1st Edition
The Complete Book of Data Anonymization From Planning to Implementation
The Complete Book of Data Anonymization: From Planning to Implementation supplies a 360-degree view of data privacy protection using data anonymization. It examines data anonymization from both a practitioner's and a program sponsor's perspective. Discussing analysis, planning, setup, and governance, it illustrates the entire process of adapting and implementing anonymization tools and programs.
Part I of the book begins by explaining what data anonymization is. It describes how to scope a data anonymization program as well as the challenges involved when planning for this initiative at an enterprisewide level.
Part II describes the different solution patterns and techniques available for data anonymization. It explains how to select a pattern and technique and provides a phased approach towards data anonymization for an application.
A cutting-edge guide to data anonymization implementation, this book delves far beyond data anonymization techniques to supply you with the wide-ranging perspective required to ensure comprehensive protection against misuse of data.
Overview of Data Anonymization
Points to Ponder
PII
PHI
What is Data Anonymization?
What are the Drivers for Data Anonymization?
The Need To Protect Sensitive Data Handled As Part Of Business
Increasing Instances of Insider Data Leakage, Misuse of Personal Data and the Lure of Money for Mischievous Insiders
Employees Getting Even With Employers
Negligence of Employees to Sensitivity of Personal Data
Astronomical Cost to the Business due to Misuse of Personal Data
Risks Arising out of Operational Factors Like Outsourcing and Partner Collaboration
Outsourcing Of IT Application Development, Testing And Support
Increasing Collaboration With Partners
Legal and Compliance Requirements
Will Procuring and Implementing a Data Anonymization Tool by Itself Ensure Protection of Privacy of Sensitive Data?
Ambiguity of Operational Aspects
Allowing the Same Users to Access both Masked and Unmasked Environment
Lack Of Buy-In From IT Application Developers, Testers and End-Users
Compartmentalized Approach to Data Anonymization
Absence of Data Privacy Protection Policies or Weak enforcement of Data Privacy Policies
Benefits Of Data Anonymization Implementation
DATA ANONYMIZATION PROGRAM SPONSOR’S GUIDEBOOK
Enterprise Data Privacy Governance Model
Points to Ponder
Chief Privacy Officer
Unit /Department Privacy Compliance Officers
The Steering Committee for Data Privacy Protection Initiatives
Management Representatives
Information Security And Risk Department Representatives
Representatives from the Department Security and Privacy Compliance Officers
Incident Response Team
The Role of the Employee in Privacy Protection
The Role of the CIO
Typical Ways Enterprises Enforce Privacy Policies
Enterprise Data Classification Policy and Privacy Laws
Points to Ponder
Regulatory Compliance
Enterprise Data Classification
Points to Consider
Controls For Each Class Of Enterprise Data
Operational Processes, Guidelines and Controls for Enterprise Data Privacy Protection
Points to Ponder
Privacy Incident Management
Planning for Incident Resolution
Preparation
Incident Capture
Incident Response
Post Incident Analysis
Guidelines and Best Practices
PII/PHI Collection Guidelines
Guidelines for Storage and Transmission of PII/PHI
PII/PHI Usage Guidelines
Guidelines for Storing PII/PHI on Portable Devices and Storage Devices
Guidelines for Staff
The Different Phases of a Data Anonymization Program
Points to Ponder
How Should I Go about the Enterprise Data Anonymization Program?
The Assessment Phase
Tool Evaluation and Solution Definition Phase
Data Anonymization Implementation Phase
Operations Phase or the Steady-State phase
Food For Thought
When Should the Organization Invest on a Data Anonymization Exercise?
The Organization’s Security Policies Anyway Mandate Authorization to be Built-in For Every Application. Won’t This be Sufficient? Why is Data Anonymization Needed?
Is there a Business Case for Data Anonymization Program in My Organization?
When Can a Data Anonymization Program be Called as a Successful One?
Why Should I go for a Data Anonymization Tool when SQL Encryption Scripts Can be Used to Anonymize Data?
What are the Benefits Provided by Data Masking Tools for Data Anonymization?
Why is a Tool Evaluation Phase Needed?
Who Should Implement Data Anonymization? Should it be the Tool Vendor or the IT Service Partner or External Consultants or Internal Employees?
How Many Rounds of Testing Must be Planned to Certify that Application Behavior is Unchanged with use of Anonymized Data?
Departments Involved in Enterprise Data Anonymization Program
Points to Ponder
The Role of the Information Security and Risk Department
The Role of the Legal Department
The Role of Application Owners and Business Analysts
The Role of Administrators
The Role of the Project Management Office (PMO)
The Role of the Finance department
Steering Committee
Privacy Meter- Assessing The Maturity Of Data Privacy Protection Practices In The Organization
Points to Ponder
Planning A Data Anonymization Implementation
Data Privacy Maturity Model
Enterprise Data Anonymization Execution Model
Points to Ponder
Decentralized Model
Centralized Anonymization Setup
Shared Services Model
Tools and Technology
Points to Ponder
Shortlisting Tools for Evaluation
Tool Evaluation and Selection
Functional Capabilities
Technical Capabilities
Operational Capabilities
Financial Parameters
Scoring criteria for Evaluation
Anonymization Implementation – Activities & Effort
Points to Ponder
Anonymization Implementation Activities For An Application
Application Anonymization Analysis and Design
Anonymization Environment Setup
Application Anonymization Configuration and Build
Anonymized Application Testing
Complexity Criteria
Application Characteristics
Environment Dependencies
Arriving at an Effort Estimation Model
Definition of Complexity Criteria
Ready-Reckoner Preparation
Determination Of The Complexity Of The Application To Be Anonymized
Assignment of Effort to Each Activity Based on the Ready-Reckoner
Case Study
Context
Estimation Approach
Application Complexity
Arriving at a Ball Park Estimate
The Next Wave of Data Privacy Challenges
DATA ANONYMIZATION PRACTITIONERS GUIDE
Data Anonymization Patterns
Points to Ponder
Pattern Overview
Data State Anonymization Patterns
Points to Ponder
Principles of Anonymization
Static Masking Patterns
EAL Pattern (Extract Anonymize Load Pattern)
ELA Pattern (Extract Load Anonymize Pattern)
Data Subsetting
Dynamic Masking
Dynamic Masking Patterns
Interception Pattern
Invocation Patterns
Application of Dynamic Masking patterns
Dynamic Masking vs. Static Masking
Anonymization Environment Patterns
Points to Ponder
Typical Application Environments in an enterprise
Testing Environments
Standalone Environment
Integration Environment
Automated Integration Test environment
Scaled-Down Integration Test Environment
Data Flow Patterns Across Environments
Points to Ponder
Flow of Data from Production Environment Databases to Non-Production Environment Databases
Movement of Anonymized Files from Production Environment to Non-Production Environments
Masked Environment for Integration Testing-Case Study
Data Anonymization Techniques
Points to Ponder
Basic Anonymization Techniques
Substitution
Shuffling
Number Variance
Date Variance
Nulling Out
Character Masking
Cryptographic Techniques
Partial Sensitivity and Partial Masking
Masking Based on External Dependency
Auxiliary Anonymization Techniques
Alternate Classification of Data Anonymization Techniques
Substitution Techniques
Translation Techniques
Leveraging Data Anonymization Techniques
Data Anonymization Implementation
Points to Ponder
Pre-Requisites Before Starting The Anonymization Implementation Activities
Sensitivity Definition Readiness - What is Considered as Sensitive Data by the Organization?
Sensitive Data Discovery- Where does Sensitive Data Exist?
Application Architecture Analysis
Application Sensitivity Analysis
What is Sensitivity Level and How Do We Prioritize Sensitive Fields for Treatment?
Anonymization Design Phase
Anonymization Implementation, Testing, and Rollout Phase
Anonymization Operations
Incorporation of Privacy protection procedures as part of Software Development Life Cycle and Application Lifecycle for New Applications
Impact on SDLC Team
Challenges Faced as part of Any Data Anonymization Implementation
Best Practices To Ensure Success Of Anonymization Projects
Glossary
Biography
Balaji Raghunathan has more than 20 years of experience in the software industry. As part of his current role as General Manager, Technology Consulting & Enterprise Architecture, at ITC Infotech, Balaji Raghunathan is responsible for helping the clients of ITC Infotech simplify their technology landscape, assess their readiness for digital initiatives, modernize their technology architecture and prepare them for their digital journey
Balaji Raghunathan has also lead the delivery of digital projects for banking, financial services, and insurance customers as well as helped them define their digital strategy. He has lead strategy engagements for enterprise mobility initiatives as well as developed, managed and commercialized intellectual property (IP) during his prior stints with Capgemini and Infosys. During the last decade, Balaji Raghunathan has been involved in architecting software solutions for the energy, utilities, publishing, transportation, retail, and banking industries
Balaji Raghunathan’s core areas of interest revolves around digital technology strategy, data privacy management and enterprise mobility. He is an avid blogger on Digital Technology Strategy, and has authored the book "The Complete Book of Data Anonymization-From Planning to Implementation". He has also the co-authored a chapter "Mobility and Its Impact on Enterprise Security" for the book "Information Security Management Handbook, Sixth Edition, Volume 7."
He holds a patent on "System and Method for Runtime Data Anonymization" and has a pending patent on "System and Method for categorization of Social Media Conversation for Response Management."
He is a TOGAF 8.0 and ICMG-WWISA Certified Software Architect.
Balaji Raghunathan has a postgraduate diploma in business administration (finance) from Symbiosis Institute (SCDL), Pune, India and has an engineering degree (electrical and electronics) from Bangalore University, India. He has also completed a Senior Leadership Certificate course from Indian Institute of Management, Kozhikode.
With more and more regulations focusing on protection of data privacy and prevention of misuse of personal data, anonymization of sensitive data is becoming a critical need for corporate and governmental organizations. This book provides a comprehensive view of data anonymization both from a program sponsor’s perspective as well as a practitioner’s. The special focus on implementation of data anonymization across the enterprise makes this a valuable reference book for large data anonymization implementation programs.
—Prasad Joshi, Vice President, Infosys Labs, Infosys Ltd.
This book on data anonymization could not have come at a better time, given the rapid adoption of outsourcing within enterprises and an ever increasing growth of business data. This book is a must read for enterprise data architects and data managers grappling with the problem of balancing the needs of application outsourcing with the requirements for strong data privacy.
—Dr. Pramod Varma, Chief Architect, Unique Identification Authority of India