Welcome!

Cloud Security Authors: Pat Romanski, Elizabeth White, David Paquette, Dan Potter, Liz McMillan

Related Topics: @CloudExpo, Java IoT, Microservices Expo, Linux Containers, Containers Expo Blog, Cloud Security

@CloudExpo: Blog Feed Post

API Testing Helps MedicAlert Increase Agility, Extend Services

Acclerating the roll out of secure, reliable APIs

MedicAlert pioneered the use of medical ID products and delivers the most dependable, responsive, and trusted Emergency Identification and Medical Information Network. The nonprofit charity provides the functionality of an e-health information exchange for emergencies through an innovative combination of a unique patient identifier linked to a personal health record and a live 24/7 emergency response service.

medicalertAs MedicAlert continues expanding its role as an innovative provider of healthcare information services, they are leveraging APIs.  To accelerate their ability to roll out new APIs in a secure and effective fashion, MedicAlert has relied on automated API testing software from Parasoft.

With Parasoft, the organization has been able to rapidly manage the functional, regression and load testing challenges associated with its new capabilities and offerings. Parasoft has enabled MedicAlert to automate the testing and validating of new APIs – enabling them to provide new healthcare information services and more rapidly respond to business opportunities.

Challenge: Agility and Scalability on Demand

MedicAlert is focused on enabling members to manage their personal health records (PHR) online while maintaining security, privacy and confidentiality. Its repository of personal health information also facilitates the delivery of critical medical information between patients, providers, payers, and emergency responders. These foundations have enabled the organization to grow by constantly introducing new product offerings such as an RFID-based medical card and a USB- enabled portable information device called E- HealthKEY.

Given the high demands associated with such endeavors, MedicAlert recognized the need to
publish APIs to support its dynamic market plans and objectives. The organization now relies on
these interfaces to support its members’ PHR, which include information about medical conditions
as well as drug prescriptions and other relevant health data.

Considering the sensitive nature and life-saving potential of such information, MedicAlert’s IT organization is under severe pressure to ensure its systems are secure, streamlined and effective. APIs represent an opportunity to roll out new  offerings rapidly, capitalize on reusability, and ensure the systems can scale up to meet the growing demands of members and partners. “APIs are about making your business more agile – being able to rapidly seize new business opportunities,” says Jorge Mercado, Principal Architect for MedicAlert’s Product Development Group.

To be sure, software quality is an essential factor in meeting these objectives – and this fast-moving organization needed a way to address its demanding quality requirements quickly and effectively. “We needed tools to automate our testing processes,” says Natalie Doan, the team’s QA Engineer. “When I joined the group, we had a very manual approach for testing.”

Action: Capitalizing on Parasoft API Testing

After exploring some of the potential API testing solutions, MedicAlert chose API testing with Parasoft SOAtest. “We found SOAtest and we ran with it,” says Doan. “Parasoft support trained us for one week and we were able to take it from there. We quickly saw that the product had a lot of powerful features that would help us automate our testing activities and processes. Parasoft SOAtest was able to support all the latest standards (ex. security and schema validation standards); we were able to test all areas of our APIs.”

Through the use of Parasoft SOAtest, the team is able to efficiently test different endpoints and ensure broad test coverage within this environment. When new updates or modifications are made to an API, Parasoft SOAtest’s regression testing can be employed to ensure that no defects have been introduced and that previously verified functionality continues to operate as expected. “I can quickly ensure that features from the previous version are in place to support the new version,” adds Doan.

Parasoft also brought powerful capabilities in terms of functionality and load testing. It enables the team to test the performance differences on the system between, say, 10 or 100 users simultaneously, updating their personal health record through the services under various scenarios. For instance, Parasoft can test how a user sending a long, data-intensive message impacts a particular API.

Parasoft also helps the group ensure authentication and authorization of data and users are managed properly. However, the key to Parasoft’s value is the range of capabilities it delivers and coverage it enables. “We load test the system from beginning to end,” says Doan. “I couldn’t do that with other testing tools we were using previously.”

Results: Enhanced API Security, Quality and Performance

In recent years, MedicAlert has realized important benefits from Parasoft along three key dimensions: security; quality; and performance.

Parasoft’s support for security is critical to an organization that manages personal health records for its four million members. It relies on Parasoft to ensure authentication and authorization capabilities are performing as expected – whether this requires the team to test SAML assertions or HTTP authentication procedures. With different levels of security support, MedicAlert benefits from Parasoft’s expansive testing capabilities.

In terms of quality, Parasoft’s regression testing capabilities are particularly valued. Doan notes that she can use the same test suites she built two years ago to test new versions of products such as E-HealthKEY, ensuring that all members are continually supported. “When we upgrade to new versions of an API, I can rerun tests and make sure the new API actually supports the previous functionality,” she says. “It’s reliable. It assures me that the functionality is there and working as expected.”

Without such testing capabilities, MedicAlert would run the risk of upsetting its members. APIs might not perform and member data might not be saved or updated properly. “We have to ensure members have an effective experience and that data is there when you need it in an emergency,” Doan adds. “The data must be valid and correct. It must be rapidly and correctly updated. Parasoft helps us ensure these objectives are consistently met.”

Finally, Parasoft supports MedicAlert’s progressive efforts to enhance online performance for its members and partners. Doan explains that the performance of the organization’s APIs was “quite slow” when they initially launched their effort. Updating one’s health record could take as much as a minute to complete. However, through continual testing, iterations and improvement, the team has been able to reduce the time associated with such transactions to less than four seconds.

“We don’t want our members or partners to wait at all,” says Doan. “So we are continually upgrading our services and enhancing the performance of our system to ensure the members have an effective experience.”

Ultimately, automated testing has enhanced the user’s experience online, strengthened relationships with members and partners, and contributed to the agility of MedicAlert. Parasoft’s delivers a “strong return on investment,” says Doan. “We use it on a daily basis for reliability and support throughout our API infrastructure.”

Such capabilities have clearly strengthened the linkages between IT and the business. “Business leaders at MedicAlert want to be able to react quicker and make our APIs more valuable,” says Mercado. “They want to bring on more members at a faster rate. Being able to more rapidly respond to different business opportunities addresses their objectives – and now they realize that APIs can help the organization meet those goals.”

[PAPER] API Testing Business Drivers

Learn about the business drivers behind API testing solution purchase decisions, as well as the opportunities for ROI. This 6-page API Testing Business Drivers paper explains how an automated enterprise-grade API testing solution delivers

  • Reduced costs by reducing testing costs, reducing technical debt, and exposing defects earlier in the SDLC
  • Reduced risks by applying more exhaustive testing techniques, increasing test coverage, and immediately exposing any defects introduced by modifications
  • Increased efficiency by leveraging sophisticated automation and enabling artifact reuse

More Stories By Cynthia Dunlop

Cynthia Dunlop, Lead Technical Writer at Parasoft, authors technical articles, documentation, white papers, case studies, and other marketing communications—currently specializing in service virtualization, API testing, DevOps, and continuous testing. She has also co-authored and ghostwritten several books on software development and testing for Wiley and Wiley-IEEE Press. Dunlop holds a BA from UCLA and an MA from Washington State University.

@ThingsExpo Stories
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
In today's uber-connected, consumer-centric, cloud-enabled, insights-driven, multi-device, global world, the focus of solutions has shifted from the product that is sold to the person who is buying the product or service. Enterprises have rebranded their business around the consumers of their products. The buyer is the person and the focus is not on the offering. The person is connected through multiple devices, wearables, at home, on the road, and in multiple locations, sometimes simultaneously...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is expected in the amount of information being processed, managed, analyzed, and acted upon by enterprise IT. This amazing is not part of some distant future - it is happening today. One report shows a 650% increase in enterprise data by 2020. Other estimates are even higher....
Akana has announced the availability of version 8 of its API Management solution. The Akana Platform provides an end-to-end API Management solution for designing, implementing, securing, managing, monitoring, and publishing APIs. It is available as a SaaS platform, on-premises, and as a hybrid deployment. Version 8 introduces a lot of new functionality, all aimed at offering customers the richest API Management capabilities in a way that is easier than ever for API and app developers to use.
Personalization has long been the holy grail of marketing. Simply stated, communicate the most relevant offer to the right person and you will increase sales. To achieve this, you must understand the individual. Consequently, digital marketers developed many ways to gather and leverage customer information to deliver targeted experiences. In his session at @ThingsExpo, Lou Casal, Founder and Principal Consultant at Practicala, discussed how the Internet of Things (IoT) has accelerated our abil...
With so much going on in this space you could be forgiven for thinking you were always working with yesterday’s technologies. So much change, so quickly. What do you do if you have to build a solution from the ground up that is expected to live in the field for at least 5-10 years? This is the challenge we faced when we looked to refresh our existing 10-year-old custom hardware stack to measure the fullness of trash cans and compactors.
The emerging Internet of Everything creates tremendous new opportunities for customer engagement and business model innovation. However, enterprises must overcome a number of critical challenges to bring these new solutions to market. In his session at @ThingsExpo, Michael Martin, CTO/CIO at nfrastructure, outlined these key challenges and recommended approaches for overcoming them to achieve speed and agility in the design, development and implementation of Internet of Everything solutions wi...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
SYS-CON Events announced today that CDS Global Cloud, an Infrastructure as a Service provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. CDS Global Cloud is an IaaS (Infrastructure as a Service) provider specializing in solutions for e-commerce, internet gaming, online education and other internet applications. With a growing number of data centers and network points around the world, ...
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.