Lately, in the information technology world, there’s been a lot of attention on “DevOps,” or the effort to sync up developers with operations teams to deliver quality software and solutions in a timely manner for the business. For insurance companies looking to advance in the digital space, the ability to effectively deliver quality software – both internally and to customers -- is critical.
However, there’s also been a great deal of confusion about DevOps, and how it can apply to ongoing processes. A new book,
The following are leading myths associated with the DevOps movement:
Myth: DevOps is just for software engineers: At its inception, DevOps was intended as a form of “conversation-driven development.” The practice has expanded well beyond those tech boundaries, and is being embraced as a philosophy for sharing the responsibility for software and application releases.
Myth: DevOps is just for startups: While DevOps has been common practice among the big Web companies such as Google, that’s because these organizations have been at high risk of “highly dangerous code releases that were prone to catastrophic failure, inability to release features fast enough to beat the competition, compliance concerns, an inability to scale, and high levels of distrust between development and operations,” Kim and his co-authors point out. DevOps helps these organizations address these software risks, as it will for more mainstream organizations, such as established insurance companies.
Myth: DevOps is all about automation: DevOps introduces a great deal of automation, but it is just as much about getting people to work together. The practice of DevOps “requires cultural norms and an architecture that allows for the shared goals to be achieved throughout the IT value stream” – and ops figures prominently into this vision.
Myth: DevOps is incompatible with security and compliance: “The absence of traditional controls – segregation of duty, change approval processes, manual security reviews at the end of a project” – may seem like a security nightmare to some. However, Kim and his co-authors observe, with DevOps, “instead of security and compliance activities only being performed at the end of the project, controls are integrated into every stage of daily work in the software development lifecycle, resulting in better quality, security, and compliance outcomes.”