Hi Team,
We have a scenario
Problem Statement: The customer currently has data in both production and stage environments, with the stage environment being used primarily for development and bug fixing activities. They now want to separate these environments based on workload type - creating a dedicated development environment for all development activities, while reserving the stage environment for testing and production bug fixes. However, the development environment currently lacks data, and the customer is concerned about copying data from stage/production to development due to the presence of sensitive information such as PII data.
Solution Approach :
We are considering an approach that involves creating Delta Sharing (sharing only the required tables) from stage/production environments to lower environments, providing access only to authorized personnel. On top of these Delta Shares, we will create views with the same names as their source tables, and these views will invoke UDF functions containing logic to protect sensitive data through multiple layers of encryption. If required, we will also create delta tables based on these views. This way we can share sensitive data more securely.
Kindly let me know if this approach is suitable or if there are any alternative approaches we should consider, please suggest.
Regards,
Phani