No developer deliberately sets out to build an application riddled with vulnerabilities that doesn’t perform very well but the rate at which this occurs there’s clearly an issue. Organizations are shifting more responsibility for applications running in production environments to developers in the hope that being held more accountable will improve the quality of the applications deployed. The issue that arises is to what degree the ongoing management of those applications takes time away from writing additional code. Most organizations today have a growing backlog of requests for new applications that are needed to drive myriad digital business transformation initiatives. Pressure to deliver those applications as soon as possible is mounting.
Investing in DevOps tools and platforms is, of course, an effort to strike a balance between the need to write more code faster and application quality, including most critically, the processes required to ensure the security of those applications. DevOps engineers streamline and automate a wide range of tasks that ultimately not only results in higher quality applications being deployed but just as critically important improving the productivity of the developer.
There are, of course, full stack developers that in addition to writing code are capable of programmatically managing DevOps workflows. A Web scale company such as Netflix can easily afford to hire and train full-stack developers, but the average enterprise IT organization is not likely to consistently be able to enjoy the same luxury. Full-stack developers are a rare breed indeed that are hard to find and even more challenging to retain. The bulk of the application development community, frankly, isn’t especially interested in learning how to manage IT infrastructure.
In the absence of full-stack developer the challenge then becomes how to enable the rest of the mere mortals that make up the application development community to become more productive. Arguably, the productivity of application development teams is the most important metric in all of IT. However, even in the best of times, it was difficult to hire and retain developers given all the competition for their talents. In the current economic climate, many organizations can’t afford to expand their application development teams so doing more with less has become a major imperative. The more tasks that are automated by DevOps engineers the easier it becomes to achieve that goal.
Of course, that doesn’t necessarily mean that developers shouldn’t be given more tools to, for example, scan their code for vulnerabilities before uploading it into a build. However, it does mean that rather shifting responsibility for the entire application stack to developers it makes a lot more economic sense to rely on a dedicated team of DevOps engineers to test, deploy and secure software builds that then need to be continuously monitored and optimized in production environments. Reduced lead times, more frequent releases, lower failure rates and faster time to services restoration in the event of a disruption are all quantifiable benefits of adopting a set of best DevOps practices.
In total, there are nine pillars of a DevOps workflow that IT organizations need to master. Each IT organization can decide for themselves to what degree to implement those nine pillars. There is no magic formula that should be universally employed. Instead, DevOps is much more like water in that each team needs to decide to what level it makes the most sense to adopt based on their existing internal dynamics. The longer teams employ DevOps practices the more proficient they will over time become as more process bottlenecks are identified and eliminated. Trying to impose DevOps practices by fiat is not only a recipe for strife it is also generally takes the most time to show results.
Similarly, mandating that developers will suddenly acquire all the skills required to successfully build, test, deploy, secure and manage multiple applications running in a production environment is just as foolhardy. The only realistic approach is to hire DevOps engineers that make it possible to achieve that goal by allowing the IT organizations to lean rather than shift left in a way enables the average developer to focus on what they really do better than anyone else in the world.
If you have questions related to this topic, feel free to book a meeting with one of our solutions experts, mail to sales@amazic.com.
