Create, protect, and manage databases for compliant DevOps

Transcription

1

2 Create, protect, and manage databases for compliant DevOps

3 26 years SQL Server data experience DBA, developer, manager, writer, speaker in a variety of companies and industries Founder, SQLServerCentral And current editor, with the goal of helping you learn to be a better data professional every day Steve Jones Evangelist, Redgate Software Editor, SQLServerCentral 10 years Microsoft Data Platform MVP I have been honored to be recognized by Microsoft for the last decade as an MVP

4 Data Compliance in Software Delivery 1. What do you process? 2. What needs protecting? 3. Who has access and for what purpose? 4. How can you demonstrate adequate protection? Move from tell me to show me consistent processes are key

5 What is DevOps DevOps is the union of people, process, and products to enable continuous delivery of value to our end users. Donovan Brown, Principal DevOps Program Manager, Microsoft

6 Achieving Database DevOps Success Continuous Integration & Deployment Environments & Deployment Protecting & Preserving Data

7 Provisioning is a Blocker to Both Time Data security restrictions Limited Testing Storage and sprawl Shared environment conflicts

8 Demo Provisioning Environments

9 Conflicts to solve Teams want to move fast up-to-date, realistic data on-demand access to DBAs must protect data all copies of data accounted for sensitive data must be sanitized consistent database copies

10 Why Increasing tide of laws & legislation HIPAA, DPA, SOX, PCI, EU GDPR, NIST (draft, revision 5) Ongoing industry specific regulations & requirements Securities & Exchanges Commission (SEC) Federal Trade Commission, Commodity Futures Trading Commission (CFTC), The Financial Conduct Authority, NHS Digital Non-compliant fines or prison!

11 And Data Breaches are the New Normal Data Breaches Millions of Records Exposed Source: Identity Theft Resource Center

12 Most organizations do copy-down live data

13 Software teams want to use Production data

14 Data Minimisation limited to what is necessary in relation to the purposes for which they are processed - GDPR reasonably limit uses and disclosures to the minimum necessary to accomplish their intended purpose - HIPAA Data minimisation is not about deleting all your data

15 Sanitizing Data for Non-production use De-identified Pseudonymized Anonymized

16 Demo Masking Data

17 What Compliant Provisioning Looks Like Single central view of database copies Control over creation and access Mechanism to sanitise data classified as sensitive Consistent (automated) process are easier to audit Record of activities

18 SQL Provision: Create, protect and manage provisioning SQL Clone + Data Masker

19 Key Benefits Virtualize Protect Automate Manage Save time provisioning Save 99% storage space Local, isolated development Mask sensitive data for compliance Customize data masking Automate repeatable processes Fewer provisioning requests Central auditable view of database copies Role-based provisioning Accurate testing using realistic data rules at scale permissions

20 Demo SQL Provision for Teams

21 Create, protect and manage SQL Server Databases copies for compliant DevOps Reduce provisioning tickets and accelerate delivery to unblock the team Self service Automation Reduce the time spent juggling disk space Sanitize sensitive data for compliance Give teams their own production-like databases to increase time to market Shift testing left to find issues early using realistic data and identify the change impact Single central view of provisioning activities

22 SQL Provision - Move fast and keep your data safe DevOps Solution Data Privacy and Protection Solution +

23 Thank you red-gate.com/hub /in/way0utwest