> -----Original Message----- > From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On > Behalf Of Patrick O'Keefe > Sent: Wednesday, April 22, 2009 4:50 PM > To: IBM-MAIN@bama.ua.edu > Subject: Re: Data masking/data disguise Primer 1) WHY > > On Wed, 22 Apr 2009 10:39:29 -0400, Farley, Peter x23353 > <peter.far...@broadridge.com> wrote: <Snipped> > >Neither the customer nor the USPS appreciate or long tolerate > >incorrect zip codes. > > Huh? Neither the customer not the USPS would see output based > test data. If you mean that the application would produce incorrect > zip codes based because it wasn't test enogh using the test data, > then that points to a problem with the code or the test data.
I didn't think at that point that I was talking about test data, which is usually only needed before an application goes live. Post-implementation production problems are the ones that require production data to resolve. You can't fix a problem unless you can reproduce the problem, and that, of necessity, requires the data that caused the problem in the first place -- which usually means real production data. The idea I was trying to get across there is the case where a glitch has turned up in the production stream and the programmer is charged with fixing that glitch. In my hypothetical zip-code scenario, I presumed that the problem could be wrong real zip-codes being generated for real customer addresses, leading to undeliverable mail or complaints from USPS that mail is being returned as "no such person this address". My thesis is that the programmer cannot debug such a glitch without using the real production data that originally caused the problem. Zip-code may not be as good an example as I hoped it would be. You are right, of course, that in designing how to mask private information in such an application the keys to the zip-code database would be masked in the same way as the production data, so that the zip-code could be looked up without actually knowing or seeing the "real" address information. Only the final printing application would unmask the address to print it for mailing. I still firmly believe that there are many other examples where "the real data" needs to be used to successfully debug an application problem, and therefore "masked" data will of necessity be seen "unmasked" by the debugging application programmer. When PII data is central to the business process at hand, it will be unavoidable for programmers to be able to see and manipulate such data in order to do their jobs successfully. Peter This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html