How to Overcome the Three Obstructions in a DevOps Environment?
Since the inception of DevOps, it has been addressed as one of the most debated subjects in IT circles. Some consider it a marketing fad, while others believe that it is here to transform the business sector. DevOps has evolved from a methodology that brings together the developers and operations team together into a strategy for processing an entire business into a single operational entity. However, there is an ongoing war amid the software developers and security teams.
But DevOps is helping to break the barriers amid the software developers and security teams and introduces new challenges for security teams. So, below listed are three hurdles that security teams would need to overcome in order to integrate and enable DevOps.
1. Increase in Pace: DevOps offers an entirely new pace of development, which the security personnel must consider seriously. Historically, these DevOps cycles were months long, but now this shift is as short as weeks or days. As a result, a refactored security solution and toolsets are required for a continuous delivery flow which must be easy to integrate and maintain. Additional features like real-time vulnerability alerts and state-of-the-art threat modeling are needed.
2. Removal of Barriers: The success of DevOps highly depends upon the breakdown of data silos to facilitate cross-functional and collaborative teams. To achieve an accurate and effective DevSecOps, security, development, and operations must work cohesively in pursuit of a shared goal. Moreover, the position of security teams must shift from roadblock to consultant, guiding developers to fix bad code.
3. Advanced Skills: For security technology to be integrated correctly into the dev process and support a desired level of agility, security teams are often asked to learn new skills, including API and coding.
These three points are essential, and security teams must consider these to evaluate their security programs and also propose program shifts that support the growth and success of DevOps. At last, security teams must look at DevOps through the same lens as customer-facing web application by forming a set of standards and best practices; a switch to DevOps can then reap significant rewards for an organization.
Analyzing the Influence of DevOps on IT
By Phil Jarvis, VP, IT, Thirty-One Gifts
By Dr.Chris Ewell, CISO, Seattle Children
By Eloise Young, CIO, Philadelphia Gas Works
By Phil Stevens, CIO, The Exchange
By Herman Nell, SVP & CIO, Rent-A-Center
By John Honeycutt, CTO, Discovery Communications
By Mark Wead, Chief Enterprise Architect– North America...
By Federico Flórez, Chief Information & Innovation Officer,...
By David Berry, CIO, Daymon Worldwide
By Douglas Turk, Chief Marketing Officer, JLT Speciality
By Tekin Gulsen, CIO, Global IT & Corporate Planning...
By John Sprague, Deputy CTO, IT and the End User Architect,...
By Craig C Shrader, CIO Engagement Partner, Tatum, a...
By Bill Schimikowski, VP, Customer Experience, Fidelity...
By Tom Bressie, Vice President, Oracle Cloud
By Jeff Katz, CTO, Energy & Utilities, IBM [NYSE:IBM]
By Dr Dirk E Mahling, VP, Technology, Alliant Energy
By Steven John, CIO, AmeriPride Services
By Leon Ravenna, CISO, KAR Auction Services, Inc.