This article can also be found in the Premium Editorial Download "Storage magazine: Surprise winner: BlueArc earns top NAS quality award honors."
Download it now to read this article plus other related content.
During the subsetting process, sensitive info can be secured through a variety of techniques. Masking data ensures that the database subset doesn't copy the original values from the primary database. For example, production databases store valid social security and credit card numbers, but the masked subset may keep only the last four digits of the original values. The masked data remains usable for development quality assurance and processes, but renders itself useless for any criminal intent. If the data does end up in the wrong hands due to a security breach, the company remains protected.
Depending on the implementation, data can be scrambled so that an entirely new set of values is generated or the values may be scrambled within the subset. Scrambling moves the values around so that an address, for example, is associated with a different employee in the subset, making it easy to test an application with valid data, but very difficult for someone with access to the test data to identify where a person lives. Organizations should understand what type of testing they'll be performing and which database security method protects the information without impeding the development process.
Retaining significant amounts of capacity on enterprise-class storage arrays exclusively is extremely cost prohibitive. Unfortunately, most storage systems have historically been designed for "production" data--transactional data with very high speed, very high reliability and
Control through collaboration
The combination of more information privacy laws, record-retention regulations and data growth poses challenges to both database and storage groups. Buying more disk capacity or database licenses isn't a cost-effective way to solve security risks, as the proliferation of database copies increases the chance that an individual can access confidential information.
Because there are inherent storage and database management benefits that can be derived from database archiving, these solutions should be the bridge that connects these groups. There may be dissension related to who should pay for this software and who should manage it, but there are far too many reasons why these should be resolved sooner rather than later. If these issues are a sticking point, invite the head of corporate communications to the next meeting. After all, that's the person who will have to handle the press calls and public scrutiny when a breach occurs.
This was first published in June 2007