Learn about the growing concerns surrounding data security and compliance in non-production environments, as highlighted in the Delphix 2024 State of Data Compliance and Security Report.
Perforce Software, the DevOps company for global teams requiring speed, quality, security, and compliance at scale along the development lifecycle, announced the findings of the Delphix 2024 State of Data Compliance and Security Report. This inaugural report delivers exclusive research on the challenges of protecting sensitive data in non-production or lower environments, such as development, testing, analytics, and AI/ML.
“Our goal with this report is to share the realities of sensitive data exposures in non-production to help enterprises better protect their data moving forward,” said Ann Rosen, Director of Product Marketing for Delphix by Perforce. “Protecting sensitive data — data with personally identifiable information (PII) — in non-production has become more important over the years as cyberattacks target these environments. Companies need to do more to protect sensitive data.”
Also Read: What’s All the Buzz About AI Wealth Managers?
The report also reveals that the challenge of protecting sensitive data will only get more complex with the rise of AI. 85% of enterprises report concerns about regulatory non-compliance in AI environments. Even more troubling, 68% of organizations surveyed perceive a lack of solutions to tackle data privacy in AI environments.
“AI is transforming industries, and data is at the heart of AI,” said Rod Cope, Chief Technology Officer of Perforce Software. “When it comes to AI and data, it can be a double-edged sword. There’s a lot of excitement around the innovation possible in AI, but data in AI environments must be protected. The findings in the State of Data Compliance and Security Report underline the importance of complying with data privacy regulations in AI environments, too.”
91% of organizations are concerned about the expanded exposure footprint across all lower environments (including software development, testing, and data analytics). Yet 86% of organizations allow data compliance exceptions in non-production. As a result, 54% of organizations have already experienced a data breach or theft involving sensitive data in non-production environments. In Delphix’s experience, the consequences can be dire if this data is not protected. Indeed, 53% have already experienced audit issues and failures related to non-production.
To mitigate these concerns, organizations are turning to tools and approaches like static data masking, which 66% of organizations surveyed cited as a current solution.
Also Read: Data Quality in the Gutter? 3 Root Causes and How to Finally Fix ThemÂ
“We hear all the time from customers that exceptions are given because it’s too complicated and time-consuming to achieve compliance without slowing down development or impacting quality,” said David Wells, Product Lead of Compliance Products for Delphix by Perforce. “At Delphix and Perforce, we believe that with the right approach, you can achieve compliance rapidly without bottlenecking innovation. Static data masking is the best way to protect your test and development data. You need production-realistic data to detect defects as early as possible in the development lifecycle, but you certainly shouldn’t use production data for this purpose. That’s why we’re continuously evolving Delphix masking solutions to meet the ever-expanding data compliance landscape, regardless of data source or environment.”
