Latest DevOps Opinions
In a world where one data breach is all it takes to destroy a business, only the prepared and vigilant ones that embrace security in their operations will survive.
Yet, for many organisations, successfully integrating security into the software delivery lifecycle is still a huge obstacle. As illustrated in this year’s Puppet’s State of DevOps Report, which revealed that only 22 percent of companies at the highest level of security integration have reached an advanced stage of DevOps maturity. Delivering innovation shouldn’t result in the need to compete head-to-head with safeguarding customer data.
While there is a myriad of security practices and solutions in the market, why is it so hard to integrate security into software development?
Fintech apps are changing users’ relationships with money. Whether your users are freelancers, amateur investors or just trying to gain more control over their finances, fintech apps offer new and innovative ways to move, save, and invest funds.
If you’re a fintech app developer, chances are your users are looking to you to help them make their financial lives easier. Popular apps like Twine help users automatically move money into a savings account to achieve financial goals or build emergency funds, and apps like Steady help string together payments from multiple sources to help paint a detailed picture of a freelancer’s income.
The shift towards cloud native architectures and micro services has accelerated the need to integrate security into DevOps environments.
I’ve seen first-hand how modern architectures have given agile DevOps teams a new and unparalleled velocity to create, release and deploy. But with that boost in speed comes the need to bolster processes and secure application estates.
The traditional handovers for software development are now obsolete. DevOps teams can do them autonomously and are encouraged to do so. Whilst that’s all well and good, as technical leaders we’re obliged to inspect our operations and introduce new methods to ensure pipelines remain secure. Modern checks and balances should automatically detect and reject forbidden changes before they are even applied.
Across the board, the bottleneck-reducing philosophy of DevOps has become the central approach for cloud-native enterprise software development and deployment, ushering in a cultural shift in how processes, code and technology are delivered.
According to 2019 Accelerate: State of DevOps report, companies who get DevOps right deploy 208 times more code, deploy it 106 times as fast and are able to recover 2,604 faster from incidents. This has not stopped DevOps attracting critics, criticisms that I put to Bill Kleyman, EVP of Digital Solutions at Switch.
“DevOps is not about what you do, but what your outcomes are,” said the wise Gene Kim, and we would do well to heed his direction. What he’s urging us to remember is that while DevOps is about enabling a faster speed of working throughout the development process, fundamentally it needs to help in achieving results. Unfortunately, this often gets forgotten in modern-day DevOps practices.
Here are five common mistakes that can occur in DevOps if the end result is not constantly top of mind and how you can avoid falling into these dangerous traps.
On a near daily basis, new articles are published claiming “This is NOT DevOps” and “You don’t get it, DevOps is not about this!” or “This is not how you do continuous delivery,” and so forth.
While well-intentioned and often with a precise mental model in mind, the reality is that these articles are not really helping, but just creating more confusion.