Launching a DevOps transformation within your organization takes time, patience, and buy-in from leaders in both software development (Dev) and operations (Ops) teams. The DevOps model promises improved efficiency, agility, and security, but a successful transition won’t happen overnight. Evolving and growing DevOps in your organization will be a gradual, multi-step process.
The 2018 State of DevOps Report, presented by Puppet and Splunk Inc., outlined DevOps as an evolution composed of five stages. The 2019 State of DevOps Report builds on these ideas and emphasizes the importance of making security a shared responsibility across teams. Here are some of the most important takeaways that you can use while scaling your organization’s DevOps:
Stage 1: Normalization
Development teams use version control and a standard set of operating systems
Stage 2: Standardization
Teams deploy on one operating system and build on standard tech tools
Stage 3: Expansion
Stage 4: Automate infrastructure delivery
Stage 5: Self-service
The 2019 report found that organizations that had made the most progress in their DevOps evolution were automating security tasks, such as security policy configurations in Stage 4. This integrated security approach gave teams a strong foundation as they moved into Stage 5. The report noted:
“The highly evolved teams we encountered in last year’s report were not simply shifting security left. They had cultivated a powerful blend of high-trust environments, autonomous teams, and a high degree of automation and crossfunctional collaboration between application teams, operations and security teams.”
The report’s key findings further emphasize the essential connection between DevOps and security considerations:
When you build a strong DevOps environment, focusing on culture, automation, measurement, and sharing, you also create a foundation for good security outcomes.
In companies with the highest level of security integration, 82% of respondents said their security policies and practices significantly improve their security posture – compared with 38% of respondents at companies with no security integration.
Organizations with a high level of security integration experienced positive outcomes, including an ability to deploy production on demand faster than other companies and more effectively.
As you evolve and scale DevOps in your organization, make sure security integration is one of your top priorities, not an afterthought.
Learn about how York Solutions’ Managed Service Solution (MS3) can benefit your organization.