing to take correct measures to protect their data are putting people's personal information at risk.

In Europe, all organisations have had to implement a data protection policy. The implications of non-compliance are significant, with guilty organisations facing the possibility of being put out of business, or having their directors held personally culpable, explains De Oliveira.

Locally, government is working on the Protection of Personal Information Bill and a new body, the Information Protection Commission, will be established to monitor and enforce compliance with the Act, he says. De Oliveira suggests that companies looking to comply with future legislation should start putting into place appropriate de-identification practices to ensure sensitive personal or financial data is not at risk during software testing.

Software testing resources