30 November 2017
30 November 2017

SQL Clone v2.4 – run scripts during image creation

SQL Clone 2.4 incorporates a new T-SQL script runner that the team can use to mask sensitive or personal data, or to modify security and other configuration settings, prior to creating a clone.

In SQL Clone, we first create an image, which is a full point-in-time copy of the database, and from this image we can create multiple clones, almost instantly. With the script runner, we can now run T-SQL scripts to modify an image, so that all clones created from this image contain masked data, for example, and are otherwise ‘fit for operational purpose’ in the target environment.

Why is the Script Runner needed?

Sometimes, developers need access to “real” data. By incorporating realistic data sets into their testing cycles, for example, they will find data compatibility issues earlier in the release pipeline, and be more confident that their test results will reflect the behavior seen in production. However, copying databases from production to non-production environments is not straightforward.

Firstly, the Ops team members have a responsibility to prevent access to personal data, and protect sensitive commercial data. This means that sensitive data, such as credit card numbers, must be removed or obfuscated, and personal data modified such that it can no longer be directly attributed to a specific data subject.

Secondly, some configuration changes may be required, to produce a working clone in the target environment. For example, you many need to change the source permissions by remapping users to their non-production logins. Many companies also store environment-specific configuration data like service endpoints in databases, which will need to be changed.

From our own research into DevOps provisioning, we already know that around 30% of companies use scripts to scrub sensitive data as part of their database provisioning process, and we suspect a lot more want to start doing so, to improve their compliance practices, particularly with the increasing awareness of the implications of the General Data Protection Regulation (GDPR).

How the Script Runner Works

We modify the image at the point of creation, simply by selecting the script to run:

This brings up a new window which confirms the modifications, image destination and name:

Following which, SQL Clone goes to work, making the required modifications. As soon as this is done, developers can use SQL Clone’s role-based permissions to self-serve deployment of clones to their development and test servers.

Summary

Introducing the script runner in SQL Clone allows users to run a script as part of their standard image creation process, to mask data or change permissions, and so on. This shortens the workflow, and makes compliance part of the database provisioning process, rather than a hindrance to it.

The script runner is just the first step in allowing users to modify databases as part of automated provisioning. We would love to hear what you want to see next. Are there other features that could make database provisioning easier? For more details on how you can use SQL Clone v2.4 to modify images prior to cloning, check the documentation here. You can download a full-featured 14 day trial from the Redgate website. Give it a try, and let us know what would accelerate your DevOps provisioning.

Tools in this post

SQL Clone

Clone SQL Server databases in seconds and save up to 99% disk space.

Find out more

Share this post.

Share on FacebookShare on Google+Share on LinkedInTweet about this on Twitter

You may also like

  • Article

    Team-based database development with SQL Clone

    For most development teams, the database provisioning process involves some element of compromise. Often, developers will work with the up-to-date database schema but only a small sample of test data, for example. It’s a fast, lightweight approach that is sufficient for most simple tests, but it doesn’t necessarily reveal exactly how the application will behave

  • Webinar

    Does your current provisioning process meet regulatory requirements?

    DevOps practices, applied to the database, aim to allow organizations to deploy databases at the frequency they need, without introducing an unrealistic administration burden, and without compromising that organization’s compliance with data privacy or security regulations. In this webinar, Product Manager Richard Macaskill explains how to incorporate Redgate’s new SQL Provision into your Database DevOps

  • Webinar

    How to keep your delivery processes secure with Database DevOps

    Extending DevOps practices to the database, brings additional advantages, ensuring you protect personal data across your SQL Server estate, while also improving the efficiency and quality of software delivery. We’ll explore the impact database DevOps has on regulatory and compliance requirements and how approaches such as automation, can improve accuracy, transparency, and faster recovery across the entire database development cycle.

  • Webinar

    Data privacy & protection: A logical extension to DevOps

    Are you considering data privacy and protection as part of your DevOps process? In light of legislation like GDPR, making sure that any personally identifiable information (PII) is protected as it moves through your development and testing environments, is now an essential part of the process to ensure that your Database DevOps practices are compliant.

  • Article

    Masking Data in Practice

    Even small extracts of data need to be created with caution, if they are for public consumption. Sensitive data can 'hide' in unexpected places, and apparently innocuous data can be combined with other information to expose information about identifiable individuals. If we need to deliver an entire database in obfuscated form, the problems can get harder. Phil Factor examines some of the basic data masking techniques, and the challenges inherent in masking certain types of sensitive and personal data, while ensuring it still looks like the real data, and preserving its referential integrity, and distribution characteristics.

  • Forums

    SQL Clone Forum

    Create SQL Server database copies in an instant