Axis Technology and Skytap provide tips on how masked test data management eliminates the possibility of exposure of sensitive information to either hackers or malicious insiders, increases security and compliance, and allows dev/test teams to perform more complete and continuous testing in the cloud.
2. Today’s Agenda
• Introductions
• Using Skytap for development and testing
• Discuss concerns with putting data in the cloud
• Your solution
• Demo
Confidential 2
3. Skytap Nuggets
Skytap Formed
2006
3.7 Million
VMs Launched
Confidential 3
5 PATENTS
9 PENDIN
G
1,200+
Customers
18K
Users
SEATTLE
H
Q
4. About Axis Technology
Ø Axis Technology Software, LLC is a premier software
company that was created to focus on data security
products.
Ø Axis pioneered the data masking space via its
development of DMsuiteTM 8 years ago.
Ø Independent and privately held, Axis was founded in
2000 and is headquartered in Boston, MA.
Confidential 4
5. Skytap provides development and test
environments-as-a-service that remove
the inefficiencies and constraints that
companies have with their SDLC. As a
result, our customers release better
software faster.
“
Confidential 5
“
More about Skytap
7. Storefront 2.0 Application
Web/
Application
Server 1
(WebSphere)
Web/
Application
Server 2
(WebSphere)
Service Virtualization
External
Load Balancer
(F5 Big IP VE)
Oracle RAC
Database
Server
(Linux)
SAP via
Confidential 7
OpenFiler
(Virtual SAN)
Oracle RAC
Database
Server
(Linux)
Domain
Controller
(Windows)
Reporting
Server
(Windows)
DMZ
RAC
Private
Internal
Internet
Corporate
Headquarters
Reporting SQL
Server
(Windows)
RAC
Public
On-Premise
Datacenter
9. Common Inefficiencies in the SDLC
Confidential 9
Test
environments
are scarce
There is too
much time
spent waiting
Test
environments
don’t scale with
demand
Defects found
in test take too
long to
reproduce
Unable to
collaborate
productively
• Developers
usually end up
running tests
on their laptops
and other non-production
configurations.
• Defects are not
identified as
soon as they
could be.
• There is always
contention
around shared
dev/test
environments.
• An enormous
amount of time is
spent waiting for
environments to
free up.
• Takes to long for
IT to provision or
make available.
• More test
environments
are needed at
certain stages
of dev/test.
• Delays are
caused due to
queuing for test
environments.
• Development
and test
environments
don’t look the
same, causing
the “works for
me” problem.
• It can take days
for a developer
to build,
configure and
reproduce a
defect.
• Development
teams now
include
onshore,
offshore, shared
services,
contractors and
business users.
• Today’s static
environments
are difficult or
impossible to
share.
10. The Skytap Difference
Built for Complex
environments
------------------------------------------------------------
• Server & cluster configurations
• Appliances/load balancers
• Advanced network
configuration and domain
control
• Pre-loaded with data and
virtual assets
• Connect intra-environment
workflows
Built for agile dev/test
Collaboration
------------------------------------------------------------
• Copy environments across
global cloud infrastructures
• On-demand, elastic
resources
• Ease of use with little or no
configuration time needed
• Store and share as
Templates
• Achieve follow-the-sun
projects
Confidential 10
Built for IT/Ops
Control
------------------------------------------------------------
• Maintain visibility and control
costs
• Deliver self-service
provisioning
• Set permissions, quotas &
policies by user, department,
project
• Automate lab provisioning and
shutdown of idle resources
• Universal access to labs with
published URLs
11. The Skytap Solution
SKYTAP
WEB
CONSOLE
SKYTAP
CLOUD
IaaS
AMAZON
WEB
SERVICES
IaaS
Confidential 11
OTHER
CLOUD
IaaS
REST
API
Command
Line
ALM/CI
Tools
E N V I R O N M E N T S -‐ A S -‐ A -‐ S E R V I C E
IT/Ops
Network
SeGngs
Dev
Access
Controls
ConfiguraMon
Manager
UMlizaMon/Quotas
Test
Self-‐Service
Access
Save
&
Reproduce
Defects
Copy/Share
Environments
Build
&
Deploy
AutomaMon
Project
Templates
Environment
configuraMons
13. Security Concerns
A
study
recently
published
by
IDG
Enterprise,
highlights
that,
though
cloud
hosMng
and
compuMng
programs
(including
IaaS
and
SaaS)
are
growing
in
popularity,
Confidential 13
data
security
concerns
remain
a
top
concern
among
technology
decision
makers.
14. What to Do
Having Sensitive Data Exposed is one of the
biggest fears of companies who are
contemplating moving to the cloud.
Masking Data PRIOR to moving it to the
cloud, eliminates this obstacle.
Confidential 14
15. How Does DMsuiteR Mask Data?
Confidential 15
Data
Masking*
—
Replace
sensiMve
data
with
ficMMous
but
realisMc
data
to
eliminate
the
risk
of
exposure
to
unauthorized
parMes.
The
Axis
DMsuite
solu7on
is
completely
automated
and
designed
to
be
rapidly
implemented
and
ins7tu7onalized.
Our
unique
approach
is
to
break
the
associa7on
between
unique
iden7fiers
and
personally
iden7fiable
data.
* Data Masking = redaction, de-identification, depersonalization, anonymization, obfuscation
16. Which Data?
Internal users
Privileged users
ERP
Web
server
Databases
Backups
App
server
Live
-‐
Produc5on
File
server
Load
balancer
Confidential 16
Firewall
File
server
External
users
1
2
4
3
5
6
DMsuiteTM
scans
your
client’s
databases
to
find
SensiMve
Data.
DMsuiteTM
creates
an
inventory
of
sensiMve
data
for
your
client.
17. Protect Your Data
Live
-‐
Produc5on
DMsuiteTM
replaces
sensiMve
data
with
ficMMous
but
realisMc
data
to
eliminate
the
risk
of
exposure
to
unauthorized
parMes.
Confidential 17
Internal users Privileged users
Load
balancer Databases
ERP
Web
server
Backups
App
server
File
server
Firewall
File
server
External
users
1
2
4
3
5
6
Internal users Privileged users
Load
balancer Databases
ERP
Web
server
Backups
App
server
File
server
Firewall
File
server
External
users
1
2
4
3
5
6
Internal users Privileged users
Load
balancer Databases
ERP
Web
server
Backups
App
server
File
server
Firewall
File
server
External
users
1
2
4
3
5
6
Internal users
Privileged users
ERP
Web
server
Backups
App
server
Load
balancer
Databases
File
server
Firewall
File
server
External
users
1
2
4
3
5
6
DMsuiteTM
sits
in
the
customer
environment,
masks
data
in
memory
and
provisions
masked
data
to
the
cloud.
QA
Tes5ng
UAT
Tes5ng
“DMZ”
Masked Data
18. Proof of Concepts
Confidential 18
Internal users Privileged users
Load
balancer Databases
ERP
Web
server
Backups
App
server
File
server
Firewall
File
server
External
users
1
2
4
3
5
6
Internal users Privileged users
Load
balancer Databases
ERP
Web
server
Backups
App
server
File
server
Firewall
File
server
External
users
1
2
4
3
5
6
Internal users Privileged users
Load
balancer Databases
ERP
Web
server
Backups
App
server
File
server
Firewall
File
server
External
users
1
2
4
3
5
6
Internal users
Privileged users
ERP
Web
server
Backups
App
server
Load
balancer
Databases
File
server
Firewall
File
server
External
users
1
2
4
3
5
6
Live
-‐
Produc5on
QA
Tes5ng
UAT
Tes5ng
“DMZ”
Masked Data
DMsuiteTM
is
up
and
running
in
one
hour,
masks
data
in
memory
and
provisions
masked
data
to
the
cloud.
DMsuiteTM
replaces
sensiMve
data
with
ficMMous
but
realisMc
data
to
eliminate
privacy
concerns
or
potenMal
prospects.
19. Masked / De-Identified / Anonymized
Field Production Value Masked Value
First Name Christopher Romanth
Address 123 Stone Street 62 Main Street
Phone 703-891-2426 703-555-1287
Date of Birth 07/11/82 07/24/82
SSN 621-02-4579 805-23-1290
DMsuiteTM
masked
values
are
realisMc
but
fic55ous.
DMsuiteTM
does
not
store
or
make
copies
of
producMon
data.
Confidential 19
You
cannot
use
DMsuiteTM
to
view
any
producMon
data.
20. DMsuiteR Masks
Application
Confidential 20
s
• Oracle E-Business
• Salesforc
e
• PeopleSo
ft
• Trizetto
• SAP
• MS CRM
• Lawson
• AMISYS
Databases
• Oracle
• MSSQL
Server
• Informix
• DB2
• Teradata
• MS Access
• MySQL
• Netezza
• Cache
• Sybase
• Ingres
• Vertica
• Greenplum
• PostgreSQ
L
Files
• XML
• CVS
• Multi-record
• Word
• Excel
• PPT
• RSS
• Un-structured
• EDI
Mainframe
• DB2
• IMS
• ADABAS
• QSAM
• VSAM
Big Data
• Cloudera
• Hortonwork
s
• Hadoop
NoSQL
• MongoDB
• Cassandr
a
…and keeps referential integrity across all of them