The Complete Book of Data Anonymization From Planning to Implementation

Overview of Data Anonymization
Points to Ponder
PII
PHI
What is Data Anonymization?
What are the Drivers for Data Anonymization?
     The Need To Protect Sensitive Data Handled As Part Of Business
     Increasing Instances of Insider Data Leakage, Misuse of Personal Data and the Lure of Money for Mischievous Insiders
     Employees Getting Even With Employers
     Negligence of Employees to Sensitivity of Personal Data
     Astronomical Cost to the Business due to Misuse of Personal Data
Risks Arising out of Operational Factors Like Outsourcing and Partner Collaboration 
     Outsourcing Of IT Application Development, Testing And Support
     Increasing Collaboration With Partners
     Legal and Compliance Requirements
Will Procuring and Implementing a Data Anonymization Tool by Itself Ensure Protection of Privacy of Sensitive Data?
     Ambiguity of Operational Aspects
     Allowing the Same Users to Access both Masked and Unmasked Environment
     Lack Of Buy-In From IT Application Developers, Testers and End-Users
     Compartmentalized Approach to Data Anonymization
     Absence of Data Privacy Protection Policies or Weak enforcement of Data Privacy Policies
Benefits Of Data Anonymization Implementation

DATA ANONYMIZATION PROGRAM SPONSOR’S GUIDEBOOK

Enterprise Data Privacy Governance Model
Points to Ponder
Chief Privacy Officer
Unit /Department Privacy Compliance Officers
The Steering Committee for Data Privacy Protection Initiatives
     Management Representatives
     Information Security And Risk Department Representatives
     Representatives from the Department Security and Privacy Compliance Officers
Incident Response Team
The Role of the Employee in Privacy Protection
The Role of the CIO
Typical Ways Enterprises Enforce Privacy Policies

Enterprise Data Classification Policy and Privacy Laws
Points to Ponder
Regulatory Compliance
Enterprise Data Classification
Points to Consider
Controls For Each Class Of Enterprise Data

Operational Processes, Guidelines and Controls for Enterprise Data Privacy Protection
Points to Ponder
Privacy Incident Management
Planning for Incident Resolution
     Preparation
     Incident Capture
     Incident Response
     Post Incident Analysis
Guidelines and Best Practices
     PII/PHI Collection Guidelines
     Guidelines for Storage and Transmission of PII/PHI
     PII/PHI Usage Guidelines
     Guidelines for Storing PII/PHI on Portable Devices and Storage Devices 
     Guidelines for Staff

The Different Phases of a Data Anonymization Program
Points to Ponder
How Should I Go about the Enterprise Data Anonymization Program?
     The Assessment Phase
     Tool Evaluation and Solution Definition Phase
     Data Anonymization Implementation Phase
     Operations Phase or the Steady-State phase
Food For Thought
     When Should the Organization Invest on a Data Anonymization Exercise?
     The Organization’s Security Policies Anyway Mandate Authorization to be Built-in For Every Application. Won’t This be Sufficient? Why is Data Anonymization Needed?
     Is there a Business Case for Data Anonymization Program in My Organization?
     When Can a Data Anonymization Program be Called as a Successful One?
     Why Should I go for a Data Anonymization Tool when SQL Encryption Scripts Can be Used to Anonymize Data?
     What are the Benefits Provided by Data Masking Tools for Data Anonymization?
     Why is a Tool Evaluation Phase Needed?
     Who Should Implement Data Anonymization? Should it be the Tool Vendor or the IT Service Partner or External Consultants or Internal Employees?
     How Many Rounds of Testing Must be Planned to Certify that Application Behavior is Unchanged with use of Anonymized Data?

Departments Involved in Enterprise Data Anonymization Program
Points to Ponder
The Role of the Information Security and Risk Department
The Role of the Legal Department
The Role of Application Owners and Business Analysts
The Role of Administrators
The Role of the Project Management Office (PMO)
The Role of the Finance department
Steering Committee

Privacy Meter- Assessing The Maturity Of Data Privacy Protection Practices In The Organization
Points to Ponder
Planning A Data Anonymization Implementation
Data Privacy Maturity Model

Enterprise Data Anonymization Execution Model
Points to Ponder
Decentralized Model
Centralized Anonymization Setup
Shared Services Model

Tools and Technology
Points to Ponder
Shortlisting Tools for Evaluation
Tool Evaluation and Selection
     Functional Capabilities 
     Technical Capabilities
     Operational Capabilities
     Financial Parameters
Scoring criteria for Evaluation

Anonymization Implementation – Activities & Effort
Points to Ponder
Anonymization Implementation Activities For An Application
     Application Anonymization Analysis and Design
     Anonymization Environment Setup
     Application Anonymization Configuration and Build
     Anonymized Application Testing
Complexity Criteria
     Application Characteristics
     Environment Dependencies
Arriving at an Effort Estimation Model
     Definition of Complexity Criteria
     Ready-Reckoner Preparation
     Determination Of The Complexity Of The Application To Be Anonymized
     Assignment of Effort to Each Activity Based on the Ready-Reckoner
Case Study
     Context
     Estimation Approach
     Application Complexity
     Arriving at a Ball Park Estimate

The Next Wave of Data Privacy Challenges

DATA ANONYMIZATION PRACTITIONERS GUIDE

Data Anonymization Patterns
Points to Ponder
Pattern Overview

Data State Anonymization Patterns
Points to Ponder
Principles of Anonymization
Static Masking Patterns
     EAL Pattern (Extract Anonymize Load Pattern)
     ELA Pattern (Extract Load Anonymize Pattern)
     Data Subsetting
Dynamic Masking
Dynamic Masking Patterns
     Interception Pattern
     Invocation Patterns
     Application of Dynamic Masking patterns
Dynamic Masking vs. Static Masking

Anonymization Environment Patterns
Points to Ponder
Typical Application Environments in an enterprise
Testing Environments
     Standalone Environment
     Integration Environment
     Automated Integration Test environment
     Scaled-Down Integration Test Environment

Data Flow Patterns Across Environments
Points to Ponder
Flow of Data from Production Environment Databases to Non-Production Environment Databases
Movement of Anonymized Files from Production Environment to Non-Production Environments
Masked Environment for Integration Testing-Case Study

Data Anonymization Techniques
Points to Ponder
Basic Anonymization Techniques
     Substitution
     Shuffling
     Number Variance
     Date Variance
     Nulling Out
     Character Masking
     Cryptographic Techniques
Partial Sensitivity and Partial Masking
Masking Based on External Dependency
Auxiliary Anonymization Techniques
Alternate Classification of Data Anonymization Techniques
     Substitution Techniques
     Translation Techniques
Leveraging Data Anonymization Techniques

Data Anonymization Implementation
Points to Ponder
Pre-Requisites Before Starting The Anonymization Implementation Activities
     Sensitivity Definition Readiness - What is Considered as Sensitive Data by the Organization?
     Sensitive Data Discovery- Where does Sensitive Data Exist?
Application Architecture Analysis
Application Sensitivity Analysis
     What is Sensitivity Level and How Do We Prioritize Sensitive Fields for Treatment?
Anonymization Design Phase
Anonymization Implementation, Testing, and Rollout Phase
Anonymization Operations
Incorporation of Privacy protection procedures as part of Software Development Life Cycle and Application Lifecycle for New Applications
     Impact on SDLC Team
Challenges Faced as part of Any Data Anonymization Implementation
Best Practices To Ensure Success Of Anonymization Projects

Glossary

Biography

Balaji Raghunathan has more than 20 years of experience in the software industry. As part of his current role as General Manager, Technology Consulting & Enterprise Architecture, at ITC Infotech, Balaji Raghunathan is responsible for helping the clients of ITC Infotech simplify their technology landscape, assess their readiness for digital initiatives, modernize their technology architecture and prepare them for their digital journey

Balaji Raghunathan has also lead the delivery of digital projects for banking, financial services, and insurance customers as well as helped them define their digital strategy. He has lead strategy engagements for enterprise mobility initiatives as well as developed, managed and commercialized intellectual property (IP) during his prior stints with Capgemini and Infosys. During the last decade, Balaji Raghunathan has been involved in architecting software solutions for the energy, utilities, publishing, transportation, retail, and banking industries

Balaji Raghunathan’s core areas of interest revolves around digital technology strategy, data privacy management and enterprise mobility. He is an avid blogger on Digital Technology Strategy, and has authored the book "The Complete Book of Data Anonymization-From Planning to Implementation". He has also the co-authored a chapter "Mobility and Its Impact on Enterprise Security" for the book "Information Security Management Handbook, Sixth Edition, Volume 7."

He holds a patent on "System and Method for Runtime Data Anonymization" and has a pending patent on "System and Method for categorization of Social Media Conversation for Response Management."

He is a TOGAF 8.0 and ICMG-WWISA Certified Software Architect.

Balaji Raghunathan has a postgraduate diploma in business administration (finance) from Symbiosis Institute (SCDL), Pune, India and has an engineering degree (electrical and electronics) from Bangalore University, India. He has also completed a Senior Leadership Certificate course from Indian Institute of Management, Kozhikode.

With more and more regulations focusing on protection of data privacy and prevention of misuse of personal data, anonymization of sensitive data is becoming a critical need for corporate and governmental organizations. This book provides a comprehensive view of data anonymization both from a program sponsor’s perspective as well as a practitioner’s. The special focus on implementation of  data anonymization across the enterprise makes this a valuable reference book for large data anonymization implementation programs.
—Prasad Joshi, Vice President, Infosys Labs, Infosys Ltd.

This book on data anonymization could not have come at a better time, given the rapid adoption of outsourcing within enterprises and an ever increasing growth of business data. This book is a must read for enterprise data architects and data managers grappling with the problem of balancing the needs of application outsourcing with the requirements for strong data privacy.
—Dr. Pramod Varma, Chief Architect, Unique Identification Authority of India