In a new survey of 207 IT and data executives, respondents report that their organizations are behind the curve when it comes to managing the risks that could come from exposing live data to less secure settings—including development departments and outside contractors. This is an Achilles’ heel that is being overlooked in data security efforts. The survey, which drew responses from the membership of the Independent Oracle Users Group (IOUG), was conducted by Unisphere Research, a division of Information Today, Inc., and sponsored by IBM.
Mining the data assets being gathered from all corners of their enterprise and beyond — transactions, customer data, employee input, and information about market conditions - has been essential to companies in uncovering new opportunities. However, in the rush to deliver results, many IT and development departments take shortcuts within the testing process, taking live data right out of production environments to run through testing, development and quality assurance (QA) processes. Employing production data is considered the most expedient way to test new and updated applications.
But creating copies of this data exposes organizations to new— and avoidable—security risks. In addition, resources are being stretched, in the interest of doing things better faster and cheaper. Add exploding volumes of enterprise data, and this scenario creates gaps in terms of exposure and money to organizations.
Among the key findings uncovered by the study is that at the same time that the size and sophistication of applications are increasing, testing windows are also tightening. About a third of respondents report they are unable to keep pace with heightened demands, and a majority of respondents are not seeing appreciable growth in staff to help address burgeoning testing, development and QA requirements. To meet these requirements, two-thirds use outside services at least some of the time to augment their testing efforts.
The executive summary of the report titled “Testing the Bounds of Data Governance: 2012 IOUG Test Development & QA Survey” is publicly available - and IOUG members may log in to access the full report - at www.ioug.org/p/cm/ld/fid=91.