Friday, 18 July 2014

Why do we need Software Testing?

This is an excellent question, and one that regularly gets asked in organisations that have to deliver projects and software. Why can’t the developers just test it? Why can’t the end users test it? Surely anyone can test?

The growth of Software Testing as an industry over the last 20 years is a clear indication of the importance that large and small businesses place on having workable, easy to use software. It is no coincidence that this growth has accelerated as we now use software in everything we do – surfing the internet, in our cars, on our tablets and mobile devices, even typing this blog! So we, as users, should know what good looks like, and what bad looks like…..
We have all had moments when a programme crashes mid-use, data goes missing or when you’re trying to book a holiday and the web site illogically asks you to re-enter all your details again! So, by using these programmes - does this make you a software tester?
Being a software tester is  like being a food critic really – I, personally, have no idea how to make a chocolate soufflĂ© or a fricassee of mung beans and samphire, but I do know whether or not I like the taste. However, food critics have an advanced knowledge of food combinations, an objective and consistent opinion and tend to advocate high quality food. Software Testers are similar – they may not necessarily know how to develop the next Windows or Mac operating system but they will definitely know whether it’s good or not, and their opinion in the market place affects the view of whether it is a successful and popular product or not. It can make or break a version, product or even a company. 
However, even software testing skills are changing. Testers are becoming even more highly skilled and are bridging the gap between development and testing by learning coding techniques. This allows for more automated testing and makes the testing even more efficient and effective. With software becoming ever more sophisticated, the number of test scenarios that can arise from a seemingly simple piece of functionality can be mind boggling and reach the millions - it would take a human tester years to cover every scenario, and even a risk based approach would eat resource and not cover every possible outcome. As a consequence the work of software testers is becoming much more about using clever programmes and a variety of tools to cover as much ground as possible.
We know that we can never test every possible variable - it’s impossible, why else do Microsoft and Apple need updates? Things change and change needs testing. We can however, reduce risk – recent high profile cases in the press like Amazon, highlight the fact that even the slightest mistake can cost a company millions. Data is now one of the main currencies in the world and the Data Protection Act and privacy laws mean that breaches caused by software errors are treated with the highest level of severity and mistakes are not tolerated. Cloud computing, multiple access points and internet forums are all threats to a company’s reputation and balance sheet.
So back to the question – why do we need software testing? The answer is to reduce the risk of external failure. Internal failure such as a defect is fine as we can fix it and deal with it, however if software has an external failure then the world knows and it’s too late. Testers are a different breed, some say pedantic (and they are right) but without them who will check that a button on a website does what it should do and that it doesn’t do what it shouldn’t to the nth degree?
Here at TDX Group we strive to ensure that all our software is tested following industry best practice, the tools we use are cutting edge and the testers we hire are multi-skilled. We reduce risk and think of our customers – they don’t want 300 buttons when one will do! And we will continue to do so because we build our reputation on quality. We strive to reach the impossible goal and dream of the day we can say – you know what? We have managed to test everything. So next time you use a website and you click the submit button think of how much data has been validated, stored, organised, processed and actioned to get that button to work. And of the thousands of tests that will have checked that your date of birth entered is valid and correct, your password and username combination satisfies the criteria and everything just works – that’s because we checked it all.

By Paul Sibley, Software Testing Manager, TDX Group

Thursday, 10 July 2014

Cake, cake, cake

Working at TDX Group can be a challenge, and one of the biggest I’ve faced since joining the TDX Group team is all the goodies that are so regularly on offer to celebrate our success!

June saw the final round of the TDX Group cake bake off – the show-stopper round, and the celebratory afternoon tea. Now, I’m all for celebrating but it comes at a price; my diet app doesn’t like it!

Over the past 10 years I’ve been a slave to my weight. Like many people I’ve been on a range of diets, some successful and some not.  I’m under no illusion and realise that the main blocker to my success is usually me, after all, most diets are simply a controlled way of restricting calorie intake while promoting exercise. The similarity I’d like to draw between dietary habits and information security is that applying them both successful is a tricky balance between control and manageability.

During periods of over-indulgence, I’m without restriction and, quite frankly, anything can happen… Imagine a world where nothing is controlled, colleagues are left to get on with their day without security controls or restrictions. No content filtering to slow down progress, no anti-spam software to get in the way of legitimate emails that sometimes get blocked, no policies, procedural controls or anti-virus, etc. Viruses would quickly and easily get into the network, information would soon get lost or become compromised and our business would fall over; the weight gets piled on.

At the other end of the scale you could imagine something from Mission Impossible; security through ultimate control.  To access a system you enter a fort by passing through a guarded barrier with a photo ID proximity pass, you move on to another secure door with retina or fingerprint scanning, and then through a final secure door with a key-coded lock. Once inside you access a standalone system with no internet or network connectivity and use multi-factor authentication to log on to a PC which doesn’t permit removable media.  Nice and secure and there are no ways for a virus to get in, or data to get out, but the day job is impossible and the user will soon start to look for cheats and workarounds. Those 500 calorie a day diets have such strict controls in place that it seems impossible to stick to them while retaining your sanity; losing weight is guaranteed, but it’s unfeasible as a long term solution.

So, we apply a risk managed approach which compares what colleagues want to do against the long term risk of them doing it; too much control and they can’t work effectively and look for insecure alternatives, too little and things start to fall over…

My best dieting successes have come from a blend of control and balance; everything in moderation.  Losing control and having that big slice of cake won’t help with weight loss, and watching everyone eat while you stay in ultimate control may well send you crazy, but just a small slice will keep you happy and is unlikely to scupper the long term plan.

By Vicky Clayton – Information Security Officer, TDX Group
 

Wednesday, 2 July 2014

Looking good? The importance of design in Management Information

I have already talked about the principles behind making great Management Information (MI) but there is one final area that is often overlooked, despite being the most obvious: design. Truly great MI has to be well designed in order to have a real impact and to be really appreciated within a business.
Nowadays there is an ever-evolving love affair with data visualisation. Some see it as an opportunity to bring data and analysis to a wider audience through more relatable visuals whilst others see it as an art form in itself. However, data visualisation for me should do one of two things, either tell a story or bring a complex data set to life.

You will probably have seen infographics that tell a story, usually breaking down a topic to its key facts and broader implications to make for an engaging read, such as this gem on ‘Documents’. Infographics do have their use within a business however they are most powerful as marketing tools and a way of engaging with clients both new and existing. Turning complex data into a visual that makes instant sense is a difficult thing to do, as anyone who has ever tried to represent a large data set in Excel will know. Take for example this chart which shows the connections and activity of Facebook users across the globe . By transposing the data onto a familiar image (the earth) and representing activity through the neon lines we can easily relate to the data and instantly pick out interesting talking points such as China, South America and Africa. Not only is it functional, it is also beautiful, and I am a great believer in spending time on designing charts to both look good and be useful, it makes explaining them much easier.

In my time as a Consultant and as an Analyst at TDX Group I have put together many reports and MI dashboards, and have always been willing to put the extra time and effort in to making their appearance as good as their content. In a recent project I presented some example MI in the client’s branding, which enabled them to relate to the examples in a more meaningful way. Then the discussion could focus more on the concepts of building an MI suite as opposed to focussing on explaining unfamiliar examples.

I have also found that spending the time to make a chart look right has a great impact on how it is received. The biggest challenge is usually finding the best way to represent the relationships between data points and how they affect one another - the message is often lost when each point has its own visual but when combined into one chart it can change the conversation.

To me the design elements are just as crucial as getting the KPIs and the data correct. The design is often what will enable your MI to be read and understood on a wider scale. A well-designed MI suite reflects a knowledge and understanding of the business that gives confidence to those who rely on it on a daily basis.
By Stephen Hallam, Consultant, TDX Group