In speaking to my friends at JumpCloud, they have talked an awful lot about DevOps. They have spent a lot of time speaking to companies moving infrastructure to the cloud. Many of these cloud migrations were instituted by the developer teams at these companies.
In moving to the cloud, they have bypassed the traditional processes and policies of the IT departments at many organizations. It allows for speedier development and a more efficient roll out of the applications. However, it also gives the developers responsibility for many operations. This responsibility is part of something called DevOps.
DevOps promises to change the way organizations develop, operate and maintain applications and IT infrastructure, both on-premise and in the cloud. It also has become a targeted customer base for IT vendors that realize development teams, along with this increased responsibility, also have increased budgets.
In speaking to my friends in the information security and general IT space, I was surprised how many people were not familiar with DevOps and what it is about. I sort of took it for granted that everyone was familiar with DevOps. Maybe that was because my friend Gene Kim had exposed me to the world of DevOps through his excellent books: The Phoenix Project and The DevOps Cookbook. I also enjoy reading my friend Lori MacVittie, who writes some good DevOps stuff occasionally on her F5 blog.
Without bag diving into the particulars of DevOps, what it is and how you should be leveraging it to make you and your organization more successful, let me say that the cloud is a great accelerator of DevOps. As Cloud adoption rises, DevOps is going to be more and more in focus. We have already seen this taking place.
Many large organizations and startups have realized that putting development projects in the cloud is a cheaper, speedier way to get development done. What has happened from there is that many (especially startups who have not already invested heavily in on-premise infrastructure) have also realized that once the development is in the cloud, it makes a heck of a lot of sense to just roll out the applications from there as well. The logic in this is pretty simple. The real question becomes the usual land grab - who is in charge? While IT controlled the network and the servers, and they usually won control of the app, security, operations and control, that is not always the case with apps in the cloud. All of a sudden we are seeing a shift were developers are the IT folks and IT are the developers. This has profound implications for budgets, responsibilities and how operations will work in the near future.
This move towards DevOps has garnered a lot of momentum already. IBM's SoftLayer and Foundry Group's JumpCloud are hosting their first annual DevOps Conference in Boulder, Colorado on October 24. It is a full day dedicated to understanding what DevOps is all about it and how your company can harness it. Unfortunately, the conference is open only to Foundry/TechStars/Bullet Time companies at this time. However, I have it on good authority that if you are interested in attending or want to find out more about the event and the agenda, you can write to email@example.com for more info.
If you are already familiar with DevOps, you probably realize that this is a wave that is just starting to roll in. If you are not familiar with DevOps, you should dig in now, as you can either ride the wave or get washed over by it.
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast. Follow him on Google.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.