Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

How to ensure SOX, HIPAA, & GDPR Compliance in Dev and Test

109 visualizaciones

Publicado el

Delivering fresh, database copies to dev and test while complying with regulations such as SOX, HIPAA, and GDPR is challenging.

Many approaches are inefficient, taking hours, sometimes days, involving multiple backup and restore tasks, and designing data sets that are compliant and won’t expose customer data in the event of a breach. They don’t scale, and rarely meet the needs of DevOps teams working in ever faster cycles.

Chris Unwin, Data Privacy and Protection Specialist at Redgate shows you how to spin up fresh database copies for dev and test in seconds, with whatever level of protection you need – masked data, unmasked data, or synthetic data sets. Including:

- Designing masking models up front so dev and test databases are born compliant
- Creating full copies of databases in seconds that take up only 50 - 60 MB of disk space
- Automating database provisioning as part of Compliant Database DevOps
- Establishing a simple, repeatable, transparent, and auditable process

You also learn about customers who’ve revolutionized database development with SQL Provision. Like, KEPRO, a US health provider, who switched to SQL Provision to comply with HIPAA and is now saving 20 hours a week on database admin.

Publicado en: Software
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

How to ensure SOX, HIPAA, & GDPR Compliance in Dev and Test

  1. 1. How to ensure SOX, HIPAA, & GDPR compliance in Dev and Test
  2. 2. Your Presenter Chris.Unwin@red-gate.com Chris Unwin Data Privacy Specialist DBAle on Spotify and iTunes /in/christopherunwincambridge/
  3. 3. • Privilege misuse: 12% • Hacking: 48% • (Healthcare) Internal: 56% • (Finance) External: 92% • No. 1 asset involved: Database Sources of breaches *Study from 2018 Data Breach Investigations Report- Verizon
  4. 4. Privacy regulations around the world such as HIPAA, SOX, GDPR, CCPA, SHIELD etc. demand effective and repeatable processes for protecting sensitive data. Or… Data Protection by Design and by Default.
  5. 5. • HIPAA: Up to$1.5m & 10 years in prison • SOX: Up to$5m & 20 years in prison • GDPR: Up to €20m or 4% of annual global turnover • POPI: Up to R10 million & 12 months in prison • PIPEDA: Up to $100,000 Cost of non compliance
  6. 6. Most Organizations do ‘copy-down’ Live Data
  7. 7. How can we stay compliant AND use production-like data?
  8. 8. A small attack surface makes compliance easier • PII in all environments • Higher risk 1TB QA 1TB Test 1TB Dev 1TB Prod • PII only in PROD • Lower risk 0TB QA 0TB Test 0TB Dev 1TB Prod Vs
  9. 9. SQL Provision In Action
  10. 10. Case study • Masked PHI without jeopardizing data integrity • Supply realistic data for testing • New off-shore development team HIPAA compliant • Saving 15-20 hours a week in provisioning processes • Reclaimed terabytes of disk space
  11. 11. Benefits – recap
  12. 12. Q&A Session
  13. 13. Next steps • Speak to us: SQLProvision@red-gate.com • Learn more: red-gate.com/sql-provision

×