A QA professional can learn a lot from these incidents in building their strategies across all domains.Here are some thoughts that one would do well to think about:
- Identifying new penetration points: Attacks have now changed to the digital social media world which has become one of the largest penetration points for security breaches.
- Changing profiles: Data suggests that criminal profile is constantly changing and includes all genders and backgrounds. In the Atlanta airport case, it were employees of a leading airline with approved background verification. Hence we continuously need to study subject behavior, periodically revalidate and update our test data.
- Innovative data tests: Recent news states, that it is possible to foil biometric fingerprint security by using commercial software and a couple of high resolution photos. This clearly indicates the need to constantly determine new data sources.
- Digital interconnected testing: The management and traceability of any security breach requires sophisticated systems inter-connected with real time data. This is not possible without just in time data simulation tests.
- Real time Synchronization of environments: Sharing intelligence information globally, implying instant synchronization can play a key role in foiling such attacks.
- Adoption of cloud based and virtualization technologies for monitoring: Even if security has a solid data base profiling key potential suspects, there is yet the herculean task of monitoring digital footprint of all suspects, all the time. This can be greatly eased by using cloud infrastructure and virtualization techniques for 24 X 7 monitoring.
- Importance of testing localized integrated systems: In this scenario, testing of security, intelligence, travel, and immigration data across all geographies and channels.