While we know that software can expose data, we sometimes forget that writing software can expose data.
When a system gets deployed, we typically build a development environment, one or more test environments, and a production environment. No surprises there. However, developing software with sample data, instead of “real” data, can allow defects that are difficult to catch. On the other hand, using “real” data (typically a subset of production data) runs considerable data security risks. In this post, I’ll discuss the notion of building a general purpose deidentification tool specifically for software development and DevOps purposes. (more…)