Meet Amdocs Testing
Data privacy and security are in the news these days a lot, with many news stories recounting incidents of high-profile breaches exposing sensitive personal information, and leaving experts to question what they could have done differently to prevent leakage, detect potential vulnerabilities and avoid similar disasters in the future. To harmonize the way businesses approach data privacy, governments around the globe are enacting new regulations on how to safeguard personal data and what measures to take in case of a data breach. One such law, the EU General Data Protection Regulation (GDPR), is set to go into full affect in May of 2018, with heavy fines levied against non-compliant organizations. I sat down with Zohar Yaron, Regional Solutions Sales Lead at Amdocs, to talk about how GDRP and similar regulations affect how companies deal with their test data, and what services Amdocs can offer to help our customers ensure compliance and protect their subscribers’ data.
Pamella Admoni: What is your current role at Amdocs?
Zohar Yaron: For the past three years, since I have returned from the U.S. to Israel, I have worked as a Strategic Testing Consulting Architect and Global Sales Support Director. Prior to that, I was involved with project delivery for Amdocs Testing, I was the Regional Lead for the North American region for over seven years, so basically my whole 20 year career with Amdocs has been about testing and quality. My role today focuses on identifying new business opportunities and promoting Amdocs Testing Services in the European region.
Pam: How are European companies reacting to the deadline for GDRP compliance approaching in less than a year?
Zohar: The new regulation will have a significant impact on our European customers. Unfortunately, we are often seeing that many companies are not yet prepared for GDRP, and are not even fully aware of how the new laws and rules are going to affect them. As the compliance enforcement date draws nearer, companies begin to realize the urgency of the situation, rush to understand the new requirements for data security, and try to put in place a process for handling sensitive data during testing.
I frequently run into situations where we meet with customers to discuss general testing, and when we bring up the topic of compliance, test data management and security, it becomes apparent that they are a long way from being ready. Many customers would tell me that they expect their testers and test managers to find ways to generate and provision test environments and all the data needed for their testing process. We can see that they struggle with the issue of moving data from production to non-production environments, and with the requirement to mask the data in order to protect sensitive and personally identifiable information. The process of extracting and scrubbing data is often extremely time consuming and costly, taking weeks to complete and costing companies millions of dollars. What’s worse, is that at the end, despite all these efforts, there’s absolutely no guarantee that the data is consistent, of high quality, and suitable for testing.
Pam: What does Amdocs have to offer to these companies to help them comply with data privacy and security requirements?
Zohar: Amdocs has developed a complete framework for data management, combining best-of-breed third-party tools with our in-house solutions that can be catered to each customer’s specific requirements. We solve the test data challenge by integrating data management into the overall testing process, which is supported by our BEAT framework. This is especially relevant in the context of DevOps and Continuous Testing/Continuous Integration practices. The main goal of DevOps and CI is to reduce time to market, which cannot be achieved without high quality test data and readily available non-production environments. We work with our customers to build self-service cloud-based portals from which testers can provision test environments and prepare test data. This integrated approach to treating test data management as part of the greater portfolio of testing services is key to supporting our customers’ compliance, shift-left, DevOps, Agile, and Digital Testing initiatives.
Pam: How do you make sure that the data you use for testing is accurately mimicking production data?
Zohar: Once again, it is essential to approach test data management as part of an overall testing methodology. In DevOps, for example, it is important that each piece of functionality that’s delivered during the release can be tested. In order to identify testable features, testers need to have a good understanding of the business requirements and key transactions supported by the application. When Amdocs works with a customer, we bring in a solutions architect, who becomes a part of the DevOps team. By doing that, we can define testable features and have specifications for test data and test environments from the start – from the architecting and scoping phases. When testing starts, all these requirements are already in place, and we know what type of data we are going to need to certify each release. For example, to test application functionality specific to residential customer payment options, the data management solution can be configured to extract and prepare data that meets specific parameters and attributes of a residential user.
Pam: Can you use data straight from production? What if you need data that’s not yet available? Can you generate it artificially?
Zohar: Raw production data may be the most accurate, but it’s usually not an option for testing, as it contains sensitive information that should not be exposed. On the other hand, using only data that’s not derived from a production environment is also very risky, as it may not accurately represent transaction flows and values. The ideal solution is to have non-production data be as close as possible to the real values, but in situations where such data cannot be obtained, it can be supplemented with test data that’s artificially generated based on specific criteria. Such hybrid solution allows you to test the application to the full extent and cover all key business processes and flows.
Pam: What are the steps that a customer has to go through to engage with Amdocs in the area of data management and compliance?
Zohar: As with most testing engagements, we typically start with an introduction meeting and a presentation of our unique capabilities in this area, followed by a demonstration of our data management tools and solutions. Once the customer sees that we can offer a solution that they are looking for, we usually do a Proof of Concept. A successful POC requires that Amdocs is given access to the right data and environments, and we work together with the customer to identify specific use cases, success criteria, monitoring requirements, reporting and other essential elements. Following a successful POC, which typically lasts 1-2 weeks, we expand our services to a specific project or the entire workflow in the organization.
Pam: Does a data management framework offer benefits besides ensuring compliance?
Zohar: Absolutely. There’s significant value around data management as it relates to time to market, application quality and cost. Instead of investing time and resources into a twice-yearly data extract, companies who implement a data management tool can provision data on-demand on an ongoing basis, generating fresh, relevant data every time they need it, without having to put their testing on hold. The benefit in terms of cost, quality and time is quite clear.
To learn more about Amdocs Testing services for data management, e-mail us at AmdocsTestMarketing@amdocs.com