Using live data outside production is one of the fastest ways to create compliance risk, because it quickly becomes harder to control who can access it, how it is handled, and how long it is kept. A Test Data Management (TDM) approach provides exactly the kind of controls SOC 2 auditors look for in this situation: an automated, traceable end-to-end process for protecting, provisioning, and removing customer data so it can be used safely in non-production environments. Read more
This article demonstrates simple techniques to security-check any processes that use Bash or PowerShell scripts to automate database tasks, when using Flyway. These checks help ensure a script is trusted, hasn't been tampered with since creation, and doesn't contain commands commonly used with malicious intent. They add a valuable layer of protection, without sacrificing the power and flexibility that makes Flyway so effective. Read more
William Brewer explains how to make data governance a continuous organizational activity, based on well-established standards and practices, rather than a knee-jerk response, and which skills and tools will help you achieve compliance, including SQL Data Catalog for discovery and classification of data held in SQL Server. Read more
In the event of a breach of personal data, any organization must produce proof that they understand what data they hold and where, and how it is being used, and that they have enforced the required standards for access control and security. To make all this possible, it is essential to build a complete model of the data and its lineage, and a data catalog is the first step in this process. Read more
