Data from production environments is not used in a development or testing environment unless the environment is secured to the same level as the production environment.
Development, build, and test environments must be secured to the same level as production through network segmentation, encryption, monitoring, and automated backups. More specifically, code, repositories, and software artifacts should be treated as sensitive data assets, protected from unauthorized access considering additional measures such as MFA, behavioral analytics, or secure VPNs, and monitored for anomalies with prompt response to failed access attempts. Supply chain security should include vendor assessments, verification of third-party components, and controls to prevent unauthorized data flow between systems. Backup and recovery plans must ensure continuity in case of disruptions, with safeguards to prevent data breaches at all stages of software development and delivery. This integrated approach aligns security, data protection, and supply chain integrity across all environments.
Identify and understand the types and sensitivity of data stored and processed by applications, ensuring that basic data protection measures are in place. Protect all data associated with an application based on the requirements of the most sensitive data it stores or processes. Prohibit propagation of unsanitized sensitive production data to lower (non-production) environments, focusing data protection policies on production environments. Implement security controls like encryption, backups, and controlled data sharing to prevent unauthorized access and mitigate risks.
| ID | Operation | Description | Phase | Agent |
|---|---|---|---|---|
| SSS-01-03-01-01-01 | Identify data sensitivity | Classify the types of data used by applications based on their sensitivity, such as public, internal, restricted, or confidential. Document where this data is stored and how it’s used, including databases, file storage, backups, and sharing with third parties. E.g., Mark production logs containing user data as "sensitive" and require encryption and restricted access. | Preparation | Security Team, Data Owners |
| SSS-01-03-01-01-02 | Define data handling procedures | Establish clear procedures for managing sensitive data at each stage of its lifecycle, including storage, access, transmission, and disposal. These practices should match the data’s sensitivity level to ensure appropriate protection. | Preparation | Security Team, Project Manager |
| SSS-01-03-01-01-03 | Implement access controls | Restrict access to sensitive data based on roles and responsibilities. Implement access control mechanisms (e.g., access control lists, authentication, authorization) to enforce these boundaries. | Development | Security Team, System Administrators, DevOps Team |
| SSS-01-03-01-01-04 | Prevent data leakage | Implement controls to prevent sensitive data from production environments from being copied or migrated to lower environments (e.g., development, testing, staging) without proper sanitization or masking. | Deployment | Security Team, Development Team, Quality Assurance (QA) |
| SSS-01-03-01-01-05 | Establish a data sanitization process | Define and implement a process for sanitizing or masking sensitive data before it is used in lower environments. This could include techniques like data anonymization, pseudonymization, or data obfuscation. | Deployment | Security Team, DevOps Team |
| Industry framework | Academic work | Real-world case |
|---|---|---|
|
Information Security Manual (ISM-1420) CISA Securing the Software Supply Chain Part2 (2.2.1) OWASP SAMM: Software Assurance Maturity Model (O-OM-1-A) |