Fiserv is a global leader in financial services technology solutions. It provides integrated technology and services solutions that enable best-in-class results for its 13,000 clients in more than 80 countries.
Delivering business-critical communications to customers accurately, on time, and with relevant information is essential for customer satisfaction and retention. Output Solutions from Fiserv can help leverage business-critical communications to reduce costs, increase revenue, and improve customer satisfaction and loyalty. It delivers complete turnkey business communication solutions for a range of industries. Its services include billing, card creation, statements, tax forms, etc.
As part of a highly regulated industry, Fiserv is regularly audited on its security practices, as Jeff Long, Senior Release Engineer for Fiserv, explains: “Back in 2006 we were in danger of failing our audits because we had no structured source code control system, which was a weak link in our development processes. Our clients are large financial institutions and we needed to be able to demonstrate compliance to the same security regulations which they themselves are subject to. We had an in-house code manager which was used for our card creation system. This worked to an extent, but when MasterCard and Visa imposed stricter security requirements on us, we found we couldn’t use this anymore. The mandate was really to be as hands-off as possible when it comes to source code, so we needed to find a solution which would let us automate the source code control process.”
Market research found that Micro Focus AccuRev, a software configuration management tool that addresses complex parallel and distributed development environments, would be a good match for Fiserv. AccuRev uses a stream-based architecture which reduces time and manual work often found with traditional code branching and merging. Streams understand relationships with other streams. This means less impact to manual merging as code-configurations are instantly inherited, which was just what Fiserv wanted, as Long explains: “We store all our source code in AccuRev. We move it up through streams and I then take the actual code and promote it into production libraries. This process ensures our compliance at all times.”
Fiserv doesn’t run a traditional, periodic, software release schedule, but has instead developed an automated continuous development process, where different groups receive change requests, compile them, work them through development, and change managers such as Long then push the code into the production system. Overall, AccuRev has 150 users across the organization.
AccuRev came into its own just recently, as Long comments: “We unfortunately experienced a code failure which hadn’t been identified in testing and was now causing problems in a client’s production environment. Without AccuRev we would have had to execute a complete code recompile to try and work out where the problem was. A complex and time-consuming task that we really don’t want to embark on when we have strict SLA commitments to meet with our clients. Thankfully we were able to roll-back a version, using AccuRev, and we were up and running again in no time.”
AccuRev gives Fiserv a hands-off source code control process which meets the increasingly strict security requirements Fiserv needs to comply with. Long says: “Right now, we use AccuRev in a limited way, but it’s becoming apparent that our system code really needs to be locked down for manual intervention to meet security regulations. AccuRev has a very valid role to play here and we can see new ways of leveraging its functionality to our benefit.”
He concludes: “Having AccuRev as our structured source code control system has enabled us to be fully compliant with industry regulations and it has given us a rapid response mechanism when code problems occur in a production environment.”
