Data protection has been an important topic for many years and especially in the software sector, numerous companies are concerned with securing and handling data sets in a GDPR-compliant manner.
Developers face the challenge that software tests are only meaningful and compliant with logically consistent and GDPR-compliant data. For this reason, test data should at best be as similar as possible to production data without allowing conclusions to be drawn about the respective individuals. But what exactly is production data? And how does it differ from synthetic data? In the fourth part of our Libelle IT Glossary, we take a closer look at these questions.
The EU's General Data Protection Regulation (GDPR) means that companies must take steps to ensure the highest possible level of protection for personal data in all applications in use. This includes the entire lifecycle of production data, starting with its collection and ending with its archiving.
Production data is the data that is actually "productive," i.e., live in use. For example, it is used for quotation and invoicing purposes. These data records are used in the so-called production system, the heart of a system landscape.
Each of these IT system landscapes is continually adapted to the needs of the company and its customers. It should be noted that extensive testing is required when new applications are created, or systems are maintained.
In contrast to production data, synthetic data are generated artificially and thus not from "real" events. They are created using algorithms and used as test data. Synthetic data thus offers the opportunity to test new applications, for example, without running the risk of identifying a single customer.
For example, our customers build load test systems, i.e., systems that should have a dataset close to production, in order to subject new or further developed applications to a load or stress test. And these systems must not contain any information about real customers, business partners and the like.
Other customers want to perform analyses and statistical calculations with employee data. Without exception, the data collected for this purpose must not be traced back to individual persons, the entire workforce, or departments within the company.
Synthetic data enables companies to work with realistic data sets during development. Among other things, they can gain industry-specific insights or improve internal and external collaboration with partners and departments. And all of this is GDPR-compliant.
Libelle IT Group has developed a solution for the required anonymization and pseudonymization here with Libelle DataMasking. The solution was designed for GDPR-compliant use of anonymized, logically consistent data on development, test and QA systems across all platforms.
The anonymization methods used deliver realistic, logically correct values that can be used to describe relevant business cases and test them in a meaningful end-to-end manner. Furthermore, developers as well as users have a "clean" database at their disposal, with which they do not have to worry about data protection.