How data anonymization can strengthen data privacy

  • Barkha Bathija
  • Solutions
  • Cybersecurity and Risk
  • 2023
January 27, 2023

Data privacy: woman unlocking phone in front of open laptop

Data Privacy Day is an international event observed on Jan. 28 in the United States, Canada, Nigeria, Israel, and 47 European countries. It’s a time to raise awareness about data protection best practices.

At ServiceNow, one day is not enough to focus on data privacy. We prioritize protecting personally identifiable information (PII) for organizations and individuals every day of the year. One of the best ways to do that is through data anonymization.

Assessing the data privacy landscape


Any compromise or breach of sensitive information can have a significant negative impact on an organization—including revenue loss, reputation damage, intellectual property loss, and large fines.

PII-related data breaches are on the rise. According to the 2021 Data Breach Report, the most frequently compromised data is people’s names, Social Security numbers, dates of birth, and home addresses.

IBM research found the global average cost of a data breach reached an all-time high of $4.35 million in 2022. Data breaches involving PII are the most common and the most expensive, costing $150,000 more than the average data breach, the research adds.

Growing data breaches and privacy concerns have led governments worldwide to adopt privacy regulations, such as the European Union’s General Data Protection Regulation (GDPR), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and China’s Personal Information Protection Law (PIPL).

According to Gartner®, “By year-end 2024, 75% of the world’s population will have its personal data covered under modern privacy regulations.”1 Failure to comply with these privacy laws could result in steep fines, potentially costing a company up to 4% of its global revenue, according to a CNBC article.

Ways to anonymize data


Data anonymization offers a reliable way to protect PII. ServiceNow Data Anonymization, introduced in the Now Platform Tokyo release, helps protect sensitive data through different preserving techniques for production and subproduction instances. It also helps organizations with regulatory compliance.

Prior to anonymization, data should be classified according to its sensitivity. After that, PII can be anonymized in two ways.

1. PII associated with a specific user


Administrators can choose to anonymize either all or part of the PII associated with a particular user using techniques such as selective replace (format preserving) or replace with a string. These techniques preserve other PII such as business phone or city, and data for other users is not affected.

PII original data vs. anonymized data for a specific user


2. Data class/column


A column containing sensitive information can be anonymized before using the data for testing or before sharing it with any third-party entity. Anonymizing a column can be scheduled as part of the clone process of a data anonymization policy. This eliminates the need to make manual changes or run a separate script in the subproduction environment.

For example, all records under a credit card column can be anonymized using a customized technique that keeps the first digit and last four digits of the credit card number intact for processing requirements

Original data vs. anonymized data for data class or column


Once anonymized, user data is no longer considered regulated private information, as it can’t be associated with an individual.

Advancing data security


ServiceNow Data Anonymization is a key component of ServiceNow Vault, a set of advanced security and privacy controls that help organizations protect data, increase compliance, and boost their security posture.

Privacy regulations will continue to emerge and evolve. Having and enforcing robust data privacy policies and practices can help avoid data breaches, potential lawsuits, government-imposed fines, and regulatory investigations.

Find out more about how ServiceNow helps organizations protect PII and stay compliant.

1 Gartner Press Release, Gartner Identifies Top Five Trends in Privacy Through 2024, May 2022

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

© 2023 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated.

Topics

  • Work-study program student Jasmine M. with ServiceNow employee Albert O.
    Careers
    Work-study program offers high schoolers a start in tech
    We’ve partnered with Cristo Rey San Jose Jesuit High School’s Corporate Work Study Program since 2020 to empower students from underserved communities.
  • RPA: group of workers gathered around a conference table looking at a laptop
    AI and Automation
    Forrester report: ServiceNow debuts as a Strong Performer in RPA
    In our very first year of entry, ServiceNow has been named a Strong Performer in The Forrester Wave: Robotic Process Automation, Q1 2023. Find out why.
  • Generative AI capabilities: man in glasses looking intently at open laptop
    Now on Now
    How ServiceNow is using generative AI capabilities across its operations
    Generative AI capabilities can deliver rich experiences and unlock the potential of technology, people, and processes. Find out how we use them at ServiceNow.

Trends & Research

  • RPA: group of workers gathered around a conference table looking at a laptop
    AI and Automation
    Forrester report: ServiceNow debuts as a Strong Performer in RPA
  • #1 in ITSM, AIOps and IT Operations Market Share: Organizations around the world count on ServiceNow in times of change.
    IT Management
    ServiceNow is No. 1 for AIOps, IT operations, and IT service management categories by market share
  • ESG technology: green surrounding a river, woman smiling, 2 government employees in conversation
    Cybersecurity and Risk
    Survey says ESG technology drives results

Year