DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB
Hot Topics
  • Azure Migration Strategy: Tools, Costs and Best Practices
  • Blameless Integrates Incident Management Platform With Opsgenie
  • OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot | Netflix Blocks Password Sharing
  • Red Hat Brings Ansible Automation to Google Cloud
  • Three Trends That Will Transform DevOps in 2023

Home » Blogs » How to Make Self-Service IT More Intelligent

How to Make Self-Service IT More Intelligent

Avatar photoBy: Rick Kilcoyne on March 26, 2021 Leave a Comment

It’s an old story: DevOps’ need for speed and agility clashes with IT’s need for security and control. Striking the right balance between control and agility is key to fostering a smooth relationship between DevOps and IT.

Many enterprises have achieved this balance by implementing a self-service IT model. In a self-service environment, IT creates a pre-approved catalog of resources that developers and engineers can access themselves, regardless of where they are, through a single portal. These resources might include storage, compute, networking or multi-tier app stacks. Thus, DevOps can get the things they need on their own, when they need them, avoiding the IT bottleneck while IT still maintains control.

TechStrong Con 2023Sponsorships Available

This gives DevOps the speed and agility they want while allowing IT to maintain control. IT can place guardrails on resources, such as role-based access controls and permissions, usage quotas, cost controls, security and compliance measures. IT can also set up approval workflows to ensure visibility and management. DevOps increases efficiency and expedites time-to-market. They will also be much less likely to go around IT and procure the resources they want on their own, such as spinning up public cloud resources with a credit card. This kind of activity leads to unauthorized apps and resources running in the background without IT’s knowledge – otherwise known as shadow IT – which can create significant security vulnerabilities and cost overruns.

So, the balance between DevOps and IT, the yin and yang of speed and control, is attained. All is well in the kingdom, right? Not exactly. While self-service IT is essential, it needs to grow more intelligent to remain effective.

Hybrid cloud environments are changing rapidly. As helpful as most current self-service IT systems may be, a multi-cloud strategy will continue adding more layers of complexity to IT infrastructure management. While a prudent enterprise will automate as many cloud management processes as possible and have stringent guardrails in place to enforce cost and security policies, there is still plenty of room for things to go wrong when you have multiple engineering and development teams consuming cloud resources in a rapidly-changing environment.

When various combinations of resources are provisioned in ways that IT didn’t foresee, or new tools are added that didn’t exist when existing policies were drafted, you have an environment that’s susceptible to misconfigurations and inadvertent security risks. Furthermore, tools and resources available to DevOps via the self-service portal may become outdated or not be as effective or useful as they once were. If IT hasn’t replaced or upgraded them yet, DevOps might still be tempted to go outside the system to get what they need.

Staying on top of the evolving challenges in hybrid cloud management will require a new, more intelligent approach to self-service IT. This approach will further empower DevOps and assist IT by embedding greater awareness into decision-making processes across the organization.

Say, for example, a developer writes a piece of code. Unbeknownst to the developer, something they just wrote in the code could potentially create a security vulnerability. The old way of preventing cybersecurity breaches resulting from flawed code entails top-down, more centralized security scans or reactive audits.

The new, more proactive approach would leverage an advanced automated alert and visualization system that informs people about the impact of the decisions they’re making, as they’re making them. In the example above, the developer would automatically receive an alert about the security issue in the code so it can be rectified right then and there, before resource deployment.

Similarly, this shift-left-and-rectify approach can be applied to cost control and compliance issues, as well. If resources are being provisioned sub-optimally and would incur unnecessary expenses, DevOps would be automatically alerted to the oversight and presented with a cheaper option. IT can make the solution even more cost-effective by allowing developers to take direct actions from the platform, instead of going to various portals. (According to the FinOps Foundation’s State of FinOps 2021 report, 39% of engineers do not currently have the necessary tools to take these actions). This type of intelligent automation can also ensure regulations and standards such as PCI-DSS, CIS and the AWS Well-Architected Framework are always adhered to.

While traditional self-service IT systems still serve a vital purpose, these types of proactive cloud management and optimization initiatives will keep self-service IT agile and able to adapt to rapidly changing conditions. By embedding greater awareness into decision-making across the enterprise, DevOps functions even faster and more efficiently, and IT maintains even greater control. Hybrid cloud environments can be managed more intuitively and with greater confidence that misconfigurations and oversights that lead to security issues, cost overruns, and compliance risks will be intelligently and continuously remediated. The yin and yang endures.

Recent Posts By Rick Kilcoyne
  • More Choices, More Problems: The Double-Edged Sword of Multi-Cloud
Avatar photo More from Rick Kilcoyne
Related Posts
  • How to Make Self-Service IT More Intelligent
  • DevOps and Agility for Multi-Speed IT
  • Where will DevOps be in 10 years’ time?
    Related Categories
  • Blogs
  • DevOps Practice
    Related Topics
  • automation
  • CloudBolt
  • FinOps Foundation
Show more
Show less

Filed Under: Blogs, DevOps Practice Tagged With: automation, CloudBolt, FinOps Foundation

« Why a Unified Enterprise DevOps Platform is Necessary
A Future of Opportunities »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Automating Day 2 Operations: Best Practices and Outcomes
Tuesday, February 7, 2023 - 3:00 pm EST
Shipping Applications Faster With Kubernetes: Myth or Reality?
Wednesday, February 8, 2023 - 1:00 pm EST
Why Current Approaches To "Shift-Left" Are A DevOps Antipattern
Thursday, February 9, 2023 - 1:00 pm EST

Sponsored Content

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Why a Low-Code Platform Should Have Pro-Code Capabilities

March 24, 2021 | Andrew Manby

AWS Well-Architected Framework Elevates Agility

December 17, 2020 | JT Giri

Practical Approaches to Long-Term Cloud-Native Security

December 5, 2019 | Chris Tozzi

Latest from DevOps.com

Azure Migration Strategy: Tools, Costs and Best Practices
February 3, 2023 | Gilad David Maayan
Blameless Integrates Incident Management Platform With Opsgenie
February 3, 2023 | Mike Vizard
OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot | Netflix Blocks Password Sharing
February 2, 2023 | Richi Jennings
Red Hat Brings Ansible Automation to Google Cloud
February 2, 2023 | Mike Vizard
Three Trends That Will Transform DevOps in 2023
February 2, 2023 | Dan Belcher

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

GET THE TOP STORIES OF THE WEEK

Most Read on DevOps.com

New Relic Bolsters Observability Platform
January 30, 2023 | Mike Vizard
Jellyfish Adds Tool to Visualize Software Development Workflows
January 31, 2023 | Mike Vizard
OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot | Netflix Blocks Password Sharing
February 2, 2023 | Richi Jennings
Cisco AppDynamics Survey Surfaces DevSecOps Challenges
January 31, 2023 | Mike Vizard
Let the Machines Do It: AI-Directed Mobile App Testing
January 30, 2023 | Syed Hamid
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.