Separation of development, test (homologation) and production environments are important to achieve segregation of functions involved. It is appropriate that the rules for the software development to transfer to a production environments are well defined and documented.

The development and test activities can cause serious problems such as, for example, wholly or partially unauthorized file or system changes. I ought to be rated the level of separation required between the production environment and test and development environments, to prevent operational problems. It is appropriate that a similar separation should also be implemented between development and test functions. In this case, the existence of a reliable and stable environment is needed, in which tests can be performed and which is capable of preventing unauthorized access of personnel development.

development and production environments

When developing and testing staff have access to the production environment, they can introduce untested or unauthorized code, or even change the actual data of the system. In some systems, this capability can be hardly used to implement fraud or introduction of malicious code or not tested. This type of code can cause serious operational problems. The development of staff and in charge of the tests also pose a threat to confidentiality of production information.

The development and testing activities may cause unintended changes to software and information if they share the same computing environment. The separation of resource development, test and operational is this very desirable way to reduce the risk of accidental modification or unauthorized access to operational software and business data. It is recommended that the following controls should be considered:

• What software development and production of software are, whenever possible run on different processors or different domains or directories;
• That the development and testing activities occur separately, as far as possible;
• What compilers, editors and other utilities are not accessible from the production environment, when this is not a necessity;
• that the process of accessing the production environment is different from the access development to reduce the possibility of error. Users should be encouraged to use different passwords for these environments and splash screens display appropriate identification messages.

Finally, it is pertinent that the development of personal passwords to get access to the production environment, and in a controlled manner and only for systems support the production environment. It is also important that controls are used to ensure that such passwords are changed after use.

You might also like…

Do they pay for your system or code?

For all those who develop system and softwares every day at work: Have you ever wondered what makes...

What is Business Intelligence anyways?

Surely you have listened about the expression, “BI” or “Business Intelligence”, the questio...

Scriptcase & Web Services

This time I will explain how to work with web services inside the Scriptcase, directly with PHP and...

You might also like…

Get new posts, resources, offers and more each week.

We will use the information you provide to update you about our Newsletter and Special Offers. You can unsubscribe any time you want by clinck in a link in the footer of any email you receive from us, or by contacting us at sales@scriptcase.net. Learn more about our Privacy Police.