Welcome!

Cloud Security Authors: David Paquette, Dana Gardner, Elizabeth White, Pat Romanski, Dan Potter

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security, @BigDataExpo

@CloudExpo: Article

Cloud-Based DevOps

Innovating at the Speed of the Market

I have a confession. I am Shadow IT. I am the guilty party operations and security love to hate because I expense tens of thousands of dollars in cloud services...every month. Truth be told, my team and I couldn't afford to wait in line for IT to provision the resources we needed to begin work. We had goals to meet and objectives to achieve - all of which didn't include waiting in line for IT to give us virtual machines, development platforms or set up sandboxes so we could begin work.

With a lengthy approval process and cost justifications, there was no way I would have been able to secure either the physical infrastructure or cloud vendor approvals I needed to achieve the business unit's goals. And, honestly, the risk of choosing a vendor that would leak our data, or otherwise put the business at risk, seemed a lot lower than the risk of not getting my job done.

So, even though my monthly cloud bill continued to rise, it didn't surprise me too much that I was never questioned about the expense because my team was delivering. And, that is exactly what everyone from the business side of things cares about - is development creating new applications and/or services that can be brought to market before the competition? Can we secure ‘first-mover' status or market leadership because development is firing on all cylinders? These are the questions marketing, business development, and other teams ask. Not, did central IT get you those VMs you needed?

In talking to others, I know I'm not alone. And, yet, I intrinsically know there has to be a better way than to submit an expense report with fingers crossed every month. Which is why I am coming out of the Shadow.

The Real Problem
From my seat, the real problem is that the entire system is caught in a vicious cycle of process, governance and pig throwing. What do I mean?  Limited central IT resources and a focus on infrastructure management limit the ability to allocate development resources and slows development's ability to innovate at the pace needed to match business requirements. Security and audit insert additional approvals and manual steps that need to be followed throughout the application lifecycle that adds drag to the system, and dev is often accused of throwing the proverbial pig over the wall to operations. And, anything and everything that goes wrong from that point forward is blamed on development's "pig".

The problem is exacerbated by pressure from the business - from beating small, nimble competitors to market to ensuring compliance and cutting budgets - that adds stress to the system. Operating in an "application economy" however, this system should run like a well-oiled machine.

Greasing System Dynamics with DevOps

DevOps may just hold the key in the application economy. In case you are unfamiliar with DevOps, it stemmed from Enterprise Systems Management and Agile software development methodologies, with an emphasis on communication, collaboration and integration between dev and IT Operations.  And, most importantly, DevOps focuses on improving reliability and security while speeding development and deployment cycles at each phase of the application lifecycle--from conception and creation, to testing, QA, and product delivery.

DevOps also helps with release management by standardizing development environments, which gives development greater control because they can program to give apps the full knowledge of the supporting infrastructure.  DevOps may well be the cure in the application economy because it automates as much of the operational process as possible, which speeds hand-offs, allows for automatic integration of processes and even governance and security controls.

When the Cloud Helps & When it Doesn't
While DevOps sounds great, when you couple it with some of the promises of cloud computing, it gets even better. For example, one of the core tenets of the cloud is IT-as-a-service, which translates into self-service access for development to the complete development platforms they need, when they need them. Take these resources, begin coding in your tool(s) of choice, and you are off to the races! One thing I learned when contracting with cloud service providers is that this full-service model is much better than renting Infrastructure-as-a-Service (IaaS) because the team was still responsible for managing middleware which is unnecessarily time consuming. If the VM is running, your provider is doing their job. Period.

Some IT organizations think IaaS is the place to start with DevOps. I'm of the mind that spinning up VMs faster is about as exciting as watching grass grow - I'm already getting that from the public cloud providers I've been covertly using. It gets you a fraction of the way there, but doesn't really address the spectrum of how DevOps can help break IT out of its box and create a dynamic system that is the rocket fuel of the company's growth.  Let me break it down a bit. DevOps, supported by a self-service cloud environment, nets development:

  • Standardized Environments: With on-demand access to entire application platforms that are already standardized and pre-configured to resemble IT's production environment, dev can create and deploy apps across the lifecycle without the tedium and bottlenecks that occur at each phase of the software development lifecycle today. Development can occur in any language, regardless of the final platform, and dev can focus on developing high-value, innovative applications. Between a greater focus on code, and access to standardized environments, apps are more likely to excel in quality and be less likely to need rework, or cause production hiccups.

  • Streamlined Release to Production: A cloud-based DevOps model allows teams to automate release management, using an organization's existing approval processes supported by automatic provisioning of application deployment environments. By streamlining across the development-to-operations lifecycle, teams are able to keep pace with faster change by automating and standardizing tasks that are manually configured today, creating less room for ‘fat finger' errors and the resultant problem resolution.

  • Built-In Business Policy: Cut the vicious cycle by working with IT and security to provision policies as part and parcel of the standardized environment. By integrating policy early, you increase confidence in the process across the board, eradicating operations' ability to label your new baby nothing but a pig with lipstick.

By working with IT across the software development lifecycle via cloud-based DevOps, development teams can decrease software bottlenecks, increase code output and be seen as drivers of the business. And, who doesn't want a well-oiled machine that drives the company forward? It's much better than holding your breath for a call from accounting about that $20,000 AWS expense.

More Stories By Shawn Douglass

Shawn Douglass has been a cloud visionary and key contributor to the emerging enterprise cloud operating model for over a decade. Mr. Douglass is responsible for the strategy and vision of the Agility Platform and contributing to IT transformation at Global 2000 enterprises.

Prior to ServiceMesh he was managing director at EMC Ventures where he drove strategic investments in cloud, security, big data/analytics, and disruptive technology and business models.

He has served on the Board of Directors and as Chairman of the Technical Steering Committee for the Enterprise Grid Alliance (EGA), and on the Board of Directors at Joyent, a high-performance cloud infrastructure provider. He is also a winner of the Always On 2012 Power Players in the Cloud award. Mr. Douglass is a graduate of Harvard Business School.

@ThingsExpo Stories
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
Akana has announced the availability of version 8 of its API Management solution. The Akana Platform provides an end-to-end API Management solution for designing, implementing, securing, managing, monitoring, and publishing APIs. It is available as a SaaS platform, on-premises, and as a hybrid deployment. Version 8 introduces a lot of new functionality, all aimed at offering customers the richest API Management capabilities in a way that is easier than ever for API and app developers to use.
Personalization has long been the holy grail of marketing. Simply stated, communicate the most relevant offer to the right person and you will increase sales. To achieve this, you must understand the individual. Consequently, digital marketers developed many ways to gather and leverage customer information to deliver targeted experiences. In his session at @ThingsExpo, Lou Casal, Founder and Principal Consultant at Practicala, discussed how the Internet of Things (IoT) has accelerated our abil...
With so much going on in this space you could be forgiven for thinking you were always working with yesterday’s technologies. So much change, so quickly. What do you do if you have to build a solution from the ground up that is expected to live in the field for at least 5-10 years? This is the challenge we faced when we looked to refresh our existing 10-year-old custom hardware stack to measure the fullness of trash cans and compactors.
The emerging Internet of Everything creates tremendous new opportunities for customer engagement and business model innovation. However, enterprises must overcome a number of critical challenges to bring these new solutions to market. In his session at @ThingsExpo, Michael Martin, CTO/CIO at nfrastructure, outlined these key challenges and recommended approaches for overcoming them to achieve speed and agility in the design, development and implementation of Internet of Everything solutions wi...
Cloud computing is being adopted in one form or another by 94% of enterprises today. Tens of billions of new devices are being connected to The Internet of Things. And Big Data is driving this bus. An exponential increase is expected in the amount of information being processed, managed, analyzed, and acted upon by enterprise IT. This amazing is not part of some distant future - it is happening today. One report shows a 650% increase in enterprise data by 2020. Other estimates are even higher....
I wanted to gather all of my Internet of Things (IOT) blogs into a single blog (that I could later use with my University of San Francisco (USF) Big Data “MBA” course). However as I started to pull these blogs together, I realized that my IOT discussion lacked a vision; it lacked an end point towards which an organization could drive their IOT envisioning, proof of value, app dev, data engineering and data science efforts. And I think that the IOT end point is really quite simple…
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, will deep dive into best practices that will ensure a successful smart city journey.
In today's uber-connected, consumer-centric, cloud-enabled, insights-driven, multi-device, global world, the focus of solutions has shifted from the product that is sold to the person who is buying the product or service. Enterprises have rebranded their business around the consumers of their products. The buyer is the person and the focus is not on the offering. The person is connected through multiple devices, wearables, at home, on the road, and in multiple locations, sometimes simultaneously...