"The lack of referential integrity in the data we were using was causing the applications to fail in the test database on one of our current projects. This had a large impact on the test team, as our testers were trying to set-up test conditions with little regard to data integrity. We used Datamaker to create referential data from the ground up, which tackled these problems."
From October 2009, PCI compliance went from "best practice" to mandatory for those in the finance industry. All merchants processing less than one million transactions annually must now process using a PCI DSS certified provider or provide certification of their own PCI DSS compliance to their acquiring bank. This mandate follows changes to Visa’s Account Information Security Programme.
The payment card industry’s (PCI) data security standards (DSS) are a set of comprehensive requirements for enhancing payment account data security for credit card companies and any company they exchange information with. They were developed by the founding payment brands of the PCI Security Standards Council, including; American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis. They outline the standards for protecting cardholder data that is stored, transmitted or processed. The regulations are relevant for payment card processors, point of sale vendors & financial institutions. They also present the regulations for implementing security management policies, procedures, network architecture, design and other critical measures to improve electronic payments. The compliance measures involve establishing strict security policies, processes and procedures for all companies administering payment card information.
Any company that conducts business using credit cards and any company that belongs to the PCI Security Standards Council or does business with them:
Penalties and fines for breaches:
Your organization’s test data management initiatives are likely to focus on the generation or creation of compliant test or development data, and the management of this data. Many financial organizations are looking to share and manipulate production-like data across their test and development teams in highly complex environments.
Due to recent regulatory initiatives globally, organizations are strongly discouraged or restricted from using “live” data in non-production environments. Likewise, in order to reduce complexity, reduce storage costs and increase productivity, many organizations are looking for alternatives to using and maintaining copies of large production databases in non-production environments.
Grid-Tools offers the flexibility to create data which models the referential and business integrity of production environments and/or mask and de-identify production data; providing your organization with rich, relationally correct, compliant data sets. The result is less data, but more variety. This offers a flexible solution and a strategic method, with the data transforming into a reusable asset. Read more about our test data management solution, Datamaker™, here.
The creation of synthetic or masked data targets the problem of editing, hacking and manipulating production data; reducing test and development cycles, reducing disk space and saving time and money. It also eliminates the need to manually ensure your company’s financial records remain confidential.Back to the top