The goal of DevOps is to improve business efficiency to meet market demands—but companies are overlooking two key components in the development and operations process, which can lead to significant problems, according to the US-based IT association ISACA.
ISACA International President Robert E Stroud, CGEIT, CRISC, said: “IT security must be part of the design and development phases of DevOps. Too often, organizations try to incorporate security late in the game, which can increase the cost and the risk of failure.”
Organizations must also make sure their culture supports DevOps, Stroud said. “DevOps requires flexibility and individuals who are willing to collaborate, share knowledge and be accountable. It also requires a company culture that embraces IT as a business partner.”
Incorporating security and cultural factors into earlier phases—along with ensuring the company’s processes and tools work in conjunction to support DevOps adoption—helps ensure adoption and eight key business performance benefits:
Reduce time to market
Faster return on investment
Improved performance
Better quality
Greater customer satisfaction
Reduced IT waste
Improved supplier and business partner performance; and
Reduced human factor threat.
Stroud, who is also vice president of strategy and innovation at CA Technologies, said: “Organizations can benefit tremendously from DevOps. But addressing security and cultural needs early on is a key success factor. When done right, DevOps can reduce enterprise risk and cost and enable technology to change at the speed of the business.”
ISACA explains critical successful factors for DevOps adoption, as well as seven critical challenges to overcome, in a free guide, titled DevOps Overview. This is the first in a series, and guides on DevOps risk and governance, security, and assurance will be issued later in 2015. To download a free copy of the guide, visit www.isaca.org/DevOpsguide.
