I'm planning to clone our production instance to a newly purchased test instance, but I want to ensure that sensitive data is not transferred to the test environment. As we may need to perform similar cloning operations during future upgrades, I'm looking for the best practice approach that we can consistently use.

I'm considering several options and would appreciate guidance on which approach is most recommended:

1. Using exclude tables configuration to skip tables containing sensitive data

   • Are there any risks or considerations with this approach?

2. Cloning everything first and then deleting sensitive data afterwards

   • Is this a safer approach?

3. Implementing the Data Privacy Clone plugin

   • Would this be the most efficient solution?

Are there any other recommended methods I should consider?

Additional Info:

• We are currently using ServiceNow SPM
• This needs to be a repeatable process for future cloning operations
• Main concern is protecting sensitive data while maintaining system functionality

Could you please share best practices and recommendations for this scenario?