Generating data for test and development environments presents serious challenges for enterprise security and risk management. When data is copied from production databases and used directly for test/development, large volumes of private data accumulate on unprotected servers and workstations. The use of outsourced and offshore QA and development services further increases the risks. An alarming number of data breaches, along with complex regulatory compliance requirements, highlight the need to de-identify sensitive data when moving from production to test, development, and training environments.
