Blog We love to talk!

Sep Tue

How Is The Data Privacy Of Your Development Tools?

  •  9-22-2015

When Microsoft launched Windows 10, they made data collection mandatory for all users. A telemetry and diagnostic service are included with the updated version and there is no ability for the user to fully opt-out. Since its debut earlier this year, there’s been major pushback. This sparked some discussion in the web development industry about data collection.

Microsoft claims that the data being collected is essential to keeping the product optimal for users. Information included in the data harvest includes how frequent or how long a user accesses certain features and which apps are used most often. There are also customized ads and memory snapshots. Microsoft claims the benefits are future updates that will better enhance and personalize Windows’ user experience. So far, users have resisted and certainly have not been looking forward to finding out how their information will benefit Microsoft.

This was not the first time in recent history a major player had created a frenzy among users. Facebook’s Messenger App had a similar reception when it launched last year. They required all users who wanted to continue using Facebook messages to use the app and accept a number of terms. This set off some major privacy alarms. Ultimately, there was not a significant amount of extra private information being used – but due to language required by Android, it did appear, at least to the average user, that they were being pushed into agreeing to too much.

Are Your Web Development Tools Collecting Data?

More developers have started wondering if other programs they use might be collecting data in ways they cannot opt-out from. Which begs the question; are your web development tools collecting data? The short answer is: they might be.

Third Party Development Tools

If you are using third-party development tools for all, or part, of your cross-browser testing, automated testing or analytics, there is a possibility your data is being collected. Once the information has left your servers, it is hard to control a number of elements. A testing environment using Windows 10 is an easy example of how your data could be collected.

Multiple Layers Of Security Are Needed With Cloud Testing Platforms

While every effort must and is taken by testing platforms that use cloud technology, there are still multiple layers and security points that must be upheld to keep data safe from hackers and collection.

Hosting facilities must be in private environments, with physical security in place for all mobile devices and hardware. Password encryption is necessary, browser histories and caches must be wiped after each use, and virtual machines need to be cleaned of snapshots. Add to this network, VPNs ports and SSH tunnels running to remote desktops and you can clearly see how it is not a small job keeping customer data safe. It takes a village, as they say. Or a great IT team.

Is It Even A Big Deal If Your Data Is Being Collected?

Plenty of developers could easily argue that information used to enhance the user experience is hardly a threat. But what about tools that might be storing other types of data. Does this matter?

It depends on what kind of application or software you are developing. If you are working with protected information, it could be a problem. One example where a developer would not want any information collected would be engineers working on healthcare applications using protected patient information. Patient data is protected under the HIPAA Act of 1996 which keeps personal information private. Another scenario when information must be protected by law is any applications that involve credit card data. Credit card consumer information must be handled to the PCI standard to prevent fraud and identity theft. In both of these situations, there is an obvious need to avoid data collection, of any kind.

How To Guarantee Your Data Is Not Collected When Testing Projects

The best way to keep your data safe and guarantee that there is no outside data collection is simple. If the information never leaves your own network, and you already have security measures in place, such as a great firewall and IS security protocol, you are at a good starting point.

When testing software is running from your hardware and network, you can reduce the chance of a breach and control what data is collected.

With so much focus on protecting privacy, as highlighted by the recent Windows 10 launch, there is an incentive in using web development tools that run on your local hardware. Third-party partners and platforms testing in the cloud may have safeguards in place, but that does not mean data could not be intercepted or recorded. In certain areas of software application development, such as patient sensitive health care information or information dealing with credit card user data, there is an invested interest in keeping this data protected by law.

Luckily there is a cross browser testing solution that runs entirely on your local machine and is therefor PCI and HIPAA compliant out of the box.

No Comments

Leave a Reply

Your email address will not be published.