Mainframe testing compromises data privacy

A survey by software tools company Compuware highlights discrepancy between using real data for application testing and privacy concerns

A survey by software tools company Compuware has highlighted the discrepancy between using real data for application testing data and data privacy concerns.

The survey of 510 CIOs conducted by Vanson Bourne found that 20% of companies do not mask or protect their customer data before providing it to outsourcers for application testing purposes.

The survey also found that 43 of the CIOs who admitted they share customer data did not understand data protection laws and regulations, which stipulate where and how data collected on individuals can be used.

To avoid issues relating to data privacy, a number of organisations mask customer data or select small amounts of data rather than a full production copy.

Mainframe testing

Some go even further and do not provide any customer data to use in the testing process, forcing quality assurance testers to create test data for application testing. This method, however, can be very expensive and time-consuming. According to Compuware, such practices are affecting the quality of outsourced application development.

“If applications are to be tested thoroughly, particularly in the complex world of the mainframe, test data conditions should reflect live data conditions as closely as possible or the application may not perform well in production,” said Kris Manery, senior vice-president and general manager, mainframe solutions at Compuware.

“Providing third parties with unprotected customer data not only increases the potential for data to be misused or stolen, but can also put companies in danger of violating data protection regulations. Either could seriously impact revenues and reputation should a breach occur,” Manery warned.

Read more on Application security and coding requirements