Yearly Archives: Knowledge CenterSeptember 2019

Building Re-Usability in Software Testing

Building Re-Usability in Software Testing

building-re-usability-in-software-testing

Have you ever wondered about where and how to kickstart your testing process for a new project or in new situations, effectively and without delays? Would you like to cut down your time spent on creating tests and allocate more time to run the tests and take on tasks of additional value such as exploratory testing? Why re-invent the same thing when it is not required?

Re-usability in software testing can save you the time and effort from repetitive tasks of test creation and its execution. You can easily achieve test and application stability by leveraging the work you have already done in the past, with a little smartness upfront.

In today’s fast-paced world where there is a constant need to build software effectively, all disciplines are constantly on the look-out to maximize their productivity and minimize re-work. One of the buzz words amongst all of them is “Re-usability”.

This blog discusses how to build re-usability in software testing, to help reduce the total cost of quality and maximize the return on investment (ROI) made.

Re-usability, as complex as it may sound, is something that can be introduced at various levels. We have heard of teams talking about re-usable frameworks, especially in Test Automation efforts.

While it makes total sense to do so, re-usability really should and could be built in, in all facets of Software Testing. I’ve outlined a possible set of such areas, in the checklist below, which itself is a re-usable artefact.

Recommended: Cross Platform Testing – Changing Times

Test Cases

While designing test cases, churn out generic test cases for some of the core areas of your work, like the ones outlined below, to reuse them at subsequent stages – bucketize test cases based on:

  • Test attributes – UI, Functionality, Performance, Security, Globalization, Accessibility and Usability among others.
  • Domain-specific compliances – BFSI, Health Care, Education, Mobile
  • Technology – eCommerce, mobile, RIA

Test Automation Frameworks and Code

Build frameworks that are modular and can be easily reused. Test automation, although very valuable, is often a very expensive effort where the ROI becomes questionable. This is primarily because of changing product functionality which may invalidate the test scenario at hand.

While this challenge is often beyond the scope of the test team to control, the situation gets doubly complicated, when poor test automation code is generated.

By poor test automation strategy and code, I mean the choice of cases that don’t add a lot of value when automated, huge chunks of repetitive code that is written, code that gets very cumbersome to read through, review and maintain.

An answer to all this is to modularize test automation code and create frameworks to handle repetitive functionality. For e.g. code to sign in/sign out could be easily separated and handled in a separate module to be reused as and when required.

Must Visit: Top Five Tips To Effective Test Automation

Test Data

This area offers a lot of scope to build re-usability and is also one where a lot of time is often expended during the testing cycle. Spend the extra time up front to decide what kind of reusable data can be created. Some examples include user accounts, user profile information and payment instruments among others.

Test Infrastructure

To ease the tester’s job in setting up test infrastructure, there are a lot of external options available lately such as leveraging machines on the cloud, Virtual Private Cloud (VPC), Infrastructure as a service (IaaS).

Besides these, if your test bed setup is such that you need to maintain it in-house, explore options to build re-usability such as creating images, downloaded copies of the software for easy access and use among others.

Test Team – Core go-to Members

Investing in reusable/go to people in specialized areas is often the best investment a company can make. Identify a pool of experts for specific domains, test attributes and continue to provide them the required training and resources to empower them to succeed.

Their success is your success, in terms of differentiators that you build for your company. This does not mean that access to resources is restricted to a select few in the company.

You have just created a talent pool which is mutually enriching viz. a ) benefiting your company in terms of business and b) motivating your experts intellectually and your other engineers to strive to join such a special group.

Re-usability in this space is often not prioritized in various companies owing to time, budget and attrition constraints. However, given the strong benefits that exist in this space, this is an area that deserves maximum push to inject re-usability into.

Training / Ramp Up Documents / Knowledge Artefacts

Create knowledge base articles, best practices, checklists, important workarounds along the way, as your team learns something new. Such articles should be precise, crisp and useful for subsequent reference, and not merely an overhead to the team.

Test Templates

A sample set of such templates, which can be created for periodic use include: Status reports, Bug reports, Result dashboards, Project plans, Test plans, Test cases, Review guidelines, Release / Sign off mailers.

Mailers

For events such as bug bashes, beta testing, collecting user feedback, a standard set of template will boost re-usability

Test Demos

Demos and presentations can often be very time consuming to create, however, they are very important in the course of product development. Templatize the flow and script as much as possible, which will help you do your test demos on time and without fail.

Besides the above, always be on the lookout for repetitive/monotonous tasks that can be easily automated to alleviate the test team’s overhead. Such tasks are often excellent candidates to infuse re-usability into, when automated.

In our company, for example, our testers had to go through the manual task of converting hard copies of documents into XMLs as we deal with a lot of content conversion work. We soon recognized there is potential for automating this process such that this utility can be easily reused. We quickly put together a spot team to get this job done, and to this day, use this utility, which has saved a lot of our tester cycles, giving them time to focus on more challenging tasks.

Reuse in Test Case Generation

You can describe the test cases in UML which has been standardized by Object Management Group (OMG). One can leverage OMG to create standardized test cases that can be reused efficiently. Aside, you can easily design the next generation of test cases using UML. It would help in easy testing of features by leveraging UML design.

Reuse in Execution

Test procedure specification document is filled up while executing the test cases. It also mentions all the specific requirements for setting up the test environment, procedure and format to report accurate results of testing and measurement. One can always reuse the data of this document for applications from identical domains.

Reuse in Error Detection and Removal

A test summary report is used to document the summary of the entire test case. The data includes the total number of test cases executed, nature & number of errors, and collection of data to gauge outcomes and SLAs. Testers can reuse this test summary report within the domain or at the project level.

Reuse in Review of Testing Process

Test deliverables are always evaluated through a formal review process to identify the quality of testing and whether the entire process has adhered to the test plan or not. Testers can resue the formal process of reviewing the testing process. Not following the formal review process might cause discrepancies and quality issues in the testing of the software.

Key Benefits in Enabling Re-Usability

  • Shorter time-to-market
  • Enhanced cost-efficiency
  • Seamless quality
  • More dependable and reliable testing
  • Meet compliance with the previous work
  • Lower maintenance cost

Conclusion

When you plan effectively and invest upfront to build the right levels of re-usability in the above areas, you have automatically created more room for your testers, to spend their cycles on more creative and challenging areas of the test, directing the human brain to more important tasks .

This combination of automated test tasks + out-of-box test scenarios, go a long way in building a product of great quality, within budgeted costs and time However one word of caution to be applied is to ensure, the team does not become a stickler for following processes to the “T” in the name of re-usability especially for templates to be used and reviews to be conducted. A good balance in re-using data, process, information and customizing reusability in software testing then talk to our experts them to the current needs is important, to reap the true value from this effort.

If you are still confused about building reusability in software testing then talk to our experts. We can help you achieve efficient results in QA and software testing.

Best Practices to Ensure Healthcare Mobile App Security

Best Practices to Ensure Healthcare Mobile App Security

Healthcare Mobile Application Security Services

Healthcare mobile app market has risen exponentially over the years. More than 3,18,000 mobile apps are now live on different app stores and over 200 new apps are being added daily.

The trend is expected to grow even faster with increasing innovation and more enterprises taking the digital route. The convenience of sharing care workflows, enhanced efficiency of practitioners and easy access to data are encouraging providers to give access to health records. Per Goldman Sachs, the digital healthcare revolution with appropriate mobile app security features could save over $300 billion just in America.

However, an increase in the number of healthcare mobile applications is also posing a severe data security issue. IT departments are struggling to keep the data safe while complying with HIPPA – this issue is further deepned when the devices are owned by third parties.

How Severe is the Issue?

Smartphones are online 24*7, in most cases. And mobile devices lack the basic safety net of a computer including firewalls, anti-spam and malware protection.

A data breach will not only leak personal data of patients but it also makes the healthcare organization liable to criminal charges and hefty monetary fines. It has become nearly impossible for enterprises to keep the devices in secure hands. Some of the core challenges herein include:

  • Unwanted access to device and data in the event of loss and theft
  • Difficult to ensure regulatory compliance sanctity
  • Illegal access to healthcare data present on the cloud
  • No or limited lifecycle control over data and devices.
  • Mobile phishing or illegal access through malicious mobile apps

The failure to ensure ironclad data security could lead to unencrypted data losses at a median cost of $147,485 per lapse.

Hence, it has become imperative for healthcare providers to share the right information in a secure manner. Here are a few key steps you can take to ensure end-to-end data security:

Secure the Devices

Unauthorized access can lead to treacherous consequences for service providers. It is essential to put all the devices in or outside of healthcare under the safety net of passcode and biometrics. An efficient lock mechanism will ensure the prevention of illegal access to healthcare data.

Implementation of remote lock and wiping capabilities can help in controlling the fate of the device and data in case of theft. Loss or espionage. GPS tracking capabilities can help in locating and recovering the devices.

Data Encryption

Whatever data is accessed, is stored remotely in a server placed somewhere behind the security of firewalls. However, even the wireless flow of unencrypted data is not secured. As a precaution, it is essential to encrypt the sensitive health data of patients while in motion or at rest. This healthcare mobile application best practice will help plug any data leakage while meeting compliances.

Secured Mobile Application

The risk of intrusion can be prevented through cutting edge mHealth app testing. It will help in identifying bugs and security threats. Data security testing, network security and penetration testing are some of the techniques you can rely on to ensure efficient data security.

Periodic update of mHealth applications helps in plugging loopholes and enhancing mobile app security features on an ongoing basis. This will help in preventing hackers from targeting the loose ends of your mHealth app for a longer period of time.

Save from Other Mobile Applications

It is the IT department’s biggest challenge to keep personal data and applications away from the devices of healthcare professionals. Providers often end up using their devices for personal use which makes them vulnerable to external data threats.

It is essential to restrict users who are using mHealth mobile apps to keep the data protected. As a result, several Fortune 500 enterprises and hospitals have implemented the app and data containment policy. This is executed by running the mHealth application separately to prevent unauthorized access to healthcare data. This preventive wall between personal and patient data ensures reliable data security.

Access to Trusted Apps

Mobile applications present on Google Playstore or iOS App store are not necessarily secured by end-to-end encryption. mHealth developers need to collaborate with relevant app owners to make sure data encryption is enabled.

But why is it done in the first place? It is done to help providers carry on personal tasks too while on these these apps, providing both flexibility and data security.

Like desktop and laptop users, mobile devices should also be provided with access control features. This will allow only authorized providers to gain access to patient data. Additionally only IT should get the right to audit or manage the permissions of users.

Install Security Software

Hackers and viruses can enter mobile devices as easily as they do on computers. Make sure that the device of every provider is equipped with internet security software. It will help in preventing the installation of hazardous apps and malware from entering the healthcare network.

Data Usage Control

Implementation of data usage control not only helps in access control or monitoring; it blocks the suspicious usage of patient data in real-time. Healthcare organizations can leverage this feature to prevent users from executing specific actions including uploading on the internet, unauthorized email conversation, copying the data to external hard disk and printing among others.

Besides, data discovery and classification can be attached with data usage control to ensure sensitive data is identified and prevented from unauthorized use.

Security of Third-party Stakeholders

Several small and midsize healthcare organizations are leveraging the benefits of cloud computing. It offers technology similar to what bigger enterprises are using but at a fraction of the actual cost. Cloud-based solutions have lowered the massive upfront cost of deploying or upgrading the IT infrastructure.

However, this arrangement puts your data in hands of the third party. Hence, it becomes even more important to access and monitor the security of your patient data. mHealth app owners should demand billing verification and the amount of time spent on the company’s server.

Upgrade Tools

Exchange of data can happen through any medium including emails, USB, hard copies and social media. Healthcare enterprises should upgrade their IT infrastructure to cover every touchpoint through which data can be leaked.

Data breaches are more likely to happen if you have an outdated and vulnerable IT setup.

Educate and Implement Strong Policies

One of the best ways to ensure data security is by educating the end-user about the proper use of mobile devices and apps. The implementation of a clear policy framework eliminates grey areas in a BYOD environment.

Here are a few points which you can implement as a part of your policy framework:

  • Implementation of passcode gated data
  • Application containment for mHealth applications
  • Immediate notification to the relevant groups (in most cases the IT department) in the event of theft or loss of device
  • No sideloading of mHealth apps
  • Prohibit the local storage of Protected Health Information (PHI) on devices of providers

Conclusion

The healthcare industry has been suffering from data breaches for a long time. Increasing cases have cost millions of dollars to healthcare enterprises. From hackers stealing the protected identity of patients to providers viewing the details of patients without proper authorization; data breach is happening all over the world.

Aside from losing millions for failing to meet the compliance, cases of the data breach could cost the reputation of your organization as well. With new mobile devices entering your healthcare eco-systems on a regular basis, it is essential to safeguard patient data against potential threats.

Get in touch with us to have access to cutting-edge mHealth application testing services and reduce your data security threats.