A key but often often overlooked aspect of this whole process is that organizations need to address sensitive data at the very earliest stages of application development or upgrade process. The reality is that much like system documentation, protecting sensitive information during the development process tends to be an afterthought. It’s this ‘afterthought’ that gives the privacy and security folks heartburn and forces them to send you back to the drawing board.
Automation is also important both when cataloging your sensitive data as well as when masking it in preparation for cloud deployment. Be prepared for some level of manual effort at this stage in terms of input from your subject matter experts but tools exist to significantly ease the burden of manual analysis via automated sensitive data search/discovery tools.
Also bear in mind that like many enterprise-wide technology initiatives, a phased approached to adopting cloud-based development infrastructure improves your chances of success. It doesn’t have to be an all-or-nothing approach. Proceeding through the six steps outlined above on a focused set of applications/initiatives will help you identify ‘gotchas’ and best practices that will lead to broader success in the cloud.
- Data masking technology is well suited for preparing data prior to deploying the data to cloud-based development environments
- Ensure your sensitive data landscape is well understood by cataloging your sensitive data (via a sensitive data discovery initiative)
- While masking is not point-and-click, it can be readily undertaken in-house or with outside help
- Masking removes a crucial impediment to cloud adoption for test/development processes but it can be used on-premise as well.
- Sensitive data discovery is important in ensuring appropriate coverage and can raise questions within the organization on the current risk landscape that need to be addressed prior to cloud deployment.