Executive Summary (This is a document excerpt)

Using customer, employee, or other confidential data straight from production for testing or developing applications violates data privacy laws and regulations and makes that data a soft target for attacks. Data privacy is not just a concern for production systems; it extends to nonproduction environments, too, including test, development, quality assurance (QA), staging, and training databases — wherever private data resides. Although many database administrators (DBAs) and security and risk professionals are revisiting security policies for test data, most still are not securing such data. All enterprises dealing with private data in test environments should mask or generate test data to comply with regulations such as Payment Card Industry (PCI), the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX), and European Union (EU) as well as to protect against internal and external attacks.

Buy Risk-Free

Download and print PDF immediately. Price: US $1749

Our Money-Back Guarantee: If you are not completely satisfied, return it for a full refund within three weeks of your online purchase.

Already a Forrester Client?
Log in to read this document.