-----------------------------------<snip>-------------------------------
In these days of HIPPA, Sarbanes-Oxley (in the US), PIPEDA (in Canada)
and various other privacy acts, do you want applications people able
to read production data? On the other hand how do you re-create
production problems in test when the obfuscation may also eliminate
the problem?
There's the rub. I know there are many vendors out there who will be glad to help you
"scrub" production data for use in testing, but they all sound like a royal pain in the
*!&@# if you ask me. Until I am absolutely told I cannot use (copies of) production data in test I
will continue to do so. Once I am told that I will say "sure, tell me how I can do my job without
it and I'll consider it".
Very sore spot with me.
Frank
------------------------------<unsnip>----------------------------------
You might consider this: "age" your data.
We allowed testing with production data that was at least 3 weeks old.
In our business, after 2 days, the data was useless, even to a malicious
attacker, so we let it age three weeks, then allowed app. staff to use
it for test purposes.
Rick
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
