The DevOps is collaborating activities in Development phase and (Operation) Deployment phases, effective continuous communication in each phase and incorporate closed loop feedback mechanisms from deployment and monitoring phase back to Business requirements and Development team to make the entire operation continually improved, automated and deliver seamless and repeatable deployment process. DevOps will help an enterprise to have increased customer satisfaction, reduces application downtime and sustain their business in the competitive market environment. This also reduces operational expenses and maintain the availability of the services as agreed by the enterprise.
The majority of the process has been automated that includes scripts to perform manual and automated deployment of components into testing, QA and production environments. Any discrepancy in the deployment script, semi-automated manual access control process, operational procedure document, and incident response process for DevOps may lead to deployment failures or longer recovery/ rollback and subsequently may increase application downtime. This article describes role of information security in DevOps that need to be enhanced to reduce the application down time, increase the customer satisfaction and maintain the continually improved process by constant lessons learnt using feedback process.
The attached file describes various information security attributes that need to be identified and mitigated to make entire DevOps as flawless, repeatable and maintain the application uptime as agreed by the enterprise.
Authored by Anandanarayanan G