Many firms risk exposing sensitive customer data because they are failing to adequately disguise details when using them in application testing, according to new research by IT management software vendor Compuware.

The report found that nearly 60 per cent of UK companies used actual customer data instead of disguised data to test applications during the development process. This means that information such as employee records, customer account numbers, credit card numbers, and other payment information could be exposed, said Compuware.

Using real customer data during the testing process could expose it to unauthorised sources such as third party developers, consultants or offshore personnel, the firm added.

"By taking a holistic view of an organisations' business processes and looking at the way customer data is used by the applications that support these processes, organisations can start to tackle the problem," explained Compuware's enterprise technology manager, Atul Bhovan. "This analysis can then be used to decide which data should be disguised for use in application testing."