Limitations of the Cloud: Why Local Devices are Sometimes Better for Software Testing

Test clouds don't cut it in contexts involving special security or compliance considerations.

Software Testing

We’re living in the age of the cloud, and cloud-based solutions often seem to be the best way to meet IT requirements. That’s certainly true in the realm of mobile software testing, where businesses routinely turn device clouds – meaning collections of mobile devices that developers can connect to remotely to run tests – to gain access to the devices they need to test their software on.

Sometimes, though, cloud-based testing isn’t ideal. Testing using local or on-premises devices is better because it’s more secure, it simplifies compliance requirements or both.

To prove the point, let’s look at two use cases for local device testing that remain as important as ever, even in today’s cloud-centric world.

Local device testing for finance

In the finance industry, security and data privacy are paramount. That means, among other things, that developers and Quality Assurance (QA) teams are often wary of connecting their software development environments to third-party testing clouds. Doing so would require them to expose their backend systems – and, potentially, private data – to infrastructure owned by someone else. And no matter how much they may trust device cloud providers, it’s just hard to justify the security risks of connecting to third-party testing platforms when there is an alternate solution.

The alternate solution is to set up testing environments where both the devices and the testing software operate solely within a finance business’s own IT estate. This approach makes it possible to disconnect tests from the Internet completely, which virtually eliminates concerns related to security and data privacy.

Importantly, local testing for finance businesses doesn’t mean that the companies have to acquire all of the devices they need for testing purposes on their own. They can obtain them from a testing device platform that supports local testing by providing businesses with unmodified devices on demand. The businesses can then deploy the devices within their own IT environments and run their tests on them. That way, companies have easy access to whichever devices they need to support while still enjoying the security of local testing.

As businesses in the finance sector become ever more wary of security risks while simultaneously expanding their use of mobile software, local device testing provides a means of squaring the circle between expansive device coverage and high-security needs.

Using on-premises devices for testing healthcare apps

A second compelling use case for running tests on devices that are deployed locally involves healthcare apps. In this context, the impetus behind on-premises testing isn’t about security as much as ensuring that tests reliably surface all potential software problems before the software is deployed for actual end-users.

That’s important because bugs in many of the mobile apps that healthcare companies use today could literally have a life-or-death impact. Consider, for instance, pacemaker monitors that connect to mobile phones to transmit patient data to healthcare providers. If these apps don’t perform reliably, they could generate erroneous data, leading healthcare providers to make decisions that harm patients. Or they could simply fail to work at all due to issues like an incompatibility between an app and a particular kind of smartphone, leaving doctors without critical information they need to treat patients.

Plus, because devices like pacemaker monitors are designed to be used by patients in their homes, there is typically no professional IT staff on hand to oversee proper use of the devices or to troubleshoot problems. The developers of apps that connect to these devices need to be 100 percent sure that the apps work as they’re supposed to without expert supervision.

To meet this high standard, app development teams need to be able to test healthcare software under conditions that fully simulate real-world use. And for that, they require the ability to deploy devices locally and connect them to monitors, just as patients would when using the monitors in the real world. Developers can’t use cloud-based testing for this purpose because it doesn’t emulate actual usage conditions well enough.

The fact that testing teams need to be able to demonstrate thorough test coverage is another factor to consider. Healthcare industry regulators like the F.D.A., which defines specific requirements for software testing, can demand that businesses deliver test logs to prove that their apps successfully passed the tests necessary to guarantee effective functionality. In a testing cloud, businesses may not have access to all of the necessary evidence to demonstrate this type of testing compliance because they lack direct access to test devices. But on-premises, they have full control and a complete ability to compile the evidence necessary to demonstrate compliance with testing requirements.


To be clear, there is nothing wrong at all with cloud-based mobile testing. For many testing use cases, running some or all tests on device clouds is the simplest and most efficient way to achieve maximum test coverage.

But in contexts that involve special security or compliance considerations, such as testing for finance and healthcare apps, test clouds don’t cut it. Businesses need the ability to run tests on local devices within their own IT environments. The cloud is great, but it has its limitations, and many modern testing strategies are incomplete if they depend on cloud-based test infrastructure alone.

Frank Moyer, CTO, Kobiton

CTO of Kobiton