DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • DevOps Chats
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Communities
    • AWS Community Hub
    • CloudBees
    • IT as Code
    • Rocket on DevOps.com
    • Traceable on DevOps.com
    • Quali on DevOps.com
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DevSecOps
  • DevOps Onramp
  • Practices
  • ROELBOB
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps

Home » Features » Understand Why You’re Doing DevOps

Understand Why You’re Doing DevOps

By: Tony Bradley on May 18, 2016 1 Comment

DevOps has been all the rage for a few years now. It has quickly matured from a fringe concept to a mainstream imperative, and organizations that haven’t already embraced DevOps are scrambling to understand and implement it to keep up with rivals and remain competitive. Despite its benefits, though, DevOps may not be for everyone. Before diving into the DevOps deep end, you first should consider what your objectives are.

Recent Posts By Tony Bradley
  • The Best Approach to Help Developers Build Security into the Pipeline
  • Better Apps and Better Security When You Shift Left
  • The Road Ahead for Security, DevOps Transformation
More from Tony Bradley
Related Posts
  • Understand Why You’re Doing DevOps
  • Why Your DevSecOps Initiative Will Fail
  • At Some Point, We’ve Shifted Too Far Left
    Related Categories
  • Features
    Related Topics
  • culture
  • postmortem
  • rapid development
  • security
Show more
Show less

To frame the issue more precisely, it’s not that organizations necessarily should avoid DevOps altogether. It’s just important to go into it with your eyes wide open and to understand why some DevOps projects fail. According to Andrew Storms, VP of Security Services at New Context, it’s always for one of four reasons: cultural roadblocks, failure to identify and take action on mistakes as you go, failure to learn from past mistakes and most importantly, failure to include security—either early on or at all.

AppSec/API Security 2022

Let’s break down those four hurdles.

Face Cultural Roadblocks

DevOps is different things to different organizations, or even to different teams within an organization. There are many definitions of what DevOps is or is not. There is a fairly unanimous consensus, though, that DevOps is first and foremost a function of culture.

Cultural roadblocks, Storms said, are by far the most common reason he sees DevOps fail. “It’s rarely a technical tools problem; usually there’s a disconnect between the DevOps team and executives or other parts of the organization. A concerted effort must be made to get everyone in the organization on the same page. Everyone is fighting for the same thing, but too often, they don’t realize it.”

Fix Mistakes

One of the outcomes of the DevOps culture shift is a fundamental change in corporate bureaucracy and the rigid processes that segregate teams and impede progress. DevOps enables organizations to work more seamlessly and produce results more quickly. It also allows issues and mistakes to be identified and resolved on the fly. “Smaller incremental changes are always easier to handle than a large monster of a release, which can include hundreds of changes,” explained Storms. “For example, teams should look for the single change in a monthly release that resulted in an unexpected security hole, instead of thinking they’ll tackle all changes with a huge release down the road.”

Learn from the Past

One of the most important things for business in general to help them understand is learning from past mistakes. With DevOps, it’s crucial. Organizations often only conduct investigations and postmortem analyses in the event of an issue or catastrophic failure. In that situation, the teams and individuals involved are immediately on the defensive and likely to go into “CYA” mode.

To effectively understand and learn from the past the discussion has to be neutral and without blame or consequence. It’s a difficult concept for organizations to grasp. The key to blameless meetings is to conduct them as a regular occurrence rather than a response to a negative situation, and to foster a culture where failure is acceptable as long as it is used as a learning experience.

Storms also suggests changing the name to “After Action Reports” to remove the negative stigma. “Postmortem implies a dead body. After Actions Reports are imperative after any event regardless of the type of outcome.”

Start with Security

Security is an Achilles heel of development in general, but the rapid pace of development in a DevOps environment makes it even more critical that security be integrated from the beginning. Failing to consider security is a disaster waiting to happen.

Those responsible for security often don’t even know about a project until after it’s already in production. Storms cautions organizations, “Untested and unreviewed code or designs in production represent both a large security risk, but also a risk to the business and your customers. Security needs to be part of the SDLC (software development life cycle) and DevOps from day one.”

DevOps is not a silver bullet. Nothing is. There are a variety of unique advantages and benefits that come from successfully embracing DevOps, but to realize them you need to start with a clear understanding of your own objectives, and how DevOps can be leveraged to help you achieve them.

Filed Under: Features Tagged With: culture, postmortem, rapid development, security

Sponsored Content
Featured eBook
The Automated Enterprise

The Automated Enterprise

“The Automated Enterprise” e-book shows the important role IT automation plays in business today. Optimize resources and speed development with Red Hat® management solutions, powered by Red Hat Ansible® Automation. IT automation helps your business better serve your customers, so you can be successful as you: Optimize resources by automating ... Read More
« Jenkins Creator Kohsuke Kawaguchi (KK) at DevOps Connect: CD Summit Dallas
Webinar: Self Service DevOps How to Deliver a PaaS Experience on any Hybrid Cloud »

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Transforming the Database: Critical Innovations for Performance at Scale
Tuesday, August 23, 2022 - 1:00 pm EDT
Modern Data Protection With Metallic DMaaS: Hybrid, Kubernetes and Beyond
Wednesday, August 24, 2022 - 11:00 am EDT
DevOps Unbound: Report on AI-Augmented DevOps
Tuesday, August 30, 2022 - 11:00 am EDT

Latest from DevOps.com

Agile Sucks (Redux) | Plus: DevOps on Mars
August 18, 2022 | Richi Jennings
Survey Shows Steady DevSecOps Progress
August 18, 2022 | Mike Vizard
Why DevOps Teams Need Security Engineers
August 18, 2022 | Mike Vizard
Time-Series Database Basics
August 18, 2022 | Jeff Tao
Busting 5 Common Database Modernization Myths
August 18, 2022 | Anthony Loss

GET THE TOP STORIES OF THE WEEK

Download Free eBook

Hybrid Cloud Security 101
New call-to-action

Most Read on DevOps.com

Next-Level Tech: DevOps Meets CSOps
August 12, 2022 | Jonathan Rende
The Benefits of a Distributed Cloud
August 12, 2022 | Jonathan Seelig
Cycode Expands Scope of AppDev Security Platform
August 11, 2022 | Mike Vizard
Techstrong TV: Scratching the Surface of Testing Through AI
August 12, 2022 | Alan Shimel
Building a Platform for DevOps Evolution, Part One
August 16, 2022 | Bob Davis

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2022 ·Techstrong Group, Inc.All rights reserved.