|Client ||:|| |
|Practice Area||:||Information Lifecycle Governance & Security|
The client is the global leader in networking and IT products - both hardware and software. With annual revenues close to $50 billion, the company has over 70,000 employees based out of 380 offices, a channel partner network of 70,000, and a presence in over 165 countries. It is the #1 or #2 in most markets that it serves and is one of the most innovative companies in the world. It sells industry-leading products in the core areas of routing and switching, as well as advanced technologies in areas such as Unified Communications, Network Security, Video, and Virtualization and Cloud Computing.
The client launched a proactive approach to masking personally-identifiable information in test data systems to protect itself from the consequences of major data breaches. Complex dependencies among the company’s testing applications threatened to make the data masking process a challenge.
The client collected sensitive customer data, including customer network information across 26 applications. These applications belong to Engineering, Customer Support, internal and external analytics applications and platforms. Major applications involve processing device statistics and configuration data files using a central collector. Such raw data contains sensitive information, including IP addresses, Host Names, device passwords. This information was trapped in log files, device data files and configuration files. Collector systems collect device data using various application methods, which then flow into internal production and nonproduction systems. The client's data protection policies restrict sensitive data to production systems only; hence all non-production systems require masking for sensitive information.
Anonymizing sensitive information in such unstructured files was the primary challenge. For example, a device collector file could contain more than 25,000+ semi-structured and unstructured files, many with sensitive information. Scanning and anonymizing such information was a challenge in itself.
The second challenge was to anonymize and subset data in non-production database applications, for development, test, QA and training purposes. These applications include customer data, as well as sensitive device and network information.
In addition to the above, the client was also looking to:
Estuate provided a comprehensive data masking solution to ensure data privacy across 26 applications.The majority of these applications involved processing device data collector files which contained sensitive information including IP Addresses, Host Names and passwords to name a few most challenging cases.
The sensitive information was trapped in log files, device data files and configuration files. Collector systems collected device data using various application methods. Estuate delivered a solution to scan such large unstructured files, create meaningful subsets and anonymize the data. A web component was also developed to upload files to the server to process semi-structured and unstructured data and replace within the file. The solution:
Estuate’s solution helps the client enhance and automate test data management to reduce cost, accelerate application delivery and lower risk. The solution:
Technical Lead, Engineering.