Professional Documents
Culture Documents
SUCCESSFULLY
INTEGRATING
DEVOPS TEAMS
WITHIN YOUR
ORGANIZATION
SearchAWS
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
Home
Resistance is futile
when building
DevOps teams
F
Failing to integrate
security with
DevOps? Do so at
your own peril
PA G E 2 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
It goes without saying that established companies saddled with legacy technol-
Home
ogy and operational behavioral patterns are slow to change -- if they change
Resistance is futile at all. In time, though, the competitive ones that wish to survive become less
when building
DevOps teams resistant to ideas they once rejected, such as placing certain workloads in the
public cloud.
Failing to integrate
security with Another shift on the horizon is the collapsing divide between developers
DevOps? Do so at
your own peril and IT pros. By now, the term DevOps has reached mainstream, though the
practice has not. Building, validating and deploying applications with lightning
speed by uniting developers and IT pros brings about faster results and creates
value to customers. And yet, plenty of IT pros resist. And staff reorgs are dif-
ficult because not all teams will jibe, IT teams said.
At the AWS Summit in New York earlier this month, I ran into several AWS
architects who dont develop. Another team deals with development, they said.
Agile IT is all about speed, said Tim Prendergast, founder and CEO at Evi-
dent.io who also led DevOps teams at Adobe and Ticketmaster. Traditional IT
projects run longer. An Oracle database might see an upgrade every 24 months.
PA G E 3 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
PA G E 4 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
Todays security tools were built to protect a perimeter around a data center
-- not to protect things like AWS Simple Storage Service or Relational Database
Service, Prendergast said.
Its not easy to break down the walls between established IT teams. But
Home
DevOps teams with all domains of knowledge can make intelligent assertions
Resistance is futile as to why a problem might exist. An accelerated app/dev and deployment cycle
when building
DevOps teams delivers faster value to customers. And really, what choice do you have? If your
competition is a startup that uses this model and is reaching your customers
Failing to integrate
security with that much faster, your business is exposed to disruption.
DevOps? Do so at
your own peril
PA G E 5 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
PA G E 6 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
PA G E 7 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
with.
Environmentally, the cloud service providers have already delivered the
tooling and capabilities to help integrate this new set of telemetry into DevOps
tools. The challenge is really finding security technologies that can take advan-
Home
tage of the new capabilities and data available in these dynamic environments,
Resistance is futile and present such data to the professionals in an actionable and meaningful
when building
DevOps teams manner.
Failing to integrate
security with INTEGRATE SECURITY INTO CORPORATE CULTURE
DevOps? Do so at
your own peril One good practice for keeping with the velocity of new threats lies in embed-
ding security and DevOps together. Prendergast noted, Security and DevOps
can be so powerful when aligned, yet so detrimental to the success of an orga-
nization when kept apart.
It is important to include the right security stakeholders and decision mak-
ers in the design, architecture, and prototype phase discussions of a new proj-
ect. This gives an opportunity for feedback to be received immediately as key
decisions are made, and prevents redesigns later in the process due to security
objections or requirements that were previously unconsidered.
It is also a good idea to encourage the integration of operational staff in the
PA G E 8 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
PA G E 9 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
of the Sony hacks which brought the entertainment giant to its knees should
be considered in budget negotiations for implementing a secure software de-
velopment lifecycle. Sony budgeted $15 million to address investigation and
remediation costs, and independent analysts estimate the total business cost
Home
could be several times higher.
Resistance is futile Investing in dynamic and static code analysis tools like Veracode can go
when building
DevOps teams a long way towards protecting your organization from coding errors, misused
or unprotected functions, and other dangerous practices, said Prendergast.
Failing to integrate
security with This builds a strong linguistic expertise internally as the team learns to adapt
DevOps? Do so at
your own peril their programming technique to accommodate necessary security behaviors
to protect the business, data, and users.
The lack of focus on building a security conscious development culture can
be discouraging. There are so few coordinated industry efforts happening right
now that it can be disconcerting to security professionals when faced with this
evolution in role and function, noted Prendergast.
The Cloud Security Alliance is one notable exception that is trying to really
improve the industry through practice. It is actively engaging in discussions to
bring together DevOps solutions, security innovators, and Cloud Service Pro-
viders in an effort to improve the security of all customers migrating to cloud
PA G E 1 0 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
Home
Resistance is futile
when building
DevOps teams
Failing to integrate
security with
DevOps? Do so at
your own peril
PA G E 1 1 O F 1 2 SPONSORED BY
SUCCESSFULLY INTEGRATING DEVOPS TEAMS WITHIN YOUR ORGANIZATION
PA G E 1 2 O F 1 2 SPONSORED BY