Report highlights non-production data breaches

Survey respondents also share concerns about data privacy in AI environments, with 68% perceiving a lack of solutions.

  • Wednesday, 21st August 2024 Posted 1 year ago in by Phil Alsop

Perforce Software has published the findings of the Delphix 2024 State of Data Compliance and Security Report. This inaugural report delivers exclusive research on the challenges of protecting sensitive data in non-production or lower environments, such as development, testing, analytics, and AI/ML.

“Our goal with this report is to share the realities of sensitive data exposures in non-production to help enterprises better protect their data moving forward,” said Ann Rosen, Director of Product Marketing for Delphix by Perforce. “Protecting sensitive data — data with personal identifiable information (PII) — in non-production has become more important over the years as cyberattacks target these environments. Companies need to do more to protect sensitive data.”

The report also reveals that the challenge of protecting sensitive data will only get more complex with the rise of AI. 85% of enterprises report concerns about regulatory non-compliance in AI environments. Even more troubling, 68% of organizations surveyed perceive a lack of solutions to tackle data privacy in AI environments.

“AI is transforming industries, and data is at the heart of AI,” said Rod Cope, Chief Technology Officer of Perforce Software. “When it comes to AI and data, it can be a double-edged sword. There’s a lot of excitement around the innovation possible in AI, but data in AI environments must be protected. The findings in the State of Data Compliance and Security Report underline the importance of complying with data privacy regulations in AI environments, too.”

Overall, 91% of organizations are concerned about the expanded exposure footprint across all lower environments (including software development, testing, and data analytics). Yet 86% of organizations allow data compliance exceptions in non-production. As a result, 54% of organizations have already experienced a data breach or theft involving sensitive data in non-production environments. In Delphix’s experience, if this data is not protected, the consequences can be dire. Indeed, 53% have already experienced audit issues and failures related to non-production.

To mitigate these concerns, organizations are turning to tools and approaches like static data masking, cited as a current solution by 66% of organizations surveyed.

 “We hear all the time from customers that exceptions are given because it’s too complicated and time-consuming to achieve compliance without slowing down development or impacting quality,” said David Wells, Product Lead of Compliance Products for Delphix by Perforce. “At Delphix and Perforce, we believe that with the right approach, you can achieve compliance rapidly without bottlenecking innovation. Static data masking is the best way to protect your test and development data. You need production-realistic data to detect defects as early as possible in the development lifecycle, but you certainly shouldn’t use production data for this purpose. That’s why we’re continuously evolving Delphix masking solutions to meet the ever-expanding data compliance landscape, regardless of data source or environment.” 

Abzorb launches a Mobile Masterclass to empower UK channel partners to integrate mobile as a core business offering.

Tool sprawl: The quiet culprit behind MSP burnout

Posted 2 weeks ago by Aaron Sandhu
A Heimdal study reveals how the proliferation of security tools overwhelms and exhausts North American MSPs, leading to significant operational...
StorONE's platform allows Storage Guardian to consolidate its infrastructure and boost efficiency, dramatically reducing its data centre footprint.

Securing the future: Navigating hybrid cloud challenges

Posted 3 weeks ago by Aaron Sandhu
New research indicates organisations face hurdles in securing applications across diverse cloud environments, highlighting a need for unified...
Flexera introduces a new platform for comprehensive SaaS discovery, optimisation, and control, addressing challenges such as shadow AI and fragmented...
SolarWinds report suggests IT leaders underestimate the impact of broken processes and limited staff.
CISPE appeals Broadcom's VMware acquisition approval, citing competition risks and exclusion of smaller providers.
Red Hat introduces updates to streamline partner interactions, focusing on specialisation and demand generation for enhanced synergy.