G DATA Safe Deployment Practices

The former represent a lower risk and are usually downloaded and applied automatically several times a day at regular intervals. We still have systems in place for automated testing and rollbacks to minimize the potential impact on customers.

Program updates on the other hand, have to be applied even more carefully, since this is where software component- and driver updates can be delivered. These updates will be released on a larger timeframe from every few months to once a year.

In development, continuous tests are used that are closely based on typical customer environments, as well as automated end-to-end tests and performance tests to detect problems at the earliest possible stage. The new versions are then rolled out internally in different cycles so that the product can be tested under real conditions. Only when a release candidate shows no issues, it is rolled out to customers in stages, starting with a small scale canary deployment. Distribution then gradually expanded while closely monitoring telemetry and customer feedback. In this phase, key roles are on standby in order to be able to react quickly following predefined escalation processes. This is combined with careful planning to avoid weekends, holidays, and other critical time periods.

In addition, the installation of the updates is customer-controlled and designed to fail gracefully: if the update cannot be installed on a customer machine, the last good state is retained.

Finally, all findings from these steps are incorporated into the planning of the next update, allowing for continuous improvement.