Database DevOps is the key to GDPR compliance

Redgate Software has conducted a major new data governance survey among SQL Server professionals which demonstrates there are important compliance issues that need to be addressed – and that a DevOps approach to database development can provide the answers.

  • 7 years ago Posted in
A first glimpse into the results of the 2017 Database Governance Implementation survey reveals that 61% of respondents use a copy of their production database in development, test or QA environments. With the upcoming General Data Protection Regulation (GDPR), this is a significant concern.
 
GDPR comes into force in May 2018 and will stop the use of copies of production databases in development unless personally identifiable information is masked. Any company or organization which collects, stores and analyzes the data of EU citizens, whether based in the EU or not, will also need to demonstrate compliance in an auditable manner.
 
This appears to be at odds with a DevOps approach to database development which requires the use of realistic data in development and testing in order to get accurate feedback earlier on in the process and avoid errors hitting production further down the line.
 
Tools and processes are emerging, however, that anonymize or mask data, yet keeps its structure similar to the data held in production, so that DevOps and compliance can work towards the same goal, rather than being seen as mutually exclusive.
 
Perhaps more importantly, the processes that DevOps introduce for delivering software in a consistent, reliable, and repeatable way also provide an audit trail of changes that are made, making it much easier to demonstrate compliance compared to an ad hoc manual approach.
 
A measure of the value of DevOps in resolving the issues that GDPR raises is that 64% of respondents to the new survey also agreed that a DevOps approach to the database has a positive impact on data governance.
 
As Kate Duggan, Marketing Manager at Redgate says: “More and more organizations are choosing to include the database in DevOps, but at the same time regulations governing the way data is used are being tightened. These initial results from the survey demonstrate that DevOps is an enabler for compliance, not a hindrance.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...