T 2.26 Lack of, or inadequate, test and release procedures

When new hardware or software is inadequately tested or not tested at all and then released without installation instructions, it is possible that errors in the hardware or software remain undetected or that required installation parameters are ignored or not taken into consideration. The hardware, software, and installation errors not detected due to non-existent or inadequate software testing and release procedures pose a significant threat to IT operations.

When it is assumed that new hardware or software can be installed without any problems, it is often forgotten that the cost of the possible damage is much higher than the cost of implementing proper test and release procedures. Programs or IT systems are tested inadequately and still contain errors when they are integrated into the production environment. Consequently, the errors will have a disruptive effect on operations that were working smoothly up until this point in time.

Examples of such damages are described in the following:

• Programs or program updates cannot be used effectively since more resources (e.g. main memory or processor capacity) than expected are required to obtain an acceptable processing rate. If this is not detected during testing, the result may be a significant waste of investment or possibly even a need to make a significant additional investment. Decisions to save money instead of investing in more resources often resulted in IT systems or applications which had been ordered and paid for but never used.

• The installation of new software significantly impairs the ability of users to perform routine workflows. The benefits expected from installing the program are delayed until much later, because the employees were not trained and/or informed about the new functions available in the program in advance.
• The installation of an update for a standard DBMS software package that contains errors means the database may not be available any more or some data may be lost.
• Some software products install the Microsoft Server Desktop Engine (MSDE) as a database without the user even noticing this. The Microsoft Server Desktop Engine is a version of the Microsoft SQL Server and comes in conjunction with the typical threats posed by a database system. In many cases, the users of the product and the administrators who install the product are not adequately informed of these threats, and they correspondingly fail to implement the necessary security-related safeguards. In most cases when MSDE is used, a user account is created in the database for the administrator that is not provided with any form of password protection in the basic installation. In this manner, an attacker may gain full access to the data, and possibly even to the operating system.
• In a bank, the operating systems of numerous network components were updated. Then, the new version of a package filter blocked the communication port of a rarely used, but extremely important function of the critical database-based trading system. As a consequence, the customers of the bank were no longer able to access the application and use important services. The bank suffered financial damage due to recourse claims.