Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010343225 | QA76.9.A25 R348 2013 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
The Complete Book of Data Anonymization: From Planning to Implementation supplies a 360-degree view of data privacy protection using data anonymization. It examines data anonymization from both a practitioner's and a program sponsor's perspective. Discussing analysis, planning, setup, and governance, it illustrates the entire process of adapting and implementing anonymization tools and programs.
Part I of the book begins by explaining what data anonymization is. It describes how to scope a data anonymization program as well as the challenges involved when planning for this initiative at an enterprisewide level.
Part II describes the different solution patterns and techniques available for data anonymization. It explains how to select a pattern and technique and provides a phased approach towards data anonymization for an application.
A cutting-edge guide to data anonymization implementation, this book delves far beyond data anonymization techniques to supply you with the wide-ranging perspective required to ensure comprehensive protection against misuse of data.
Author Notes
Balaji Raghunathan has more than 20 years of experience in the software industry. As part of his current role as General Manager, Technology Consulting & Enterprise Architecture, at ITC Infotech, Balaji Raghunathan is responsible for helping the clients of ITC Infotech simplify their technology landscape, assess their readiness for digital initiatives, modernize their technology architecture and prepare them for their digital journey
Balaji Raghunathan has also lead the delivery of digital projects for banking, financial services, and insurance customers as well as helped them define their digital strategy. He has lead strategy engagements for enterprise mobility initiatives as well as developed, managed and commercialized intellectual property (IP) during his prior stints with Capgemini and Infosys. During the last decade, Balaji Raghunathan has been involved in architecting software solutions for the energy, utilities, publishing, transportation, retail, and banking industries
Balaji Raghunathan's core areas of interest revolves around digital technology strategy, data privacy management and enterprise mobility. He is an avid blogger on Digital Technology Strategy, and has authored the book "The Complete Book of Data Anonymization-From Planning to Implementation". He has also the co-authored a chapter "Mobility and Its Impact on Enterprise Security" for the book "Information Security Management Handbook, Sixth Edition, Volume 7."
He holds a patent on "System and Method for Runtime Data Anonymization" and has a pending patent on "System and Method for categorization of Social Media Conversation for Response Management."
He is a TOGAF 8.0 and ICMG-WWISA Certified Software Architect.
Balaji Raghunathan has a postgraduate diploma in business administration (finance) from Symbiosis Institute (SCDL), Pune, India and has an engineering degree (electrical and electronics) from Bangalore University, India. He has also completed a Senior Leadership Certificate course from Indian Institute of Management, Kozhikode.
Table of Contents
Introduction | p. xiii |
Acknowledgments | p. xv |
About the Author | p. xix |
Chapter 1 Overview of Data Anonymization | p. 1 |
Points to Ponder | p. 1 |
PII | p. 2 |
PHI | p. 4 |
What Is Data Anonymization? | p. 4 |
What Are the Drivers for Data Anonymization? | p. 5 |
The Need to Protect Sensitive Data Handled as Part of Business | p. 5 |
Increasing Instances of Insider Data Leakage, Misuse of Personal Data, and the Lure of Money for Mischievous Insiders | p. 6 |
Astronomical Cost to the Business Due to Misuse of Personal Data | p. 7 |
Risks Arising out of Operational Factors Such as Outsourcing and Partner Collaboration | p. 8 |
Legal and Compliance Requirements | p. 8 |
Will Procuring and Implementing a Data Anonymization Tool by Itself Ensure Protection of Privacy of Sensitive Data? | p. 9 |
Ambiguity of Operational Aspects | p. 10 |
Allowing the Same Users to Access Both Masked and Unmasked Environments | p. 10 |
Lack of Buy-In from IT Application Developers, Testers, and End-Users | p. 10 |
Compartmentalized Approach to Data Anonymization | p. 11 |
Absence of Data Privacy Protection Policies or Weak Enforcement of Data Privacy Policies | p. 11 |
Benefits of Data Anonymization Implementation | p. 11 |
Conclusion | p. 12 |
References | p. 12 |
Part I Data Anonymization Program Sponsor's Guidebook | |
Chapter 2 Enterprise Data Privacy Governance Model | p. 19 |
Points to Ponder | p. 19 |
Chief Privacy Officer | p. 20 |
Unit/Department Privacy Compliance Officers | p. 22 |
The Steering Committee for Data Privacy Protection Initiatives | p. 22 |
Management Representatives | p. 23 |
Information Security and Risk Department Representatives | p. 23 |
Representatives from the Departmental Security and Privacy Compliance Officers | p. 24 |
Incident Response Team | p. 24 |
The Role of the Employee in Privacy Protection | p. 25 |
The Role of the CIO | p. 26 |
Typical Ways Enterprises Enforce Privacy Policies | p. 26 |
Conclusion | p. 26 |
Chapter 3 Enterprise Data Classification Policy and Privacy Laws | p. 29 |
Points to Ponder | p. 29 |
Regulatory Compliance | p. 30 |
Enterprise Data Classification | p. 34 |
Points to Consider | p. 36 |
Controls for Each Class of Enterprise Data | p. 36 |
Conclusion | p. 37 |
Chapter 4 Operational Processes, Guidelines, and Controls for Enterprise Data Privacy Protection | p. 39 |
Points to Ponder | p. 39 |
Privacy Incident Management | p. 43 |
Planning for Incident Resolution | p. 44 |
Preparation | p. 45 |
Incident Capture | p. 46 |
Incident Response | p. 47 |
Post Incident Analysis | p. 47 |
Guidelines and Best Practices | p. 48 |
PII/PHI Collection Guidelines | p. 48 |
Guidelines for Storage and Transmission of PII/PHI | p. 49 |
PII/PHI Usage Guidelines | p. 49 |
Guidelines for Storing PII/PHI on Portable Devices and Storage Devices | p. 50 |
Guidelines for Staff | p. 50 |
Conclusion | p. 50 |
References | p. 51 |
Chapter 5 The Different Phases of a Data Anonymization Program | p. 53 |
Points to Ponder | p. 53 |
How Should I Go about the Enterprise Data Anonymization Program? | p. 53 |
The Assessment Phase | p. 54 |
Tool Evaluation and Solution Definition Phase | p. 56 |
Data Anonymization Implementation Phase | p. 56 |
Operations Phase or the Steady-State Phase | p. 57 |
Food for Thought | p. 58 |
When Should the Organization Invest in a Data Anonymization Exercise? | p. 58 |
The Organization's Security Policies Mandate Authorization to Be Built into Every Application. Won't this Be Sufficient? Why is Data Anonymization Needed? | p. 58 |
Is There a Business Case for a Data Anonymization Program in My Organization? | p. 59 |
When Can a Data Anonymization Program Be Called a Successful One? | p. 60 |
Why Should I Go for a Data Anonymization Tool When SQL Encryption Scripts Can Be Used to Anonymize Data? | p. 61 |
Challenges with Using the SQL Encryption Scripts Approach for Data Anonymization | p. 61 |
What Are the Benefits Provided by Data Masking Tools for Data Anonymization? | p. 62 |
Why Is a Tool Evaluation Phase Needed? | p. 62 |
Who Should Implement Data Anonymization? Should It Be the Tool Vendor, the IT Service Partner, External Consultants, or Internal Employees? | p. 63 |
How Many Rounds of Testing Must Be Planned to Certify That Application Behavior Is Unchanged with Use of Anonymized Data? | p. 64 |
Conclusion | p. 64 |
Reference | p. 65 |
Chapter 6 Departments Involved in Enterprise Data Anonymization Program | p. 67 |
Points to Ponder | p. 67 |
The Role of the Information Security and Risk Department | p. 67 |
The Role of the Legal Department | p. 68 |
The Role of Application Owners and Business Analysts | p. 70 |
The Role of Administrators | p. 70 |
The Role of the Project Management Office (PMO) | p. 71 |
The Role of the Finance Department | p. 71 |
Steering Committee | p. 71 |
Conclusion | p. 72 |
Chapter 7 Privacy Meter-Assessing the Maturity of Data Privacy Protection Practices in the Organization | p. 75 |
Points to Ponder | p. 75 |
Planning a Data Anonymization Implementation | p. 78 |
Conclusion | p. 79 |
Chapter 8 Enterprise Data Anonymization Execution Model | p. 83 |
Points to Ponder | p. 83 |
Decentralized Model | p. 84 |
Centralized Anonymization Setup | p. 85 |
Shared Services Model | p. 86 |
Conclusion | p. 87 |
Chapter 9 Tools and Technology | p. 89 |
Points to Ponder | p. 89 |
Shortlisting Tools for Evaluation | p. 91 |
Tool Evaluation and Selection | p. 92 |
Functional Capabilities | p. 92 |
Technical Capabilities | p. 96 |
Operational Capabilities | p. 99 |
Financial Parameters | p. 99 |
Scoring Criteria for Evaluation | p. 101 |
Conclusion | p. 101 |
Chapter 10 Anonymization Implementation-Activities and Effort | p. 103 |
Points to Ponder | p. 103 |
Anonymization Implementation Activities for an Application | p. 104 |
Application Anonymization Analysis and Design | p. 104 |
Anonymization Environment Setup | p. 105 |
Application Anonymization Configuration and Build | p. 105 |
Anonymized Application Testing | p. 105 |
Complexity Criteria | p. 105 |
Application Characteristics | p. 106 |
Environment Dependencies | p. 106 |
Arriving at an Effort Estimation Model | p. 107 |
Case Study | p. 108 |
Context | p. 108 |
Estimation Approach | p. 109 |
Application Characteristics for LOANADM | p. 110 |
Arriving at a Ball Park Estimate | p. 110 |
Conclusion | p. 111 |
Chapter 11 The Next Wave of Data Privacy Challenges | p. 113 |
Part II Data Anonymization Practitioner's Guide | |
Chapter 12 Data Anonymization Patterns | p. 119 |
Points to Ponder | p. 119 |
Pattern Overview | p. 119 |
Conclusion | p. 121 |
Chapter 13 Data State Anonymization Patterns | p. 123 |
Points to Ponder | p. 123 |
Principles of Anonymization | p. 123 |
Static Masking Patterns | p. 124 |
EAL Pattern (Extract-Anonymize-Load Pattern) | p. 125 |
ELA Pattern (Extract-Load-Anonymize Pattern) | p. 125 |
Data Subsetting | p. 126 |
Dynamic Masking | p. 128 |
Dynamic Masking Patterns | p. 128 |
Interception Pattern | p. 129 |
When Should Interception Patterns be Selected and on What Basis? | p. 130 |
Challenges Faced When Implementing Dynamic Masking Leveraging Interception Patterns | p. 132 |
Invocation Pattern | p. 132 |
Application of Dynamic Masking Patterns | p. 133 |
Dynamic Masking versus Static Masking | p. 133 |
Conclusion | p. 134 |
Chapter 14 Anonymization Environment Patterns | p. 137 |
Points to Ponder | p. 137 |
Application Environments in an Enterprise | p. 137 |
Testing Environments | p. 139 |
Standalone Environment | p. 140 |
Integration Environment | p. 141 |
Automated Integration Test Environment | p. 144 |
Scaled-Down Integration Test Environment | p. 148 |
Conclusion | p. 150 |
Chapter 15 Data Flow Patterns Across Environments | p. 153 |
Points to Ponder | p. 153 |
Flow of Data from Production Environment Databases to Nonproduction Environment Databases | p. 153 |
Controls Followed | p. 155 |
Movement of Anonymized Files from Production Environment to Nonproduction Environments | p. 155 |
Controls | p. 157 |
Masked Environment for Integration Testing-Case Study | p. 157 |
Objectives of the Anonymization Solution | p. 158 |
Key Anonymization Solution Principles | p. 158 |
Solution Implementation | p. 159 |
Anonymization Environment Design | p. 160 |
Anonymization Solution | p. 161 |
Anonymization Solution for the Regression Test/Functional Testing Environment | p. 163 |
Anonymization Solution for an Integration Testing Environment | p. 163 |
Anonymization Solution for UAT Environment | p. 164 |
Anonymization Solution for Preproduction Environment | p. 164 |
Anonymization Solution for Performance Test Environment | p. 165 |
Anonymization Solution for Training Environment | p. 166 |
Reusing the Anonymization Infrastructure across the Various Environments | p. 166 |
Conclusion | p. 169 |
Anonymization Environment Design | p. 169 |
Chapter 16 Data Anonymization Techniques | p. 171 |
Points to Ponder | p. 171 |
Basic Anonymization Techniques | p. 172 |
Substitution | p. 172 |
Shuffling | p. 174 |
Number Variance | p. 176 |
Date Variance | p. 177 |
Character Masking | p. 181 |
Cryptographic Techniques | p. 182 |
Partial Sensitivity and Partial Masking | p. 185 |
Masking Based on External Dependancy | p. 185 |
Auxiliary Anonymization Techniques | p. 186 |
Alternate Classification of Data Anonymization Techniques | p. 189 |
Leveraging Data Anonymization Techniques | p. 190 |
Case Study | p. 191 |
Input File Structure | p. 191 |
AppTable Structure | p. 191 |
Output File Structure | p. 194 |
Solution | p. 194 |
Conclusion | p. 195 |
Data Anonymization Mandatory and Optional Principles | p. 196 |
Reference | p. 196 |
Chapter 17 Data Anonymization Implementation | p. 197 |
Points to Ponder | p. 197 |
Prerequisites before Starting Anonymization Implementation Activities | p. 199 |
Sensitivity Definition Readiness-What Is Considered Sensitive Data by the Organization? | p. 199 |
Sensitive Data Discovery-Where Do Sensitive Data Exist? | p. 200 |
Application Architecture Analysis | p. 200 |
Application Sensitivity Analysis | p. 202 |
What Is the Sensitivity Level and How Do We Prioritize Sensitive Fields for Treatment? | p. 203 |
Case Study | p. 204 |
Anonymization Design Phase | p. 208 |
Choosing an Anomymization Technique for Anonymization of Each Sensitive Field | p. 208 |
Choosing a Pattern for Anonymization | p. 209 |
Anonymization Implementation, Testing, and Rollout Phase | p. 211 |
Anonymization Controls | p. 212 |
Anonymization Operations | p. 213 |
Incorporation of Privacy Protection Procedures as Part of Software Development Life Cycle and Application Life Cycle for New Applications | p. 214 |
Impact on SDLC Team | p. 216 |
Challenges Faced as Part of Any Data Anonymization Implementation | p. 216 |
General Challenges | p. 216 |
Functional, Technical, and Process Challenges | p. 217 |
People Challenges | p. 219 |
Best Practices to Ensure Success of Anonymization Projects | p. 220 |
Creation of an Enterprise-Sensitive Data Repository | p. 220 |
Engaging Multiple Stakeholders Early | p. 220 |
Incorporating Privacy Protection Practices into SDLC and Application Life Cycle | p. 220 |
Conclusion | p. 221 |
References | p. 221 |
Appendix A Glossary | p. 223 |
Index | p. 229 |