Category Archives: Data Privacy
The data warehouse’s goal is timely delivery of trusted data to support decision-enabling insights. However, it’s difficult to get insights out of an environment that’s hard to see inside of. This is why, as much as is possible given the necessities of data privacy, a data warehouse should be turned into a glass house, allowing us to see data quality and business intelligence challenges as they truly are.
Trusted data is not perfect data. Trusted data is transparent data, honest about its imperfections, and realistic about the practical trade-offs between delivery and quality. You can’t fix what you can’t see, but even more important, concealing or ignoring known data quality issues is only going to decrease business users’ trust of the data warehouse. Perfect data is impossible, but the more control enforced wherever data originates, and the more monitoring performed wherever data flows, the better overall data quality will be in the warehouse. (more…)
Last night Informatica was given the Silver award for Best Security Software by Info Security. The Best Security Software was one of the most competitive categories—with 8 finalists offering technologies ranging from mobile to cloud security.
Informatica won the award for its new Cloud Data Masking solution. Starting in June of last year, Informatica has steadily released a series of new Cloud solutions for data security. Informatica is the first to offer a comprehensive, data governance based solution for cloud data privacy. This solution addresses the full lifecycle of data privacy, including:
- Defining and classifying sensitive data
- Discovering where sensitive data lives
- Applying consistent data masking rules
- Measuring and monitoring to prove compliance
The Cloud Data Masking adds to Informatica’s leading cloud integration solution for salesforce.com includes data synchronization, data replication, data quality, and master data management.
Why is Cloud Data Masking important?
Sensitive data is at risk of being exposed during application development and testing, where it is important to use real production data to rigorously test applications. As reported by the Ponemon Institute, a data breach costs organizations on average $5.5 million dollars.
What does Cloud Data Masking do?
Based on Informatica’s market leading Data Masking technology, Informatica’s new Cloud Data Masking enables cloud customers to secure sensitive information during the testing phase by directly masking production data used within cloud sandboxes, creating realistic-looking, but de-identified data. Customers are therefore able to protect sensitive information from unintended exposure during development, test and training activities; streamline cloud projects by reducing the time it takes to mask test/training/development environments; and ensure compliance with mounting privacy regulations.
What do people do today?
Many organizations today will hand the masking efforts over to IT. This inevitably lengthens development cycles and delays releases. One of Informatica’s longtime customers and current partners, David Cheung of Cloud Sherpas, stated “Many customers wait days for IT to change the sensitive or confidential data, delaying releases. For example, I was at customer last week where the customer was waiting 5 days for IT to mask the sensitive data.”
Others use scripting or manual methods to mask the data. One prospect I spoke to recently said he manually altered the data but missed a few email addresses. So during a test run, the company accidentally sent emails to customers. These customers called back to demand what was going on. Do you want that to happen to you?
Visit Informatica Cloud Data Masking for more information.
In a recent survey of Informatica customers,
• Over 60% of companies had a security audit in the last year
• 35% of the companies had an internal security audit
• 16% of the companies had both an internal security audit and one performed by an external auditor
• In addition, many of these organizations saw that another company in their same industry suffered a data breach.
These results are reinforced by the discussions I had with Audit and Compliance IT owners from various industries. Audits are on the rise as more customers require these audits before purchase. Compliance IT requires reports at a database or system level showing that the data has been protected. And they want to see these reports on a regular basis as data, including test data pulled from production environments, changes frequently.
Driving these audits and Informatica projects to protect data were the following top regulatory drivers (as reported by customers):
These results are reinforced by the increasing use of Informatica’s regulatory and industry packs (containing pre-built rules and metadata), including PCI, PHI and PII. In addition to these areas, organizations I’ve spoken to are implementing projects to also protect non-public information, or confidential company information. For example, last week I spoke to a company about how they share detailed financial information about their company as part of the data they said to an outsourced partner. This financial information could be easily used to estimate company’s revenues and profits for any given quarter—before that information is released to the street, if at all.
In this same survey, the top benefits customers said that Informatica’s solution addressed included:
• Increasing productivity by leveraging pre-built masking techniques, accelerators and purpose-built tools
• Reducing the time it took to identify and capture optimal test cases, therefore reducing overall testing time
• Reducing the risk of data breach
Are you ready for your data security audit?
For more information on Informatica’s data security solutions for non-production environments, please join us for an upcoming webinar:
For more information on Informatica’s data security solutions in general, please see:
Recently, the UK’s Parliament and the Internet conference brought together leading figures from Government, Parliament, academia and the industry to discuss and debate the most pressing policy issues facing the Internet.
As expected, data privacy and security was top of the agenda for much of the day, with a number of discussions highlighting the extent to which consumer data is being exposed to security risks and the need for the right legislation and protection to keep it safe. (more…)
Verizon recently blogged about one of its clients who caught an employee outsourcing his software development day job to China. While sitting at his computer working a normal day, he paid someone else to log into his computer using his physical RSA token which he FeExed to the contractor in Shenyang. He would spend the day surfing the internet while ironically, he was being recognized as the top programmer in the building.
Several media outlets have picked up on this story even going as far to say he is the ‘Tom Sawyer’ of the software developer community. An initial, common reaction to this story might make one chuckle. Not me. Think of how that single act of irresponsibility could bring an enterprise down or expose someone to identify theft. (more…)
Informatica Recognized By Gartner as a Leader in Data Masking and by Infosecurity for Best Security Software
Informatica was named as a leader in the 2012 Gartner Magic Quadrant for Data Masking. A couple of weeks ago, Infosecurity named Informatica as a finalist for Best Security Software for 2013.
Both the Gartner Magic Quadrant for Data Masking and Infosecurity Products Guide recognized Informatica for continued innovation:
- Gartner states, “The data masking portfolio has been broadening. In addition to SDM technology… the market is beginning to offer dynamic data masking (DDM)… ” (more…)
In recent years, there have been a number of embarrassing, high profile data breach blunders. We all heard about the secret government documents detailing the UK’s policies for fighting global terrorist funding, drugs trafficking and money laundering, which were found on a London-bound train in June 2008. More recently, in 2011, Oliver Letwin faced fierce criticism after dumping documents on terrorism and national security into a bin in St. James Park in London, on no less than five occasions.
Whilst these extreme, high profile cases are rare, there are thousands of companies who have been found to mishandle confidential information relating to their customers. Indeed nearly half of the 500+ senior IT professionals surveyed for some recent research into data security admitted they had experienced a data breach. (more…)
Since announcing that it issued 68 warning notices for data security lapses for the first half of 2012, (up 48 per cent from 46 the previous year), the Information Commissioner’s Office (ICO) has issued a a series of further serious fines to the likes of local councils and charities.
It’s clear that the ICO is turning up the heat against data breaches. With more warnings and fines issued for data security lapses than ever before, the writing is clearly on the wall for businesses that are failing to keep their data under lock and key. (more…)