Larry Gordon, the co-founder and CEO of xOps, has led IT services and software companies in the security, DevOps and digital transformation segments. He shares his insight on why financial institutions need DevOps.
For banks, a common transformative action being implemented is moving a cornerstone application to a cloud environment. In this current “digital revolution,” timelines for product delivery and information analysis are few and far between.
Customers set the pace by consuming products and information on-demand. This places immense pressure on banks to deliver continuously and reliably to satisfy the rapidly escalating demand for all types of the services they offer. Software is the center of the business universe, and it’s vital to all aspects of operations. Building and reliably delivering software is now vital to short and long-term success.
As banks continue to maintain and modernize older applications, they are also creating and delivering new applications that can wear out their staff and budgets while increasing technical and process complexities between organizations.
In this digital economy, failure to deliver, delivering the wrong solutions, or delayed delivery greatly affects organizations’ ability to satisfy required business outcomes and in short, make the customer happy.
DevOps managed services
A significant portion of technology has to be spent focused on software engineering infrastructure. The blend of workloads, applications and broad access to the resources paired with consistent delivery methods to support software development is vital. How technology is used is as equally important as to the methods and processes for creating and delivering software code.
Most development teams have limited visibility across and within their software “production” or the coding and delivery processes. Visibility is paramount and getting the processed data into the hands of key stakeholders is critical. Lead-time, deployment frequency and more, enabled with a complete and automated delivery and a mapping of the value-stream, or team members involved, can provide great value to the enterprise.
A very powerful and proven method for companies to access and wrap their arms around data and constraint resolution is through DevOps managed services. DevOps are a set of practices that combines software development and IT operations in order to shorten the development cycle and continuously deliver software at the highest quality level. DevOps provide real-time visibility into the integrated technical-development operations processes. Data is generated from the use of hardware and software systems in response to the actions of the contributors/engineers in the value-stream from code designing to release to production.
DevOps managed services help organizations identify vulnerable process areas to remedy and improve suspect code and provide feedback for continuous improvement. Code scanning detection also helps identify code weak points and anomalies and provide improvement assurance. When there are fewer issues, the value-stream operates more efficiently, placing less stress on the team, including testing processes and the infrastructure they leverage to produce and reliably deliver.
Eliminating Alert Fatigue
Anyone who’s been in the DevOps space is probably familiar with alert fatigue. At the beginning of a DevOps transformation, engineers set up as many monitors as they can to catch issues before they happen or to understand when things start to go awry. The next thing that happens is that their inbox is getting flooded with all these alerts and, suddenly, everything becomes less meaningful and no one is reacting to anything, which is essentially the same as not having any monitoring in the first place.
It’s a big problem and finding the balance between making sure everything is captured and not overloading everybody responding to these issues is a key DevOps transformational issue.
Managers quickly have to fix the problem of engineers being woken up at three o’clock in the morning and then looking into something that actually ends up being a false positive. Managers need the right tools and processes to efficiently catch meaningful events and only alerting people when it’s absolutely necessary.
One way to clearly quantify alert fatigue is to look at the number of alerts per person, and the frequency and timing of the alerts.
Every time there’s an alert, there are three possible outcomes: it’s an actual problem that must get fixed; it’s a premature alert, or it’s something that needs to be watched to determine if any action is needed.
In the latter two cases, the threshold is adjusted or the engineer getting the alert decides that it’s really doing nothing for the process and turns the alert off. It’s a process of continuous improvement, but what you wind up with ultimately is meaningful alerts.
Why banks need DevOps
The three most common reasons local and regional banks are adopting DevOps is for security, efficiency, and application reliability.
The responsibility and even accountability for security is rapidly shifting in the direction of DevOps engineers, as they have a view into the broad architecture of the processes and systems used to deploy the various operations.
Going forward, DevOps engineers and DevSecOps processes, or the development of security and operations processes, are going to be even more accountable for security. This trend should be a strong consideration, as good DevSecOps also makes application deployments, operations, and service monitoring easier, and more secure.