Is collaboration between technology and business functions encouraged or stifled? Do you work together with creative energy, drive and trust, or is there a mood of resignation and avoidance? Pulling technical and business specialisms together to innovate and build an agile business is a capability that will help secure an organisation's future.Read More
Ranger4 DevOps Blog
Happy New Year one and all! Whilst time, or at least the Gregorian calendar, may be a human construct, I do enjoy the annual opportunity for navel gazing and setting intentions for a new dozen of months. I’ll be working with Zen koans daily in 2019 as part of my evolving interests in meditation and the brain. This however, represents my thoughts about the world of DevOps in the coming year, and is also a reflection on my thoughts on the same a year ago.Read More
Our wonderful friends at Sonatype just released the results of their annual DevSecOps survey. For the full results you can download the report. I wrote this article for an ebook where it's collated with a number of other articles from other practitioners - you can download the ebook here.
In 2017, 57% of all participants in the DevSecOps Community survey confirmed that, yes, they did have an open source policy. In 2018 this has risen to 64% - but 35% say they ignore it.
Breaking that down further: in 2018, 58% of those with no DevOps practices and 77% of those with mature DevOps practices reported having an open source policy. 46% of the former and 24% of the latter reported ignoring it. Effectively, that’s then just 12% of organisations with no DevOps practices actually using an open source policy, while 53% with mature practices are following internal regulations. Having, and using, an open source policy is then an indicator of mature DevOps practices.Read More
It's that time of year again! I hope everyone has happy holidays. I've been staring into my crystal ball and thinking about what's been happening in 2017 and these are my thoughts on what the big themes in DevOps are going to be in the year ahead:
1) BizIT: Whilst we are working with many organisations who are facing the classic DevOps challenge of getting development and IT operations to work better together (particularly where new digital transformation departments are accelerating agile adoption), there are many that are achieving the target state of OneIT and the friction they are feeling is more about the business' acceptance of what agile and DevOps really mean in terms of their commitment and involvement in the processes and feedback loops. As we move towards working in value streams, the lines will continue to blur between IT and the business and we'll go from align, past integrate and into 'IT is the business' and beyond where there is no separation. See what the CTO at Hiscox, Jonathan Fletcher, had to say in his talk at the DevOps Enterprise Summit in London this year.Read More
Yesterday, we had a webcast on 'DevSecOps - is it a Good Thing?' - you can watch the recording here but here's a summary of what we covered:
What is DevSecOps?
Since DevOps originated from the recognition that developers had started to do things like Agile development - the operations teams were getting left behind so, we started with the concept of Agile System Administration & the recognition that we have created silos in the way that we had traditionally organised enterprise IT into a development team. Generally, in software development, security has been looked at as an afterthought - something reflected by security experts.Read More
We spend a lot of time talking about change at Ranger4, as you may well imagine, in the context of DevOps. We talk about:
- Increasing throughput and quality simultaneously as a key DevOps goal
- Where Change Approval Boards are a key bottleneck (The Theory of Constraints and The First Way: Flow) - particularly when we are Value Stream Mapping
- What DevOps Target Operating Models look like and how peer-review change works, and what Change Management roles look like
I've been sharing this article, Change Goes Away, a lot in the DevOps Foundation courses we have been delivering in recent months. I love it partly because it's so crisply written but mainly because it's by Rob England, a self-styled IT Skeptic, and who has a primarily IT Operations background. This last part is particularly important since it's often the dev people who want to do away with change, and the IT ops people who want to retain the governance that change management policies and procedures bring - so to have an IT ops person to be such a strong proponent of change changing (!) like this really supports what DevOps is doing here. And gives solid advice on how to manage this potential conflict, together.Read More
Our partner, Sonatype, recently released their latest annual State of the Software Supply Chain report and in it provided new evidence that DevOps practices deliver measurable improvements. It also kickstarted another conversation between us.
One of the things we offer organisations is a free scan of their software to identify a bill of materials (of the open source components within an application) and a summary of the security vulnerabilities and licence risks that exist therein. Applications these days are decreasingly coded and increasingly composed from open source components available in online artifact repositories. It's not difficult to understand why developers would take this approach, as Sonatype's Derek Weeks says:
Yesterday we ran a public version of The Phoenix Project Game to give a bunch of people a feel for how it works and the kind of outcomes they could expect when they run the game with their own teams. If you missed this one but it sounds like something you want to do, we have another one in October; you can register yourself on it here but be warned - the last one booked out super-quick!Read More
Leading IT Analyst, Forrester, just published their The Forrester Wave™: Continuous Delivery And Release Automation, Q3 2017 analysing part of the DevOps toolchain. We know from experience how hard it is for organisations to choose the tools to include in their toolchain and that decisions made today often need to be changed tomorrow as the technology landscape moves so fast. We recently stood up a new LinkedIn group to facilitate discussion around DevOps toolchains as a result of our customers asking us for more help, blueprints and examples of existing toolchains - feel free to join!Read More
Like many industries, banking is under pressure from digital disruption and from digital disruptors (often referred to as 'fintechs').
From the 2017 state of Strategic Digital Banking report:
- According to Gartner and IDC, by 2018, banks and financial institutions’ clients will access and contact their banks mainly through mobile devices
- Banks and financial institutions CIOs’ main concern to 2017 and beyond is what will be done with their companies’ branches
- According to the 2016 MX Consumer Survey, clients find it more important to have an easy digital banking experience (67 percent) rather than a friendly teller or staff (33 percent) when choosing where to open an account
- According to the 2016 MX Consumer Survey, banks and financial Institutions clients are now more likely to access their banks in a more impersonal way, and only 19 percent use a personal method (branch or call center)