Home / Risks & Metrics Mistakes / Privacy and Metrics of Testing and Staging Environments

Privacy and Metrics of Testing and Staging Environments

The big hacks we have heard about have typically struck production environments, but staging environments sometimes have data worth stealing too. We need to become more mindful of the data used in CIAM (customer identity access management) systems and prevent untested code from reaching production. In an article for CSO magazine, Susan Morrow touches upon five areas of interest in protecting data:

  1. Data quality
  2. Data storage
  3. Code security
  4. Hardening endpoints
  5. Good security policy and best practice

Cover Your Data

Some of the time, the data you use will have to be real data, but ideally old data. Yet old data can still have some unfortunately valuable aspects to it. Morrow recommends using emulator data/data-masking if you can. Data should furthermore be encrypted in the same ways it would be in a production environment. And about code security, Morrow says this:

Secure coding practices should be a design remit before the developer even begins. Insecure coding techniques are behind many threats as they build vulnerabilities into the code. Code metrics and testing using external code analysis can help to build secure code, but your own internal test metrics should also become part of the ongoing test environment…

So basically, a lot of these tips keep harping on the same central point: Treat staging environments with the same security habits as production environments. And practice good hygiene with the way data is used.

For further elaboration, you can view the full article here: https://www.csoonline.com/article/3246060/identity-management/privacy-and-metrics-of-testing-and-staging-environments.html

About John Friscia

John Friscia is the Editor of Computer Aid's Accelerating IT Success. He began working for Computer Aid, Inc. in 2013 and continues to provide graphic design support for AITS. He graduated summa cum laude from Shippensburg University with a B.A. in English.

Check Also

5 Reasons Why More Data Doesn’t Guarantee Better Decisions

Analysis paralysis is not the only reason why an abundance of data still fails to …

Leave a Reply

Your email address will not be published. Required fields are marked *

Sorry, but this content
is for our subscribers only!

But subscribing to ACCELERATING IT SUCCESS is FREE and only one click away!
Join more than 40,000 IT Professionals and get the best IT management articles to your mailbox with Accelerating IT Success!

Unsubscribe at any time