Sanity Lost. Data Sanitization
>> Thursday, 24 May 2012
I woke early in a sweat unable to get back to sleep and unable to get out of my mind what I'd dreamt. My daughter was taken away by the Social Services for her own protection.
I had been working on a local authority test database that held the information relating to calls made about child neglect. Whilst testing the application I had used COGs name and entered 9 different calls. The test environment had been promoted to production but the test data hadn't been removed. COG had been reported out by the system and they took her away no matter how much I argued the case.
After waking I lay for a while trying to decide what I would do. I assumed if the test data was promoted live so would the test users. I would simply delete the 9 calls and and and...it was all too much, it's left me upset about it since. (I always try to work out happy endings if I wake from a bad dream, don't you?)
But this isn't just a far fetched dream. We often worry about protecting live data from being used in development and preproduction, obfuscating and sanitising a frenzy. But simply building production databases from preproduction copies is as bad in my book and yet how often do we have to do just that in a massive JFDI rush.
People ( us ITites anyway) often talk about Bobby Tables and sanitising data input, but developers and DBAs create an internal risk to data that we often ignore. When moving systems to production any static data promoted needs to be reconsidered. But when the data and definitions are in a foreign language how am I to even sense check it? I must rely on developers and that leaves me worrying.
This dream has really shaken me firstly as a mother but secondly as a professional wanting to maintain the integrity of the data I'm responsible for. Hate it when work gets to your core like this.
0 comments:
Post a Comment