obfuscation tool or method for servicenow?

edbailey · ‎10-10-2017

My company is going to be storing sensitive data as part HR Case information on its production environment. We don't intend to copy any of this data to our non production environments so we will set up a data exclude on the HR Case, Task and Profile tables but now we face a challenge as how to carry out effective testing of any fixes and enhancements.

One approach to this problem could be to create a subset of data from Production and apply some means of obfuscation. Has anyone done this? How difficult did you find it and what method did you use?

What other approaches could be taken?

edbailey · ‎10-13-2017

Thanks Steve that is a good point around the scenarios being tested.

HarshTimes · ‎10-13-2017

Hi Steve

For testing scenarios,there is a big CONS for populating the data by loading XML.If you will load the data via XML then the related workflows/approvals etc will not work. Because we are loading only the XML of records.

Regards,

Harsh

edbailey · ‎10-16-2017

Thanks for pointing that out. We are not using any request workflows or approvals at present but might become a factor later so important consideration for approach

HarshTimes · ‎10-16-2017

Hi Ed

I found that in servicenow we have a functionality of preserving the data. You can set the table which you want to preserve same like as the exclude table list.So whenever you are cloning then that particular table will not be clone and will have the same data as it was before clone. You do not require to keep backup of the XML of the test records and no need to load them back to non prod instance. You can find more details about this on the link http://wiki.servicenow.com/index.php?title=System_Clone#Preserving_Data_on_the_Target_Instance

-Harsh

bennetm · ‎10-13-2017

If you can identifiy the fields where the sensitive data is held, you could write a background script to run after the data load to desensitise the data.