Safe Deployment Practices (SDP)

Effective date: 04/11/2025
Title
Safe Deployment Policy for Software Updates
Owner
Engineering and Release Management
Effective Date
04/11/2025
Version
1.0
Review Cycle
Annual or Post-Incident

1. Purpose

This Safe Deployment Practices (SDP) policy outlines the standard process for deploying software updates and new versions at PC Matic. The goal is to ensure each release is safe, stable, and minimally disruptive to end users by using a structured, phased rollout approach.

2. Scope

This policy applies to all software products and updates released by PC Matic, including consumer (home) and business (B2B) platforms. It involves the Engineering, QA (Quality Assurance), Customer Support, and Product Management teams.

3. Deployment Strategy: Staged Rollouts

PC Matic uses Staged Rollouts — a phased and gradual deployment model designed to identify and mitigate issues early in the release process. Deployment proceeds through the following controlled stages:

Step 1: Internal Testing

  • The QA/Test department performs comprehensive testing on the new version in a controlled lab environment.
  • Testing includes functional verification, regression tests, security checks, and performance benchmarking.
  • Any critical bugs must be resolved before proceeding to the next phase.

Step 2: Release to Testers

  • The version is released to a limited set of 15 test machines:
    • Approximately 50% are internal machines used by PC Matic employees.
    • Approximately 50% are select external customer devices enrolled in the testing program.
  • SuperShield logs are collected and reviewed to identify anomalies or unintended behaviors.

Step 3: Minor Release (20% Home Users)

  • The version is released to approximately 20% of PC Matic’s home user base.
  • System health and user experience data are monitored closely.
  • SuperShield logs are sampled and reviewed for error patterns or performance issues.
  • Any problems identified at this stage will halt further rollout until resolved.

Step 4: Full Home Release

  • The version is released to 100% of the home user population.
  • Continued monitoring of SuperShield logs ensures issue detection remains proactive.
  • Support teams are alerted to any increase in incidents or feedback from end users.

Step 5: B2B Release

  • The new version is released to all business (B2B) customers.
  • This final stage occurs only after successful deployment across the home user base.
  • Additional logs are monitored and any anomalies are escalated promptly to Engineering.

4. Monitoring and Feedback

At each stage, the following feedback mechanisms are employed:

  • SuperShield Log Review: Automated and manual inspection for critical errors, failed detections, or performance degradation.
  • User Feedback: Reports from internal testers, support tickets, or customer channels.
  • Automated Alerts: Infrastructure and system monitors alert the Release and QA teams of unusual behaviors or increased crash rates.

5. Rollback and Contingency Plan

If any critical issue is identified during a rollout phase:

  • The deployment is immediately paused.
  • A rollback to the previous stable version is initiated where applicable.
  • An incident response and root cause analysis (RCA) is performed by the Engineering and QA teams before resuming deployment.

6. Compliance and Review

  • All teams involved in software deployment must adhere to this policy.
  • The policy is reviewed every year or following any deployment-related incident.
  • Updates to this policy are approved by the Release Management Lead and Director of Engineering.