ABSTRACT
Organizations copy tens of millions of sensitive customer and consumer data to nonproduction environments and very few companies do anything to protect this data, even when sharing with outsourcers and third parties (Oracle Corporation 2013). Corporate business systems have for many years become centralized in the pursuit of improved efficiency and cost savings. The support of these systems is affected by legal, business, and human factors. Existing frameworks and guidelines are reviewed for their benefits and limitations. Original research has been undertaken for both an organization’s use of data and an individual’s opinions on data usage and protection. The proposed model and framework describes the integration of and interaction between elements affecting an organization. A hypothetical case study has been devised and performed as a tabletop exercise to ascertain the practical use of the framework. In this book chapter we review the factors affecting nonproduction systems and propose a simplified business model and framework to understand the practical application. The technology/technical terms used in the book chapter are explained wherever they appear or in the “Glossary” section.
