Import, export, and anonymize data and bpts
into/out of/between OutSystems environments

Audit Sensitive Data

With DMM you can quickly identify all data fields that contain sensitive client information inside your OutSystems database.

DMM can identify fields like ID, bank account, email, passport and others, so you can quickly have a report of where the personal and critical information is – including during the fast changes that OutSystems allows to the solutions, now you can get an automatic audit report on-demand.

Scramble/Anonymize Data in non-PRD Environments

With DMM you can quickly scramble or anonymize all information identified as sensitive, avoiding cybersec risks of having such data exposed in case of a data breach on non-PRD environments.

It is recommended in your non-Production OutSystems environment that you do not have Client real data. With DMM you have the ability to quickly change that information into not-real data.

DMM allows you to either Scramble data (in which the data still looks real, but is new dummy data created by DMM) or to Anonymize data (in which the data is hashed in a one-way irreversible process).

The Scramble option is especially useful in the testing environments, since the created data will be good enough for the QA/tester team to execute their work – but without the risks of using real client data.

Data Anonymization

With DMM you have several options for data anonymization.

During a data Migration, data Export or even for data at rest in your OutSystems environment, you can, for each entity field that requires privacy:

• Anonymize data; replacing it with a string of meaningless characters (this is a one-way process);
• Scramble data, replacing it with new data that follows the same pattern as the source data of that field, but where this new data doesn’t exist in the source (so an email field still looks like an email, same for address, phone numbers, etc. but they aren’t the real original ones);
• Replace data with a single static value, so all instances of that field that fit in the Migration/Export filters will have that same value;
• Clean data, so when you are in an Migration/Export scenario you can configure DMM to not migrate/export that specific field of the data record (the rest of the record is migrated/exported as usual).

Direct migration from Source to Destination

Your data is never stored anywhere mid-migration. The migration process reads data from the source environment in chunks, and directly writes the data to the destination environment database, without the need to store the data anywhere for processing – so you don’t need to worry about securing your data and access rights for additional storage solutions.
Also, if you choose to use DMM’s anonymization options in any fields of your business entities, such data is not even read from the source database.

Secure Access

DMM guarantees security access by using the OutSystems platform security mechanisms – only users authenticated on the OutSystems platform can access the component.

Additionally, DMM controls the access to the user interface through 2 different roles that must be explicitly configured in the OutSystems platform in order to operate/access DMM. If users do not have any of those roles, even if they are authenticated in OutSystems, they cannot access DMM pages.
One role is a full user, capable of accessing and executing all features of DMM. The other role has limited access and can only execute (launch) pre-configured operations in DMM, so it cannot change the operations’ configurations.

Data Access

DMM is deployed in the client’s OutSystems infrastructure, therefore it executes within the client’s security perimeter. DMM never sends or shares with Infosistema information about user data.

Best Practices

DMM is developed and installed on the OutSystems platform, which follows the best practices related to security (like OWASP) and privacy.

See more information in https://www.outsystems.com/security/