Managing Sensitive Data in a Database
Managing sensitive data is an essential step in handling your test data. This involves:
- Identifying fields that contain personal (name, surname, email, etc.) or sensitive data
- Using appropriate anonymization functions
- Optionally validating all your choices with your security contact
Sensitive data is managed in the “Sensitive Data” tab of the database:
There are several ways to declare sensitive data.
Manual Declaration of Sensitive Data
You can manually add your sensitive data by specifying:
- The relevant table
- The sensitive field
- The type of sensitive data (name, surname, email, phone number, credit card number, etc.)
Automatic Detection of Sensitive Data
Depending on the subscribed offer, you can use the automatic detection function for sensitive data.
With this feature, Grapes scans the entire database and determines fields that might contain sensitive data.
Grapes uses the following information:
- A sample of data from each field (up to 10 examples)
- The context of the field: table name, field name, etc.
These data are analyzed using various techniques and produce a score from 0 to 100. The higher the score, the more likely the field contains sensitive data.
The detected data include:
- Credit cards
- Email addresses
- First names, surnames
- IP and MAC addresses
- Phone numbers
- Sensitive dates
To launch the automatic detection operation, simply click the search icon at the top right of the screen.
The results are displayed as follows:
For each detected sensitive field, you can:
- Validate the accuracy of the detection
- Declare the detection as a “False positive”
Anonymizing Sensitive Data
Grapes allows you to anonymize sensitive data easily without development skills.
In front of each sensitive field in the table, click the anonymization button:
Several predefined anonymization functions are available.
Static Anonymization
This replaces data with a single value. For example, the contact email. This allows you to redirect all outgoing emails to your test inbox in all non-production environments.
Random Anonymization
This replaces data randomly with another from a stored value dictionary.
Examples: Randomly replace all names and surnames, addresses, countries, roles in the company, etc.
To learn more about value dictionaries, see the page Administer Anonymization Resources
Text Generator
This function generates random text. You can configure the minimum and maximum number of words generated.
This function is useful for comment fields, for example.
Regular Expression-Based Generator
This generator allows you to create any alphanumeric string while controlling the format.
Model | Description | Example | |||||||
---|---|---|---|---|---|---|---|---|---|
? | A random character | ||||||||
[0-9] | A random digit | ||||||||
[A-Z] | An uppercase letter | ||||||||
[a-z] | A lowercase letter | ||||||||
[A-Za-z] | An uppercase or lowercase letter | ||||||||
{5} | Number of repetitions | [a-z]{3} generates 3 random lowercase letters |
For example, the following expression: F202[0-9][0-9]{5}[a-z]{3}?? can generate the following random values:
- F202012345ABC@X
- F202449012ZCX12
- etc.
IP Address Generator
As the name suggests, this generator creates valid V4 and V6 IP addresses.
MAC Address Generator
It generates valid random MAC addresses.
Credit Card Number Generator
The generated credit card numbers are verifiable.
Date Generator
A date is generated within a range that you configure.
If you find an anonymization function necessary and it is not listed here, please let us know on this page Contact Us.