A lack of confidence. A large financial investment. A major time investment. A difficult culture change. These are just a few of the many excuses to avoid implementing DevOps. But, these excuses may be legitimate reasons to avoid DevOps. What if we’ve been putting DevOps on an unjustifiable pedestal?
The more I’m exposed to DevOps, the more I question its effectiveness as an internal IT culture. Its initial hype from online publications has transformed into cautionary “what to avoid” content. Numerous surveys have exemplified this as well. Additionally, everyone recognizes the security flaws in DevOps. A chasm exists between DevOps in theory and DevOps in reality.
Of course, this doesn’t apply to every company, but it certainly needs to be said. This issue requires examination and potential solutions.
What IT Leaders Think
Earlier this year, Embotics and Ponemon Institute released a study on the cost and impact of falling behind with DevOps. The survey included 600 IT leaders responsible for cloud management at their organization.
67% of respondents were unconfident in their ability to manage risks in the cloud. An alarming statistic. Beyond this, the survey found that 74% of respondents recognize the importance of DevOps, but only 33% could quickly deliver DevOps enablement. 53% said they lack resources and/or skills to move to DevOps. Furthermore, only 40% said DevOps made a positive impact, while 25% believe it made no impact or a negative impact.
These numbers point to an inherent problem with DevOps. At least a problem with the internal implementation of DevOps.
This year, Glassdoor listed DevOps Engineer as the number 2 job in America. DevOps Engineers offer a unique skill set to enterprises looking at starting DevOps. They provide experience in configuration, cloud, automation, operations, as well as leadership. Basically, a swiss army knife for IT.
What do they specifically bring though? DevOps looks different in any organization. Some may place a higher emphasis on certain tools based on their needs. These engineers help enterprises find the ideal solutions and infrastructure they need. They act as a leader during the cultural transformation. Breaking down IT starts with their contributions.
But, again, this is just a way to implement DevOps more efficiently. It doesn’t eliminate problems that may arise. And perhaps the most glaring problem with DevOps comes from security.
DevSecOps objectively provides more value than DevOps alone. DevOps emphasizes the importance of development speed and CI/CD, but security often gets shoved to the end or even after release.
Finding problems late in the development cycle, or even after the release, will create an unsafe cloud environment. Recent hacks have been caused by unsafe DevOps practice. Releasing innovative products means little if your code isn’t safe. Shifting security left isn’t optional anymore, it’s a necessity.
Shifting left with DevSecOps even elevates collaboration. Developers must have a deeper understanding of security. Having knowledge about what security teams will be looking for makes the entire process easier for everyone. Developers will recognize flaws as they’re working, thus creating better code.
Despite the positives of DevSecOps, it only eliminates one DevOps flaw.
DevOps Needs a Managed Service Provider
DevOps constantly changes as new solutions and technology become available. Thus, nobody ever finishes implementing DevOps. But with all the work required just to get started, shouldn’t there be a definitive payoff?
Now, I’m not saying DevOps doesn’t have a payoff. IT professionals around the world see increased release frequency, faster development, as well as a healthier IT culture. DevOps requires maintenance, though. Solutions become obsolete faster than ever – containers are a development mainstay today, but serverless is around the corner.
Managed service providers offer a solution to this. Enterprise technology companies build solutions specifically for MSPs. These partnerships ensure that MSPs will have up to date technology to pass on to their clients.
MSPs also eliminate the stress of DevOps implementation itself. Many specialize in initiating a cultural transformation. They help enterprises set up automation tools, infrastructures, containers, and some even train employees. Also, if needed, MSPs help with ongoing cloud maintenance. They assist with workloads, infrastructure, security, and even provide 24/7 support.
Making the move to DevOps with an MSP eliminates the stress of an internal transformation.
- Solutions Review Best of 2018: Top Container Security Articles - December 20, 2018
- Logicworks and AVANT Communications Announce Alliance - December 19, 2018
- A Look at the Container Lifecycle and How to Keep it Secure - December 14, 2018