If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.
Well it's my mistake that I should have elaborated more about 'sanitization' during first instance itself.
Sanitization is nothing but masking of sensitive data.For e.g. if original credit card # in production environment is say 4589-7642-3980-5431 then while retoring this info in development environment it must look like 4589-XXXX-XXXX-XXXX or XXXX-XXXX-XXXX-5431.
The reason for doing this is that, developers should not have access to credit card#'s while testing their app's in either dev/test env.
I know this is not going to be a very difficult task,but was wondering if anybody is aware of any best practises/ways of implementing it.
This may be a language issue then. In that case, you're talking ENCRYPTION/DECRYPTION. Search the forum here and you'll find several topics that we've had over that. If it doesn't answer your questions, please come back and we'll be glad to help.
We have identified the key fields that the business want "masked/obscured" and we have some custome in house jobs for that.
On the production system we take a copy of the database
We then "purge" it severely to reduce the overall size
We then run our custome "Scramble" jobs to scramble the sensitive data
We save the "Slice of Life" database and restore it to the development system
Basically we make all sensitive data the same, so we set all customer names to "Mohammed" for an example so that developers can see the "name" via the normal screens but know it is garbage.
As we run the slice and scramble on the production systems it is secured by stricter authorities, and it does not go to the dev system until it is scrambled.
Comment