Lax data masking hits four in five firms
Study from Micro Focus and the Ponemon Institute finds 79 per cent of companies have suffered a data breach in the past year
Keep it safe: Just seven per cent of firms increase data protection during the application development and testing process
Almost four in five companies have been hit by a data breach in the past year as 70 per cent continue to ignore data-masking techniques, research has claimed.
Research commissioned by enterprise applications vendor Micro Focus and carried out by the Ponemon Institute surveyed 1,350 application development staff at UK and US firms with turnover between $10m (£6.1m) and $20bn-plus.
The past 12 months have seen data breaches at 79 per cent of respondents, with the same amount using live production data in application development and testing. But just 30 per cent of firms mask this data during the process.
Application testing takes place on at least a weekly basis at 64 per cent of companies, with 90 per cent claiming it happens once a month or more. A mere seven per cent of respondents said data protection procedures were more rigorous during development and testing than during normal production.
Micro Focus also expressed shock at the size of data being tested, with three quarters of companies using data files bigger than 1TB. Some respondents even reported using samples greater than 50TB in size. The Newbury-based vendor claimed this increased the risk of internal and external attacks or human error.
Stuart McGill, chief technology officer at Micro Focus, urged companies to act immediately to shore up their data-masking practices.
“Given the recent high profile of data breaches across the world and also the frequency with which testing takes place, it seems unbelievable that organisations still have not taken the necessary steps to ensure their data is secure during this regular process,” he said.
"In this difficult economic time, the last thing organisations want or need is to experience a significant data breach that can leave their own, or worse, their customers’ confidential information damaged or leaked."
Ponemon Institute chairman Larry Ponemon added: “It is understandable that organisations want to be efficient in this often time-consuming process, but cutting corners by not masking the data could cause irreparable damage to a company’s database and reputation if a major breach were to happen.”