Agile Testing Sandboxes and the General Data Protection Regulation (GDPR)

According to Wikipedia: “The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a Regulation by which the European Commission intends to strengthen and unify data protection for individuals within the European Union (EU). It also addresses export of personal data outside the EU. The Commission's primary objectives of the GDPR are to give citizens back the control of their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.”

What this means in practice is that there will now be large fines imposed on organizations that misuse the data that their customers or employees have given them. In the early days of IT, a lot of testing was done with production data or subsets thereof. This has evolved to a point where data is protected by taking that subset of production data and masking or obfuscating the elements of the data that contain personal information.

This in itself can be problematic as just masking the data doesn’t always prevent a trend in the data from identifying personal information. There is also a massive audit requirement to constantly check that the data is being masked correctly which is time consuming and costly. So, what is the alternative?

Ostia create agile testing sandbox environments which are simulations of your back-office systems, however, they have no connectivity to your back-office systems or data. Synthetic data may be created based on the description of the data model of the back-office system or the actual sandbox environment can build up sets of testing data through usage. This by definition can be certified as 100% clean from a data governance perspective as no back-office data (either test or production) needs to be made available on the sandbox:


By using agile testing sandbox environments in this way, you can be 100% sure that your data usage in your agile development and testing environments is clean and will not breach the new directives thus avoiding the possibility of a large fine. In addition, these systems are 100% secure to run in the Cloud as there is absolutely no risk of a data breach enabling you to remove pressure from your back-office systems and ultimately reduce cost by using sandbox environments for development and testing.


Written by : Ostia Solutions