The risks of real customer data in testing environments

A study that surveyed 1,000 developers and start-up employees found that 29% of companies use real user data when testing and fixing software bugs, increasing the risk of a data breach. The study found 45% of respondents said their companies have faced a major data breach within the past five years due in part to the use of data in insecure environments.

Real data in test environments is a real problem as test environments are so widespread: from laptops that can be stolen, incorrect data migrations to the cloud, unsanctioned test environments, and probably countless other locations. All this increases the risk of a data breach.

An emerging way to avoid a breach of user data is to use synthetic data for testing. There are now solutions on the market which can generate synthetic datasets. Synthetic test data is ‘fake' or dummy data that can be used for development and testing of applications. It is not based on real data or existing information, but rather artificially created with the help of algorithms. Synthetic data can be used to replace privacy sensitive information so that companies ensure privacy protection of real employee and customer data, especially in today's time when personal data is the focus of both regulators and threat actors.

Learn more about the research results at Help Net Security.