John Craft

 ·  3 min read

Announcing the Privacy Dynamics GitHub Action

Improve developer productivity by integrating real data into development and testing environments.

Effectively testing and debugging software requires high quality data in development environments. Getting it there quickly and easily has long been a problem for engineers, and a risk for security leaders. Production data often contains Personally Identifiable Information (PII), which often leads engineers to settle for less desirable alternatives like synthetic data. Privacy Dynamics makes it easy to create and maintain de-identified data environments in minutes, providing engineers with the data they need to continue working at the pace they desire. Security and privacy teams can rest easy, knowing sensitive personal information is not proliferating around the organization. This process, known as Data Minimization, is a core component of demonstrating compliance with privacy laws including HIPAA, CPRA, and GDPR.

Shift left with anonymized data

Engineering teams know the importance of moving their testing, security, and vulnerability steps earlier in the software development process. Informally, this is called shifting left which allows engineering teams to catch problems in their software before issues present themselves in production environments. Continuous Integration (CI) makes shifting left possible by automating away a lot of the steps engineers have done manually in the past. One of the most popular CI systems today is GitHub Actions, as it allows developers to write their own automations using different languages. The marketplace offers pre-built workflows for common operations, further simplifying the CI process.

The Privacy Dynamics GitHub Action

Today, we are announcing a GitHub Action allowing developers to call Privacy Dynamics and create de-identified datasets as part of their CI process. The action is available in the GitHub Actions Marketplace and can be incorporated directly into CI workflows in a matter of minutes. This action resolves three common problems faced by engineering teams today as they struggle to support new privacy and security requirements.

  1. Use production for automated tests. Anonymize production data and write it to the ephemeral environments used for integration and functional tests.
  2. Database migrations. Verify database migrations will work in production by running them first in test environments with anonymized copies of production data.
  3. Realistic data for product and data teams. Write anonymized data to environments used by product or data teams who need accurate data for running applications or analysis.

How to use the Privacy Dynamics GitHub Action

Getting started is easy, and can be completed in just a few minutes with an active Privacy Dynamics subscription. Please reach out to sales@privacydynamics.io to set up a new account. Fully supported free-trials are available.

  1. Login to your Privacy Dynamics account and create a new project or use an existing one.
  2. Reach out to us to get API credentials and make them available to the Action via GitHub Secrets or your secrets manager of choice.
  3. Identify your host, port, username, and password parameters so the Action knows where to write the anonymized data to.

Tell us what you think

If you’ve experienced the problem of getting quality data into your development and testing environments, we want to hear from you. We’re focused on making the process as easy as possible for engineers, because we trust you want to be responsible with your customer’s personal information and satisfy the requirements of your security teams in reasonable ways. Does this Action make it easier to get the data you need and shift your development and testing processes left? We’re always open to feedback, so please reach out at support@privacydynamics.io and let us know if there’s anything else you would like to see this Action do.