Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Don't think DevOps think Compliant Database DevOps


Published on

DevOps and data privacy do not need to oppose each other. Rather, they can complement one another.

The automation and audit trails that DevOps processes introduce to database development can ease compliance with data protection regulations and enable organizations to balance the need to deliver software faster with the requirement to protect and preserve personal data.

So how can the promise of releasing changes to the database faster and easier be balanced with the need to keep data safe and remain compliant with legislation?

Redgate’s Data Privacy and Protection Specialist Chris Unwin, shows how the answer lies in in going one step further than database DevOps and thinking about Compliant Database DevOps:
• Introduce standardized team-based development
• Automate deployments
• Monitor performance and availability
• Protect and preserve data

Published in: Software
  • Be the first to comment

  • Be the first to like this

Don't think DevOps think Compliant Database DevOps

  1. 1. Don’t just think DevOps. Think Compliant Database DevOps!
  2. 2. Your Presenter Chris Unwin Data Privacy Specialist DBAle on Spotify and iTunes /in/christopherunwincambridge/
  3. 3. 314 Redgaters and counting 19 years old 202,000 customers 2m SQL Server Central and Simple Talk users 91% of the Fortune 100 use our tools 6m website visits each year 1,286 product releases last year 70 Communities sponsored last year About Redgate
  4. 4. 2018 Accelerate: State of DevOps Report
  5. 5. 2019 Redgate State of Database DevOps Report
  6. 6. • Privilege misuse: 12% • Hacking: 48% • (Healthcare) Internal: 56% • (Finance) External: 92% • No. 1 asset involved: Database Sources of breaches *Study from 2018 Data Breach Investigations Report- Verizon
  7. 7. Privacy regulations around the world such as HIPAA, SOX, GDPR, CCPA, SHIELD etc. demand effective and repeatable processes for protecting sensitive data. Or… Data Protection by Design and by Default.
  8. 8. • HIPAA: Up to$1.5m & 10 years in prison • SOX: Up to$5m & 20 years in prison • GDPR: Up to €20m or 4% of annual global turnover • POPI: Up to R10 million & 12 months in prison • PIPEDA: Up to $100,000 Cost of non compliance
  9. 9. What does Compliant Database DevOps look like?
  10. 10. The 4 elements of Compliant Database DevOps
  11. 11. Standardize Team Based Development
  12. 12. Application v Database
  13. 13. Automate Database Deployments
  14. 14. Application v Database
  15. 15. Monitor Performance and Availability
  16. 16. What is the biggest challenge facing your SQL Server estate management this year?
  17. 17.
  18. 18. Protect and Preserve Data
  19. 19. Software teams want to use Production Data
  20. 20. Most Organizations do ‘copy-down’ Live Data
  21. 21. How can we stay compliant AND use production-like data?
  22. 22. A small attack surface makes compliance easier • PII in all environments • Higher risk 1TB QA 1TB Test 1TB Dev 1TB Prod • PII only in PROD • Lower risk 0TB QA 0TB Test 0TB Dev 1TB Prod Vs
  23. 23. Compliant Database DevOps
  24. 24. Case study
  25. 25. Q&A Session
  26. 26. Theme: Compliant Database DevOps in the Age of Digital Transformation London, UK: April 30 2019 Los Angeles, USA: May 15 2019 Austin, USA: May 22 2019 Brisbane, AUS: May 31 2019 Christchurch, NZ: June 7 2019 Melbourne, AUS: June 14 2019 Register today using the code ‘Webinar’ to claim your complimentary ticket to attend: Theme: Standardizing Database Change Management Across your Organization When: Wednesday 3 April 9AM-2PM Eastern / 2PM-7PM BST Where: Livestream on the Redgate Hub Speakers: Kenda Little, Steve Jones, Kathi Kellenberger & Grant Fritchey Visit the website for further details and to register a place for you, and your team.
  27. 27. Find out more