On Data Leakage from Non-production Systems
This study is an exploration of areas pertaining to the use of production data in non-production environments. During the software development lifecycle, non-production environments are used to serve various purposes to include unit, component, integration, system, user acceptance, performance and configuration testing. Organisations and third parties have been and are continuing to use copies of production data in non-production environments. This can lead to personal and sensitive data being accidentally leaked if appropriate and rigorous security guidelines are not implemented. This paper proposes a comprehensive framework for minimising data leakage from non-production environments. The framework was evaluated using guided interviews and was proven effective in helping organisation managing sensitive data in non-production environments.
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.
Citation : Cope, J. et al. (2017) On Data Leakage from Non-production Systems. Information and Computer Security, 25 (4), pp. 454-474
Research Group : Software Technology Research Laboratory (STRL)
Research Institute : Cyber Technology Institute (CTI)
Peer Reviewed : Yes