Starting out 2021 in a remote first, virtual working environment, I found myself asking whether DevOps is still a relevant approach or, has it evolved into something entirely different in response to the pandemic?
Looking back over the past year and seeing first-hand how it has supported a smooth transition to providing our services to our customers with a team working remotely from individual homes, I have concluded that the answer is yes. The approach provides a collaborative, automation first environment that enables the team to focus in on the true priorities of our customers and deliver what is most valuable.
Here are a few areas I’m taking into consideration this year:
Culture
Like with many organisations we embarked on a DevOps approach to align our development and IT teams, streamlining everything from environment management to deployment ultimately increasing our delivery velocity.
Transitioning to a DevOps approach focused our team on reworking old practices, multiskilling cross functional teams and implementing tool sets not only based on their roles primary purpose but also integration and automation capabilities. As you can imagine all of this required an investment of time alongside delivering for our customers.
With that in mind and with a focus on continuing the evolution of our approach this year will see us needing to remain aware of the following key things:
- Remote Working – 2020 triggered us to become a remote first company which has highlighted our need to continually provide the team time to assess ‘best practice’ in this environment
- Cost Saving – DevOps comes at a cost and during a time of uncertainty its easy to delay improvements
- Quick access to knowledge and expertise – with the opportunity for ‘water cooler’ conversations reduced or impeded by video calls, we look to record and document where possible so that knowledge can be shared easily
Our initial way of combatting these issues are to ensure the entire business is behind investing further in the approach and continue to integrate our communication tool, Microsoft Teams into the process to control the flow of communication within the team.
Putting customers first
When we went through the process of establishing our DevOps practices it was focused mainly on increasing delivery velocity. The processes and tools we put in place removed the requirement for manual processing and the introduction integrated tools to improve the flow of our project lifecycle.
With automation being a target and better toolsets doing the heavy lifting the team can focus their time on getting requirements spot on or, making sure that code is right first time rather than building their development environment or deploying a release manually. That value is passed directly onto our customers as focus is where it needs to be.
This year we turn out attention to whether there is more value that this approach can provide. Two considerations are continuous monitoring and data, as you can imagine we closely monitor our build processes and live systems to ensure everything is working the way that it should.
However, what if we could use that monitoring and data to provide further insight into optimising customer experience and learn from what that insight provides?
Being a Microsoft Development house, we plan to tap further into the power of Azure Monitor, it fits perfectly with our CI/CD pipeline approach and gives powerful customer centric metrics for detection and diagnostics, infrastructure issues, log analytics and application insights.
Security
In the world of GDPR and data protection we always prioritise data security from initial engagement with customers, setting up team members, through to each stage of design, build and supporting our systems. This is of course, supported by controls and processes we have implemented as part of our ISO27001 accreditation.
However, the approach under consideration here is ‘DevSecOps’ and its goal, as an extension to DevOps is to make security a priority for the entire team. As more automation is introduced for integration and deployment into our lifecycle it creates a new set of issues that need to be considered. Yes, it provides a faster and repeatable approach to release and deployment but is it worth it if it puts security at risk?
The great thing here is that there are a wide range of tools that are designed to support the process from a security standpoint. We are going to be taking an even closer look at Threat Modelling, Azure Active Directory Identity Protection, ARM Template Checker, Security Verification Tests (SVTs) , GitLab and more.
To be continued
Finally, another area I am currently looking into is DataOps, with the increase we are seeing in completely data driven projects we are assessing we have adapted our DevOps approach well in enough to gain the same levels of efficiency. Look out for my next article coming soon…
Photo by freddie marriage on Unsplash
