The answer lies in a familiar tactic: automation. Development teams are increasingly adept at automating huge chunks of their work, from setting up the necessary infrastructure environments to building, integrating, testing, and releasing software. Call it DevOps or CI/CD, the tactic is the same: ruthlessly automate mundane or repetitive tasks. To ensure compliance requirements dont hinder development, IT leaders must similarly prioritize automating data profiling and protection as a normal part of their development pipelines.
The growing impact of data privacy on software developmentThe regulatory landscape for data privacy and protection continues to grow, resulting in ever-increasing, and increasingly complex, compliance requirements. In fact, McKinsey found have adopted data localization rules, which have major implications for the IT footprints, data governance, and data architectures of companies, as well as their interactions with local regulators.
Existing data privacy regulations such GDPR in the EU and HIPAA in the US, updates to older mandates (e.g., the recently updated mandated by the Gramm-Leach-Bliley Act), and new and emerging laws (e.g., Virginia Consumer Data Protection Act, Canadas Consumer Privacy Protection Act) all threaten to slow down software development and innovation by adding layers of security requirements onto the development process.
Even without the introduction of new privacy mandates, the impact of data privacy and security requirements on development is almost certain to grow. For one thing, development and testing environments have proven to be rich attack targets for threat actors. From source code management systems to infrastructure such as virtual test servers to the test data itself, all are attractive targets for bad actors seeking to compromise systems and data. Add in the many different cloud development platforms like Salesforce and SAP, and its clear there is plenty of opportunity for a hungry hacker with nefarious intentions.
Therefore teams must ensure the entire application lifecycle is secure, including development and test environments, whether on-prem or in the cloud. How do IT and security accomplish this without slowing development and release cycles? The answer lies in test data automation.
Test data management meets DevOpsThe software development process is reliant on access to fresh test data. Traditional methods for managing and provisioning test data are typically manual and tremendously slow think ticketing systems and siloed, request-fulfill models that can take days or even weeks. These processes are very much at odds with modern development methods such as DevOps and CI/CD, which demand fast, iterative release cycles.
This is where application innovation often grinds to a halt. DevOps and DevSecOps processes have automated quality assurance testing and security and compliance testing throughout the CI/CD pipeline. But data provisioning and governance has remained a manual and time-consuming practice. Enter DevOps test data management (TDM) which automates the last mile of DevOps and provides fast delivery of lightweight, protected data in minutes instead of days, weeks or months. With DevOps TDM, organizations can accelerate development and testing, and in turn, can increase compliance and innovation.
Just how much can DevOps TDM accelerate software innovation? Consider from Dell Technologies. The technology giants developers needed quick access to fresh test data, but, like many other organizations, manually provisioning the data was a slow, tedious process.
By automating DevOps test data management, Dell significantly increased the speed and efficiency of its test data provisioning and governance. Now, 92% of Dells ,160 global, non-production database environments are refreshed automatically on a bi-weekly basis. Developers can now initiate releases through their CI/CD pipelines in just 17 minutes. This has allowed the Dell team to run 6 million pipelines the first quarter of 2022, and more than 50 million since they implemented this standardized, automated approach.
Shrink the surface area of private dataAntiquated approaches to test data management often rely on scripts or otherwise poorly integrated processes that result in the proliferation of sensitive data throughout the e