test data masking
April 26, 2016 Cybersecurity, Data

The Magic of Data Elements: Test Data Masking with Efficiency

Under the General Data Protection Regulation (GDPR), a new set of data protection laws looming over companies—in Europe and across the globe—who serve EU citizens, companies face hurdles associated with test data privacy projects. With tighter restrictions surrounding how companies use customer data in testing, the need for an efficient way to mask data and protect EU customers’ personal information has increased.

Any test data practitioner would agree, test data masking is often a complex, tedious, redundant task. Quite often the same piece of information is stored in multiple places, especially in test environments. What’s more, even if data sources are perfectly designed, many columns fall in the same category of data.

For example, if a bank stores a client’s telephone number, it may appear as:

  • Base telephone number
  • Contact number
  • Mobile number
  • Fax number
  • Work phone number

While test data practitioners would agree these phone numbers represent different pieces of information, from a disguise perspective they’re all phone numbers and can be masked by one rule, encrypted in the same way. In other words, there’s no reason to create separate masking rules for “base telephone number” and “contact number.” Most of the time, the design of the test data masking specifies only one rule for all telephone numbers, and test data practitioners know this.

The difficulty, then, lies in multiplication. Copy and paste is easy enough, but maintaining one rule across dozens, if not hundreds, of columns (fields) becomes unnecessarily complicated.

How Data Elements Makes Test Data Masking Efficient

Compuware realized this problem and devised a simple, elegant and effective solution: Data Elements.

The revolutionary and market-unique concept of Data Elements used in Compuware’s Test Data Privacy solution makes data masking projects easier by eliminating the tedious coding of masking rules for each and every column (field).

Data Elements groups columns (fields) of the same category into one entity that is masked by one rule. For instance, a single Data Element would encompass all possible occurrences of any telephone number across the enterprise. Yes, enterprise, not just database.

In a recent project at an insurance company in Germany, 346 distinct DB2 columns were identified as sensitive. However, when the customer analyzed the data, they found that only 22 distinct categories existed. Thus, instead of creating 346 Rules, they had to create only 22. Imagine how much easier it is for them to maintain the masking rules now. If anything needs to be changed, a person simply modifies one rule in one repository.

The GDPR is making data protection more complex for companies, albeit for the betterment of citizens’ privacy. Companies are scrambling to find data solutions that will alleviate the pressures of the GDPR. Compuware’s Data Elements helps solve this problem by reducing the complexity and tedium involved in masking test data.