Test Data Privacy - Compuware - BMC

Test Data Privacy

Test Data Privacy

Secure Test Data Against Breaches, Reach Compliance

Compuware’s Test Data Privacy solution leverages Topaz® for Enterprise Data for a consistent, familiar and secure method to easily understand, mask and manage both test and production data across all environments.

Two core areas that increasingly require mainframe teams to implement a test data privacy solution for more secure test data are 1) data breach prevention and 2) compliance with data privacy laws.

Data Breach Prevention

During the application testing process, your customer information may be exposed to development teams, IT vendors and even third-party developers. Any accidental or malicious misuse of test data would be costly and reputation damaging. To counteract this, Test Data Privacy supports static data masking (SDM), enabling the masking or desensitization of personally identifiable information (PII) in data to mitigate the risk of breaches and misuse of production data in test, analytics or training environments.

Compliance with Data Privacy Laws

Using live data for testing creates risk because data used in test environments tends to be less secure. Data privacy regulations require that all data, whether used in production or test be secure. By using Test Data Privacy to apply consistent data disguise techniques across all environments, companies can address requirements to protect PII throughout the application testing process and comply with tightening data privacy laws and company policies.

To help mainframe teams improve these areas, Test Data Privacy provides a wide range of unique capabilities for ensuring test data is secure while remaining realistic.

On-Demand Webcasts

Thought Leadership

Artificial Intelligence with zAdviser

Code-free Masking Rules

Test Data Privacy reduces the complexity and tedium involved in masking test data by eliminating the coding of masking rules for every column/field. It  groups columns/fields of the same category into one entity that is masked by a single rule.

The name of the Data Element is abstract and has nothing to do with the physical column names (in this example, “Telefon” will work for all columns whose names contain “PHONE”).


Data Masking Techniques

Test Data Privacy also provides developers with data masking techniques. Format-preserving encryption keeps the original format of input data, thus making it more usable and realistic for data testing purposes. The translation technique uses existing values stored within files as replacements for sensitive test data values and fits well for fields that require resulting values to be fictionalized, yet still readable to a user and valid for an application test.

Many data manipulation functions are built into Test Data Privacy to handle commonly requested actions like aging dates, standardizing upper/lowercase and calculating check-digit values. In addition, user-defined custom functions can be added to handle unique disguise requirements.


Java-like Syntax for Building Rule Logic

You can include business rules and logic within the disguise rule using a Java-like syntax. This includes the ability to interrogate incoming source values and apply the appropriate disguise actions to each value.

The combination of robust disguise techniques, built-in and custom functions as well as rule logic will allow you to satisfy whatever disguise requirements your business mandates.

3_TDP_IT_Topics_Webpage_Expression_Bldr_Rule_Logic - Copy

Consistent Disguise Across Environments

Test Data Privacy’s test data masking technology performs data normalization into and out of the masking process, which ensures consistent masking across both mainframe and distributed files and databases, irrespective of the operational platforms or encodings.


Dynamic Privacy Rules

Test Data Privacy uses unique technology to associate masking with sensitive test data elements such as card numbers, account numbers and names independent of objects (file/table) or platforms. A privacy rule is defined once for each data element. At disguise execution time, the appropriate disguise rules are dynamically applied to the file or database being disguised. The very same disguise rule is applied to each instance of the data element. That test data could be in a VSAM file, a Db2 table, an IMS segment or a distributed DBMS (Oracle, SQL/Server, Db2 LUW, Sybase).

6_TDP_IT_Topics_Webpage_CoverageOnly_NAME-TEST-FILE - Copy

Composite Processing

One of the unique features of Test Data Privacy is its ability to enable you to locate and disguise pieces of data within a larger field. This functionality is often used to disguise names and addresses, since there are many different formats in which that data is stored. Sometimes each part of the name is stored in a separate field, and sometimes the name is stored as a full name.

Composite processing allows you to locate the parts within the full name field so both formats can be disguised in the same way.


Maintain Integrity with Data Selection and Sub-setting

Topaz for Enterprise Data’s data selection and sub-setting capabilities allow focused and relevant test data to be extracted while maintaining integrity, ensuring high-quality test data. Test Data Privacy includes capabilities for desensitizing copies of primary data containing PII, which can then be used for testing, QA or transmission to other business partners.