Ensuring Compliance with Data Privacy Directives using ... one for backup restore, archive REPLICATE...

Ensuring Compliance with Data Privacy Directives using Virtual Databases

June 2017

Steve Karam, Director of Customer Education and Experience at Delphix

© 2017 Delphix Corporation 2

AgendaEnsure compliance to disparate data privacy directives1Develop catalogs of custom datasets for targeted distribution2

3 Scale an auditable process while reducing operational burden

3© 2017 Delphix Corporation

➢ Sharing data is critical to creating new

and improving existing programs and

digital services

➢ Benefits

▪ Simpler and more usable services

▪ More efficient use of resources

▪ Better decision-making

▪ Improved well-being and outcomes

The Importance of Data Sharing

“I believe the creation of the Government Digital Service is one of the

great unsung triumphs of the last Parliament.” – David Cameron

Example: State of California Department of Education

Student Information

Attendance Data

Student Progress Data

Standardized Test Scores

…

Eligibility Data

Alumni Outreach Budget Office Analytics …

Academic Performance Index

Adequate Yearly Progress

Graduation Rates

English Language Development

Tests

School Accountability Report

Cards

…

Data Sources Uses Data Privacy Laws

Family Educational Rights and Privacy Act

(FERPA)

Protection of Pupil Rights Amendment

(PPRA)

Children’s Online Privacy Protection Act

(COPPA)

California Public Records Act (PRA)

Student Online Personal

Information Act

…

Users


Finding the Balance

54% of adults said they believed

the public sector kept their

personal information more

secure (Citrix)

41% of respondents said the

public sector is being too

cautious about sharing

data (KPMG)


Challenges With Data Sharing

Meeting strict data privacy laws

Collecting and synchronizing data across disparate systems

Accessing data in a timely manner to meet directives

Making decisions using low-quality data

Managing troves of personal information

Providing easy, transparent data access (e.g. mobile devices)

Barriers to

Creating &

Improving

Digital

Services


▪ How do you keep citizen data safe

and build confidence?

▪ How do you broker the flow of

information between government

agencies and departments?

▪ How do you promote information

sharing to enable digital in a simple

and transparent manner?

Who Owns the Data?


A Modern Data Platform

Enables data to be delivered to

every stakeholder at the speed,

simplicity, and security required to

meet development, testing, and

analytics demands.


Instantly

move dataSecure and

governed data

Automated

processes Self service

A Modern Data Platform

Collect and synchronize data across departments and systems

Data

Platform

Student Data

DMV Data

Court Data

…

10:27:36 A.M. 1:30:20 P.M. 5:07:15 P.M.

Data collected across

government agencies and

systems

High-quality data quickly and

easily distributed for use1 2 3Data stored and

synchronized in a central

location

Mask Once, Branch Many, Reset Anytime

Data

Platform

Departments

Embedded Native

MaskingThird Parties

Cloud

10:27 A.M. 1:30 P.M. 5:07 P.M.

Data Source

(e.g. Oracle, SQL

Server, DB2)

Secure data with masking before

it is distributed downstream4

Maintain Referential Integrity

Claimant Table

ID First_Name

1 George

2 Mary

3 John

Employee Table

ID First_Name

5 John

6 George

7 Mary

▪ Realistic

▪ Irreversible

Claimant Table

ID First_Name

1 Romanth

2 Clara

3 Damien

Employee Table

ID First_Name

5 Damien

6 Romanth

7 Clara

▪ Repeatable

▪ Referential Integrity

Unmasked UnmaskedMasked Masked

Recap

A Modern Data Platform enables:

1. Simplified data collection, synchronization,

and delivery from a central location

2. Improved security with masking

3. High quality masked and unmasked data

End-to-End Process

Profile Secure Audit

Name

SSN#

Phone#

CC#

Name

SSN#

Phone#

CC#

Deliver

Transform

Data

Elements

Sensitive

Data

Inventory

Security Data Analyst

Change

Capture

Metadata

Integration

Delphix Copy

of

Production

Data

Masked

Test Data

Data

Profiling

Regexes

Masking Algorithms

A data profiling system

capable of identifying sensitive data elements in structured or unstructured data using

regular expressions. It can search metadata or dataand tag sensitive data in a

way compatible with the

inventory.

Data Profiling


Regulation-Specific Masking

Structure Description Examples

Profiler Groups Groups of profiler expressions (regular

expressions to identify data to be masked

and assigned a domain).

Financial, HIPAA, PeopleSoft, Oracle EBS

Domain Classification of profiled data. Multiple

expressions can be assigned to a domain.

SSN, Account Number, Location Code, Phone

Number.

Algorithms Out-of-the-box and customizable entities to

mask data in each domain.

Secure Lookup, Segmented Mapping, Min

Max, Tokenization, Data Cleansing, Free Text

Redaction

Jobs Used to perform actions. Profiling, Masking, Certification, and

Provisioning.


Replication

ON PREMISE

DATA CENTER

▪ Enable data to be efficiently transmitted between

systems, locations, and agencies

▪ Refresh faster by only sending change data

▪ Reduce bandwidth requirements


Secure Data Distribution (SDD) enables a Masked VDB to be replicated from one Delphix

Engine to another and only copy the masked and non-sensitive data blocks. Pre-masked

sensitive data blocks (in red) are redacted from the dSource ensuring only masked data

leaves the production zone.

Selective Data Distribution


Creating a Catalog of Data Options

Provisio

n

Refresh Restore Mask Convert

2 hr 2 hr 1 hr 8 hr 8 hr

Synchronize Branch Bookmark Reset

10 min 10 min 10 min 10 min

New Features

Self-service, automated

Provision Refresh Restore Mask Convert

6 weeks 4 days 8 days 3 days 8 weeks

CURRENT CATALOGMultiple administrative touch points.

NEW CATALOG

Recap


1. Pre-built masking templates and profiler groups

2. Reduced barriers to data center and cloud

migrations

3. Rapid development of complex applications

with an advanced catalog of data operations


Provides a framework and interfaces to

optimize self-service data for apps teams

Power features to accelerate collaboration

and enhance developer flexibility

Delivers control and management framework

to ops

Jet Stream Self Service Interface


DevOps Readiness


Bookmark and Share

VS

DATA SHARED AT WILLDATA HOARDED AND TRAPPED


Dev:

Comprehensive Data Features

to Enable DevOps

ROLLBACK

Reset to run A/B tests, recover

from errors and data loss

SYNCHRONIZE

Dial multiple applications to

exact same time

BOOKMARK

Mark release changes,

business events

BRANCH

Pass environments to/from

Dev and QA

REFRESH

Refresh to the latest data

for high fidelity testing,

analytics

RBAC

Set up role-based

access controls,

permissions

MASK

Replace private,

sensitive data with

masked values

RETAIN

Store 30 days in space

of one for backup

restore, archiveREPLICATE

Replicate within, across

sites, or to the cloud for DR

SOURCE, TARGETS

Enable, set automation

templates for source, targets

Ops:

Full security, control, & resource

Allocation to enable self service

Proper Data Governance


Data Templates and Containers

Data Template Data Container

Description of data and resources Instantiation of template and

allocation of resources

Set of sources within Delphix VDB for each template source

Ability to manage resources Ability to version data in container

General configuration Developer specific configuration

Managed by administrator Managed by a single developer

Recap


1. Self service user interface

2. New, innovative data controls

3. Proper governance over resources

Over 1/3rd of the Fortune 100 rely on Delphix to

move data at the speed of business.

The Biggest Brands Rely on Delphix

3 of 5

RETAIL

Top Retailers

3 of 5

BANKING

Top Banks

3 of 5

TELECOM

Top Telcos

7 of 10

INSURANCE

Top Insurers

6 of 10

HIGH TECH

Top Tech Firms


Questions?

Thank You

[email protected]


ProductionOn-premises or cloud

Non-productionTarget servers: physical, virtual, or cloud

Storage: 20 TB

DBMS

Production

Storage: 20 TB

DBMS

Dev

Storage: 20 TB

DBMS

Test

Storage: 20 TB

DBMS

UAT

60TB of redundant storage

Manually copy,

move data

Traditional Data Management

!

!



Storage: 20 TB

DBMS

Production

The Delphix Data Platform

Capture application data,

20 TB de-duped and

compressed to 7 TB

1

Installs as a virtual appliance

Storage: 7 TB

One-time, full copy



Storage: 20 TB

DBMS

Production


20 TB de-duped and

compressed to 7 TB

1

Storage: 7 TB

Continuously record

unique, incremental

changes to sources

2

May 23 06:11May 22 12:43May 22 08:41

Production Time Machine

Log shipping




Storage: 20 TB

DBMS

Production


20 TB de-duped and

compressed to 7 TB

1

Continuously record

unique, incremental

changes to sources

2

Share data

blocks instead

of duplicating

3

DBMS

Dev

DBMS

Test

DBMS

UAT

Storage: 7 TB


Virtual Data Virtual Data Virtual Data

70-90% Storage Savings




Storage: 20 TB

DBMS

Production


20 TB de-duped and

compressed to 7 TB

1

Continuously record

unique, incremental

changes to sources

2

Share data

blocks instead

of duplicating

3

DBMS

Dev

DBMS

Test

DBMS

UAT

Storage: 7 TB


Virtual Data Virtual Data Virtual Data

Capture all

changes, creating

a space-efficient

time machine

4


Ensuring Compliance with Data Privacy Directives using ... one for backup restore, archive REPLICATE...

Documents

Transcript of Ensuring Compliance with Data Privacy Directives using ... one for backup restore, archive REPLICATE...