We are running some smoke QTP scripts in our production environment. We give our scripts to the support team and they are executing the scripts on behalf of us. They are using some generic userId and encrypted password. One concern the support people raise is that while running the QTP automation script anyone can pause the script using QTP and chagne the data using the application. Looks like security issue. It can also happen if any application takes lot of time to response then anyone can go to application and chage data through application. Do you have any idea how we can resolve this issue. Thanks for your response.
Well, you can't locked the keyboard/system (see the FAQs for problems with locked keyboards and systems). So if you can't trust people in your own company to not perform evil acts with the systems running automated tests then I think you will need to place execution systems in a locked room.
First issue can be resolved by hiding QTP in background when executing. Second issue can solved if the machine is kept in a secured area. Else you can use what rong suggested (but that too can be a security threat as it might allow some one to hack into the system [img]/images/graemlins/laugh.gif[/img] )