Redgate adds fast, repeatable data masking to its database provisioning solution
Cambridge UK, Wednesday, 28 February, 2018 – In another move to ease the burden of remaining compliant with the upcoming General Data Protection Regulation (GDPR), Redgate has enhanced its SQL Provision solution to make the masking of data even easier.
SQL Provision allows users to create copies of SQL Server databases using just MB of storage and mask any sensitive data. The virtual cloning technology of SQL Clone is used to create the copies, while Data Masker replaces sensitive data with realistic, anonymized data that preserves semantic integrity. The sanitized copies can then be used by development teams and testers to speed up development, accurately test code, and fix issues faster.
With legislation such as the GDPR and HIPAA requiring organizations to de-identify, pseudonymize or anonymize personally identifiable information used in the development process, the masking element is crucial.
The upgrade to SQL Provision enables a data masking set created in Data Masker to be selected during the provisioning process within SQL Clone in, literally, two clicks. This makes the process far quicker, shortens the workflow, and means provisioning is consistent, repeatable, and auditable.
The entire process can also be scheduled and automated using PowerShell so that, for example, the sanitized copies can be created overnight and instantly made available in the morning. Using this method, developers are always working with the latest version of the database, and compliance and privacy is built in by design.
The new feature was introduced because, while databases change over time, the nature of the data within them is fairly consistent. A column of credit card numbers, for example, will remain the same, as will a column with dates of birth. This is the kind of data that needs to be masked and, unless another column of sensitive data is added to a database, the masking set will still apply.
As Richard Macaskill, Redgate Product Manager, explains. “Once you’ve established which data needs to be masked and how, that won’t change unless you introduce a new subset of data, or make a major change to the database structure. So the requirement to be compliant with the GDPR actually brings with it the opportunity to introduce consistency and repeatability into the database provisioning process. And that, in turn, meets the demand to be auditable.”
With increasing legal requirements suggesting organizations should be building data privacy and protection into processes and systems by design and default, the latest release of SQL Provision is a big step in the right direction. It supports both the DevOps approach to working, while keeping compliance central to the process, creating a consented boundary between production and non-production environments.
The development team behind SQL Provision are now looking into aligning SQL Clone and Data Masker yet further to make the provisioning and masking of SQL Server databases even easier.