Allowing a 3rd party to take your database offsite is high risk for many reasons, most notably your database may be full of sensitive information including credit card numbers and passwords (albeit encrypted).
No organisation wants to be in breach of privacy laws or internal policies, and so this limits your ability to have your data analysed by marketing and communication organisations and other technical services providers.
We wanted to be able to take a customer's database and remove any trace of personal data while leaving a strong setup for testing and QA.
We built a series of scripts that run across your iMIS database to anonymise the data.
This is a semi-automated process executed in sequence that:
Replaces company names, contact names and addresses with random data
Truncates a series of tables to remove the ability to derive the above information
Removes your saved CreditCard Authorisation usernames/passwords
Resets all email addresses
Writes over all credit card transactions with dummy data
Writes over all EFT saved credit cards and transactions with dummy data
Removes all notes from all contact records
Resets usernames and passwords for all public users
This process only takes a few minutes to run and leaves your database still fully accessible through the standard iMIS interfaces.
Running this process allows your database to now be safely backed up and taken offsite allowing 3rd parties to analyse and review your data for analysis purposes without comprimising your organisations most valuable asset.