Key risk factors to mitigate during a data migration
Part one in this article series summarized the shockingly high failure rates for migration projects, identifying data migration as a key area of...
Design Complex Systems, Create Visual Models, Collaborate on Requirements, Eradicate Bugs and Deliver Quality!
Product Overview | Solutions |
Success Stories | Integrations |
Book a Demo | Release Notes |
Free Trial | Brochure |
Pricing |
Our innovative solutions help you deliver quality software earlier, and at less cost!
AI Accelerated Quality Scalable AI accelerated test creation for improved quality and faster software delivery.
Test Case Design Generate the smallest set of test cases needed to test complex systems.
Data Subsetting & Cloning Extract the smallest data sets needed for referential integrity and coverage.
API Test Automation Make complex API testing simple, using a visual approach to generate rigorous API tests.
Synthetic Data Generation Generate complete and compliant synthetic data on-demand for every scenario.
Data Allocation Automatically find and make data for every possible test, testing continuously and in parallel.
Requirements Modelling Model complex systems and requirements as complete flowcharts in-sprint.
Data Masking Identify and mask sensitive information across databases and files.
Legacy TDM Replacement Move to a modern test data solution with cutting-edge capabilities.
See how we empower customer success, watch our latest webinars, read our newest eBooks and more.
Events Join the Curiosity team in person or virtually at our upcoming events and conferences.
Blog Discover software quality trends and thought leadership brought to you by the Curiosity team.
Help & Support Find a solution, request expert support and contact Curiosity.
Success Stories Learn how our customers found success with Curiosity's Modeller and Enterprise Test Data.
Documentation Get started with the Curiosity Platform, discover our learning portal and find solutions.
Integrations Explore Modeller's wide range of connections and integrations.
Curiosity are your partners for designing and building complex systems in short sprints!
Meet Our Team Meet our team of world leading experts in software quality and test data.
Our History Explore Curiosity's long history of creating market-defining solutions and success.
Our Mission Discover how we aim to revolutionize the quality and speed of software delivery.
Our Partners Learn about our partners and how we can help you solve your software delivery challenges.
Careers Join our growing team of industry veterans, experts, innovators and specialists.
Press Releases Read the latest Curiosity news and company updates.
Success Stories Learn how our customers found success with Curiosity's Modeller and Enterprise Test Data.
Blog Discover software quality trends and thought leadership brought to you by the Curiosity team.
Contact Us Get in touch with a Curiosity expert or leave us a message.
4 min read
Thomas Pryce 28 February 2020 10:27:21 GMT
I’ve been harping on about GDPR and other recent developments in compliance for years now, and it’s good to see QA organisations are now seriously grappling with compliance as a pressing issue. With each new data breach, and each new study on consumer concern for data privacy, the need to consider data privacy is only re-affirmed. Yet, what I consider to be higher risk practices still remain common in testing, and the latest World Quality Report finds that 60% of organisations still use raw production data in test environments for example.
Below, I’ve gathered together some research and news articles that have come out within the last year or so, each related to GDPR and compliance in some way. The intention is to use fresh data to re-iterates a point already well made by others: the practice of using raw production data in less secure test environments should be examined seriously. It should be scrutinised in terms of security, data breach prevention, and compliance, and only then should it be judged to be “okay”.
I’m no legal expert, and the below represents only my personal interpretation on the importance of recent legislation for testing best practices. However, I hope some of these questions provide some pause for thought. Please feel free to leave your comments on the impact of legislation for QA below, or drop me a direct message.
You might answer ‘yes’ to some or all of the above questions, and some of the most advanced tech organisations can evidently rapidly find and provision user data upon request for example. However, in my view, these questions deserve careful, honest, and ongoing consideration. The stakes are high:
In my experience, several organisations lack the infrastructure or understanding of their complex data to be able to guarantee that they have located every instance of sensitive information in test environments. Extracting and provisioning that data rapidly can likewise be tricky, especially when working with a mixed bag of homegrown techniques. If that sounds familiar, the above questions around Erasure, Portability and Data Minimisation might be particularly pertinent.
The latest World Quality Report also finds that 65% of organisations anonymize at least some of the production data they use in testing, and over half generate synthetic test data. Masking can offer a way to mitigate against many compliance requirements when testing, as well as against the risk of a data breach. However, a few things should be considered when deciding how to create data to provision to test environments:
In other words, synthetic test data generation is a technology that can enable greater security, while also facilitating more rigorous, faster testing. The reality is that few organisations will be able to wholly replace their data with comprehensive synthetic data over night. However, a hybrid approach is possible, gradually replacing production data sources with synthetic or virtualized data streams. This in turn feeds accurate and rigorous testing, often with less likelihood of sensitive data making it to test environments.
What do you think – do these align with your interpretation of current legislation and its relation to testing, and what are the main challenges we’re facing as a community to meet consumer concern for how we use their data or not? Please feel free to drop me an email with your thoughts.
Part one in this article series summarized the shockingly high failure rates for migration projects, identifying data migration as a key area of...
For many organisations, test data “best practices” start and end with compliance. This reflects a tendency to focus on the problem immediately in...
As a result of the constantly evolving environment of global data protection legislation, test data management has become increasingly complex....
Data generation enables organisations to create data of the right variety, density, and volume for different testing and development scenarios, all...
It’s 2024 and the risks associated with poor test data practices show no signs of abating.
If you’re reading this, you’re probably already painfully familiar with the complaints that Curiosity hear from organisations seeking alternatives to...
A glance at industry research from recent years shows that test data remains one of the major bottlenecks to fix in DevOps and CI/CD:
“We mustn’t use live data for testing”. This is the reason why most organizations start to look at superficial solutions to certain challenges that...
Today, many organisations rely on rudimental tools and techniques for creating and managing their test data. These outdated techniques not only...