Using Encryption to Make Testing Large Systems More Efficient

Software application development teams are continuously challenged to efficiently deliver reliable software, especially for large applications and systems. To successfully deliver on these challenges, it is critical to have the right kind of test data in sufficient amounts to enable the development teams to fully test all software features and possible scenarios that could occur in a production environment, and to ensure new software versions can successfully scale to accommodate the volume of production data. Some of the common challenges for generating valid test data sets capable of meeting these criteria include:

  • Test data does not conform to software application requirements – Invalid test data can introduce a lot of “false positive” testing results during the testing lifecycle, causing the application development teams to waste precious time reviewing and troubleshooting issues created by the invalid test data.
  • Test data does not cover all software functionality – The test data may conform to application requirements, but the scenarios covered by the test data are not sufficient to truly exercise the application, and do not provide sufficient coverage of all use cases in a production environment.
  • Test data set is too small – The test data set is not large enough to test the scalability of the application.

Ideally, using the production data set for testing would enable the development team to overcome these challenges and improve the reliability and efficiency of the software testing cycle. However, this creates an inherent conflict with data security and data privacy compliance requirements, which dictate that application development teams do not, and should not have access to production data.

The key to improve the reliability and efficiency of the software testing cycle while ensuring compliance with applicable data security and privacy requirements is to generate a data set that closely resembles production data, but absolutely is NOT production data. OnData’s proprietary data encryption and obfuscation features provide a solution to this challenge by enabling software development teams to generate test data that maintains the full integrity and functionality of the production data as follows:

  • All sensitive data, such as PII, HIPAA, FERPA and CJIS data, are fully protected with strong encryption using NIST-approved algorithms. The encrypted and obfuscated data set can be safely used by internal development teams and external resources in non-production environments.
  • The generated test data set automatically conforms to application requirements. By preserving the data integrity in the test data set, the chance for “false positive” testing results is significantly reduced.
  • The generated test data set has the same level of variations as the production data and can easily provide full coverage for all real scenarios in production.
  • The generated test data set can be at the same scale as your production data, enabling performance testing to accurately measure the performance prior to production deployment.

The OnData tool set can streamline and improve the efficiency of the software development and testing lifecycle while protecting the confidentiality and compliance of sensitive data through our proprietary data encryption and obfuscation features. As you evaluate the future of testing large software applications, it is critical to ensure that the test data sets not only provide a good representation of the actual production data, but also is safe to be used in non-production environments. By automating test data generation while meeting data security requirements, OnData can help you achieve this goal while providing the following benefits:

  • Expedited application development and testing cycles with reliable testing data sets;
  • Less chance of surprises or required rollbacks when deploying new releases to production;
  • Ability to deliver better customer experiences by fully verifying quality and performance in testing environments;
  • Ability to collaborate efficiently with external resources without sacrificing data security or incurring additional overhead to validate deliverables.