Click here to close now.




















Welcome!

Cloud Security Authors: Elizabeth White, Liz McMillan, Cloud Best Practices Network, Dennis Griffin, Kevin Jackson

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Agile Computing, Cloud Security, @BigDataExpo

@CloudExpo: Article

Cloud-Based DevOps

Innovating at the Speed of the Market

I have a confession. I am Shadow IT. I am the guilty party operations and security love to hate because I expense tens of thousands of dollars in cloud services...every month. Truth be told, my team and I couldn't afford to wait in line for IT to provision the resources we needed to begin work. We had goals to meet and objectives to achieve - all of which didn't include waiting in line for IT to give us virtual machines, development platforms or set up sandboxes so we could begin work.

With a lengthy approval process and cost justifications, there was no way I would have been able to secure either the physical infrastructure or cloud vendor approvals I needed to achieve the business unit's goals. And, honestly, the risk of choosing a vendor that would leak our data, or otherwise put the business at risk, seemed a lot lower than the risk of not getting my job done.

So, even though my monthly cloud bill continued to rise, it didn't surprise me too much that I was never questioned about the expense because my team was delivering. And, that is exactly what everyone from the business side of things cares about - is development creating new applications and/or services that can be brought to market before the competition? Can we secure ‘first-mover' status or market leadership because development is firing on all cylinders? These are the questions marketing, business development, and other teams ask. Not, did central IT get you those VMs you needed?

In talking to others, I know I'm not alone. And, yet, I intrinsically know there has to be a better way than to submit an expense report with fingers crossed every month. Which is why I am coming out of the Shadow.

The Real Problem
From my seat, the real problem is that the entire system is caught in a vicious cycle of process, governance and pig throwing. What do I mean?  Limited central IT resources and a focus on infrastructure management limit the ability to allocate development resources and slows development's ability to innovate at the pace needed to match business requirements. Security and audit insert additional approvals and manual steps that need to be followed throughout the application lifecycle that adds drag to the system, and dev is often accused of throwing the proverbial pig over the wall to operations. And, anything and everything that goes wrong from that point forward is blamed on development's "pig".

The problem is exacerbated by pressure from the business - from beating small, nimble competitors to market to ensuring compliance and cutting budgets - that adds stress to the system. Operating in an "application economy" however, this system should run like a well-oiled machine.

Greasing System Dynamics with DevOps

DevOps may just hold the key in the application economy. In case you are unfamiliar with DevOps, it stemmed from Enterprise Systems Management and Agile software development methodologies, with an emphasis on communication, collaboration and integration between dev and IT Operations.  And, most importantly, DevOps focuses on improving reliability and security while speeding development and deployment cycles at each phase of the application lifecycle--from conception and creation, to testing, QA, and product delivery.

DevOps also helps with release management by standardizing development environments, which gives development greater control because they can program to give apps the full knowledge of the supporting infrastructure.  DevOps may well be the cure in the application economy because it automates as much of the operational process as possible, which speeds hand-offs, allows for automatic integration of processes and even governance and security controls.

When the Cloud Helps & When it Doesn't
While DevOps sounds great, when you couple it with some of the promises of cloud computing, it gets even better. For example, one of the core tenets of the cloud is IT-as-a-service, which translates into self-service access for development to the complete development platforms they need, when they need them. Take these resources, begin coding in your tool(s) of choice, and you are off to the races! One thing I learned when contracting with cloud service providers is that this full-service model is much better than renting Infrastructure-as-a-Service (IaaS) because the team was still responsible for managing middleware which is unnecessarily time consuming. If the VM is running, your provider is doing their job. Period.

Some IT organizations think IaaS is the place to start with DevOps. I'm of the mind that spinning up VMs faster is about as exciting as watching grass grow - I'm already getting that from the public cloud providers I've been covertly using. It gets you a fraction of the way there, but doesn't really address the spectrum of how DevOps can help break IT out of its box and create a dynamic system that is the rocket fuel of the company's growth.  Let me break it down a bit. DevOps, supported by a self-service cloud environment, nets development:

  • Standardized Environments: With on-demand access to entire application platforms that are already standardized and pre-configured to resemble IT's production environment, dev can create and deploy apps across the lifecycle without the tedium and bottlenecks that occur at each phase of the software development lifecycle today. Development can occur in any language, regardless of the final platform, and dev can focus on developing high-value, innovative applications. Between a greater focus on code, and access to standardized environments, apps are more likely to excel in quality and be less likely to need rework, or cause production hiccups.

  • Streamlined Release to Production: A cloud-based DevOps model allows teams to automate release management, using an organization's existing approval processes supported by automatic provisioning of application deployment environments. By streamlining across the development-to-operations lifecycle, teams are able to keep pace with faster change by automating and standardizing tasks that are manually configured today, creating less room for ‘fat finger' errors and the resultant problem resolution.

  • Built-In Business Policy: Cut the vicious cycle by working with IT and security to provision policies as part and parcel of the standardized environment. By integrating policy early, you increase confidence in the process across the board, eradicating operations' ability to label your new baby nothing but a pig with lipstick.

By working with IT across the software development lifecycle via cloud-based DevOps, development teams can decrease software bottlenecks, increase code output and be seen as drivers of the business. And, who doesn't want a well-oiled machine that drives the company forward? It's much better than holding your breath for a call from accounting about that $20,000 AWS expense.

More Stories By Shawn Douglass

Shawn Douglass has been a cloud visionary and key contributor to the emerging enterprise cloud operating model for over a decade. Mr. Douglass is responsible for the strategy and vision of the Agility Platform and contributing to IT transformation at Global 2000 enterprises.

Prior to ServiceMesh he was managing director at EMC Ventures where he drove strategic investments in cloud, security, big data/analytics, and disruptive technology and business models.

He has served on the Board of Directors and as Chairman of the Technical Steering Committee for the Enterprise Grid Alliance (EGA), and on the Board of Directors at Joyent, a high-performance cloud infrastructure provider. He is also a winner of the Always On 2012 Power Players in the Cloud award. Mr. Douglass is a graduate of Harvard Business School.

@ThingsExpo Stories
WebRTC services have already permeated corporate communications in the form of videoconferencing solutions. However, WebRTC has the potential of going beyond and catalyzing a new class of services providing more than calls with capabilities such as mass-scale real-time media broadcasting, enriched and augmented video, person-to-machine and machine-to-machine communications. In his session at @ThingsExpo, Luis Lopez, CEO of Kurento, will introduce the technologies required for implementing these ideas and some early experiments performed in the Kurento open source software community in areas ...
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Treloar, President and COO of Bebaio, will explore examples of brands transforming their businesses by t...
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS – software, platform, and infrastructure as a service.
The 3rd International WebRTC Summit, to be held Nov. 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 15th International Cloud Expo, 6th International Big Data Expo, 3rd International DevOps Summit and 2nd Internet of @ThingsExpo. WebRTC (Web-based Real-Time Communication) is an open source project supported by Google, Mozilla and Opera that aims to enable bro...
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal today!
SYS-CON Events announced today that the "Second Containers & Microservices Expo" will take place November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.
While many app developers are comfortable building apps for the smartphone, there is a whole new world out there. In his session at @ThingsExpo, Narayan Sainaney, Co-founder and CTO of Mojio, will discuss how the business case for connected car apps is growing and, with open platform companies having already done the heavy lifting, there really is no barrier to entry.
In his session at @ThingsExpo, Lee Williams, a producer of the first smartphones and tablets, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. He will explain how M2M controllers work through wirelessly connected remote controls; and specifically delve into a retrofit option that reverse-engineers control codes of existing conventional controller systems so they don't have to be replaced and are instantly converted to become smart, connected devices.
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
Akana has announced the availability of the new Akana Healthcare Solution. The API-driven solution helps healthcare organizations accelerate their transition to being secure, digitally interoperable businesses. It leverages the Health Level Seven International Fast Healthcare Interoperability Resources (HL7 FHIR) standard to enable broader business use of medical data. Akana developed the Healthcare Solution in response to healthcare businesses that want to increase electronic, multi-device access to health records while reducing operating costs and complying with government regulations.
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on demos and comprehensive walkthroughs.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal an...
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and analyzed? As an area of investment, how might a retail company move towards an innovation methodolo...
As more intelligent IoT applications shift into gear, they’re merging into the ever-increasing traffic flow of the Internet. It won’t be long before we experience bottlenecks, as IoT traffic peaks during rush hours. Organizations that are unprepared will find themselves by the side of the road unable to cross back into the fast lane. As billions of new devices begin to communicate and exchange data – will your infrastructure be scalable enough to handle this new interconnected world?
The Internet of Things is in the early stages of mainstream deployment but it promises to unlock value and rapidly transform how organizations manage, operationalize, and monetize their assets. IoT is a complex structure of hardware, sensors, applications, analytics and devices that need to be able to communicate geographically and across all functions. Once the data is collected from numerous endpoints, the challenge then becomes converting it into actionable insight.
Contrary to mainstream media attention, the multiple possibilities of how consumer IoT will transform our everyday lives aren’t the only angle of this headline-gaining trend. There’s a huge opportunity for “industrial IoT” and “Smart Cities” to impact the world in the same capacity – especially during critical situations. For example, a community water dam that needs to release water can leverage embedded critical communications logic to alert the appropriate individuals, on the right device, as soon as they are needed to take action.
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of streaming data in the cloud with an enterprise grade SLA. It features built-in integration with Azur...
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advanced analytics, and DevOps to advance innovation and increase agility. Specializing in designing, imple...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.