Security Slideshow: Real Data Rampant During Development

By Ericka Chickowski  |  Posted 08-20-2009

Real Data Rampant During Development

Organizations leave themselves vulnerable to attack by ignoring security throughout their application development and testing process, according to a new study by Ponemon Institute and MicroFocus. The comprehensive look into data security during testing is the result of a survey of more than 1,350 IT practitioners in the US and the UK who work for enterprises with revenues from $10 million to over $20 billion.

Real Data Rampant During Development

Real Data Rampant During Development - Page 2

Approximately 80% of practitioners in the US and 77% in the UK admit that they're using real production data as a part of their application development and testing cycles.

Real Data Rampant During Development - Page 2

Real Data Rampant During Development - Page 3

Some of the most common data being used includes sensitive information such as customer records, employee records and credit card numbers, respondents reported.

Real Data Rampant During Development - Page 3

Real Data Rampant During Development - Page 4

Approximately 71% of US practitioners and 57% of those in the UK disagree or are unsure that they have the right policies and procedures to meet their security needs.

Real Data Rampant During Development - Page 4

Real Data Rampant During Development - Page 5

When they do use production data during development and testing, 67% of US and 72% of UK organizations do not use data masking to protect data.

Real Data Rampant During Development - Page 5

Real Data Rampant During Development - Page 6

Slightly less than half of all respondents say that the protection of sensitive data in development and testing environments is less stringent than similar security over the same data in production.

Real Data Rampant During Development - Page 6

Real Data Rampant During Development - Page 7

Approximately 82% of US and 75% of UK organizations interviewed have experienced one or more data breaches.

Real Data Rampant During Development - Page 7

Real Data Rampant During Development - Page 8

About three quarters of all organizations report that they use files with more than one terabyte of real data in development and testing.

Real Data Rampant During Development - Page 8

Real Data Rampant During Development - Page 9

Third-party outsourcers are one of the most common culprits for costly data breaches, yet 75% of US organizations and 60% of UK organizations send real data to third-parties in charge of development and testing.

Real Data Rampant During Development - Page 9

Real Data Rampant During Development - Page 10

Approximately 60% of UK and 61% of US practitioners think the protection of live data in development and testing is an important compliance objective.

Real Data Rampant During Development - Page 10