The eperi Gateway includes multiple functions that focus on protecting cloud data – but also meet general data protection requirements at the same time. This is why eperi continues to develop new products based on its patented template concept. And the latest is an adapter used for the generation of test data.
GDPR, PCI-DSS and other legal regulations have changed how companies work with personal data, and this also applies to data used for development, testing and software training, such as for CRM systems or human resources software. These strict requirements forbid the use of sensitive information for any purposes other than the one for which it was collected. That’s why production data shouldn’t be used in a test environment. If companies do so regardless, they risk huge fines.
The biggest challenge with test data is that companies need to keep the structure and format of the real data to reproduce any errors which may crop up later, once their application is using production data. But they can’t use the information as is – and this is where eperi comes in. It makes the test data generation process far smoother. Customers can achieve the necessary compliance in four simple steps, even with test data.
- The application is implemented on a server or VM in the customer’s datacenter. So, developers and testers have no access to the target application as nothing needs to be installed specially for them.
- Customers can decide whether a particular value, CSV file or database should be anonymized. They can set up the anonymization web service themselves or connect the eperi Gateway to the relevant database.
- Customers will also find it easy to set up rules for specific values or columns that must be anonymized or pseudonymized.
- The process can be triggered as often as required and can even use several Gateways in parallel for very large data volumes.
To facilitate work with test data, eperi has added a tokenizer to produce pronounceable character strings. Here’s an example of how it works. When a CRM system is being tested, someone may need to give the name of an account holder to another person on the phone. Randomly generated character strings, such as Xbfegt, make this very awkward and can lead to misunderstandings.
But the eperi Gateway tokenization function goes even further. It enables customers to design their own tokenizer based on the RegEx or other tokenizer. That anonymizes the relevant parts of the live credit card data so that they will correspond to the dummy payment card format.
In addition, the generated values can either represent the statistical distribution of the original values or be completely independent of it (= unique token). With the eperi Gateway, customers can also map all of the lines in a column to the same target data or ensure that certain columns in the target table are completely omitted in order to reduce the data volume. They are also free to decide whether to keep the original value, making it easier to convert the generated data back to the original if necessary, or to remove it.
All this is very affordable. Customers don’t need to make any changes to their target applications, so there is very little integration work. They can even use eperi test data generation if they have different source and target databases in the test and production environments, such as DB2 and Oracle. The eperi Gateway handles the compatibility between the two environments with no problem.
And that’s still not all! As mentioned above, real customer data is used increasingly often as training data for software like artificial intelligence (AI). In the future, eperi plans to offer alternatives to data storage, which is why we’re participating in a research project at the University of Applied Sciences in Würzburg. This project, which looks at the use of test data in IoT environments with AI, generates and analyzes bulk data that could provide potentially dangerous insight into critical business processes if it were to fall into the wrong hands
Recommended for You