Protecting Yourself from Common Security Shortfalls

QASource | December 15, 2015

Protecting Yourself from Common Security Shortfalls

Cyber attacks and other forms of malicious hacking are becoming more and more common. Because the exchange of login credentials and the transfer of precious data is often necessary when engaging with an outsourced QA team, strict security measures must be in place to ensure that there is no risk of a breach. A good QA partner ensures that your application's code is safe, secure, and strongly protected at all stages of testing. Though most organizations are vigilant and have strong security implemented to cover the major points of risk, there are some commonly overlooked areas that should not be neglected. In this post, we look at the damaging effect of poor security and the solutions that will prevent it.

Effects of insufficient security at personal and enterprise levels:

  • Introduction and spread of malware and other viruses. Malware can spread easily if proper security measures are not in place for email systems and other points of access requiring credentials or user authentication. Once the malware or virus is introduced, it can spread across personal systems and on to enterprise servers and networks.
  • Lost productivity. Though it seems like a small problem, the time lost to screening and deleting spam email messages can add up quickly, resulting in a huge loss of engineer productivity. Over time, this can become a drain on budgets and result in delayed project completion.
  • Loss of confidential data. This is the major problem that all organizations dread. When application security is weak, sensitive information like credit card numbers, financial data, medical history, and other aspects of user profiles can be stolen, reproduced, and sold. This can have a massive negative impact on the company's public perception and future success. Learn more about the vital role of security testing in healthcare applications.
  • Legal repercussions. Poor email security is more dangerous than you might think. If a hacker gains access to your domain and sends out fraudulent email messages, your organization can be held accountable legally--the same may be true for your application, depending on the industry it serves. This can result in multi-million dollar penalties and a tarnished public image.

Solutions for increasing security:

Engaging with a QA partner that has a proven track record of security is the best way to ensure that your code, user data, and reputation all remain protected. There are also solutions that you can enact at a personal and enterprise level:

  • Use strong passwords and rotate them often
  • Implement strong spam filters and choose exceptions wisely
  • Implement strong antivirus and anti-malware services and ensure that they are updated frequently
  • Enable server-level email encryption and manage settings as needed
  • Enable email attachment scanners and manage settings as needed

What else can an organization do to ensure that their product and public image remains safe? What else can a QA partner do to ensure the same? Leave your comment below and join the discussion! For more premium content like this, be sure to follow QASource on Facebook and LinkedIn.


This publication is for informational purposes only, and nothing contained in it should be considered legal advice. We expressly disclaim any warranty or responsibility for damages arising out of this information and encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials.