Feed abonnieren

We spend a lot of time defining DevOps and outlining what it means to developers, operations, and organizations as a whole. But there's one aspect of DevOps that doesn't get the attention that it deserves: its role in helping to maintain a good security posture for all organizations, particularly federal government agencies.


This is an important topic that a panel of experts recently spoke at length about at Red Hat's Defense in Depth conference (listen to the recording here). During that session, representatives from Red Hat and elsewhere laid the groundwork by explaining what DevOps is – essentially, a methodology and outgrowth of agile application development that involves developers and operations managers coming together to continuously innovate and update new and existing apps at a very rapid pace.


This is something that is very unfamiliar to many government organizations. Over the years, these groups have become accustomed to long-term vendor contracts that offered the promise of periodic software updates over months or, in some cases, years.

Today's threat environment is far too accelerated for that type of approach. Agencies are at a point where security vulnerabilities are coming at them hard and fast, and threat vectors change on a regular basis; today's Shellshock could easily lead to tomorrow's who-knows-what.


Agency IT personnel need to be able to react in real time. Therefore, they need a system that allows for continuous software development that will help them keep pace with current and potential threats.


DevOps can be that system because it offers a blueprint to which federal IT managers can map their ongoing vigilance. Through continuous integration and delivery, and by updating software every few days (rather than months or years), they can quickly respond to potential threats while helping to keep hackers on their heels. In this sense, one could say that DevOps is a great way to significantly cut down the time it takes to address the timeless problem of maintaining an effective security posture.


However, like many new approaches, adopting a DevOps approach can be a challenge, particularly in the federal space, which has a culture that is very steeped in traditional roles and responsibilities. A committed DevOps approach requires that these roles and responsibilities must change; people must take on new assignments and workloads, learn to work with different teams, and more. Therefore, it's incumbent upon everyone in the organization to adhere to that old security adage “trust, but verify.” Everyone needs to be accountable for their team members and make sure they are all doing their respective jobs. Not doing so can cause cracks to appear in a DevOps methodology – and, as a result, the security posture it's helping to solidify.


Adopting DevOps is important, not just to federal administrators, but also to the defense of government IT as a whole. Technology can only do so much, and the technology that allows governments to secure their information and networks is already fully in place. Now, it needs to be complemented by processes and policies that match its capabilities.


Adopting a DevOps methodology can help federal IT administrators match a suitable process to the fantastic technology they have at their disposal. In the process, it can help both them and the warfighters they support by greatly assisting in their age-old effort to maintain rock-solid security.

Über den Autor


Nach Thema durchsuchen

automation icon


Das Neueste zum Thema IT-Automatisierung für Technologien, Teams und Umgebungen

AI icon

Künstliche Intelligenz

Erfahren Sie das Neueste von den Plattformen, die es Kunden ermöglichen, KI-Workloads beliebig auszuführen

open hybrid cloud icon

Open Hybrid Cloud

Erfahren Sie, wie wir eine flexiblere Zukunft mit Hybrid Clouds schaffen.

security icon


Erfahren Sie, wie wir Risiken in verschiedenen Umgebungen und Technologien reduzieren

edge icon

Edge Computing

Erfahren Sie das Neueste von den Plattformen, die die Operations am Edge vereinfachen

Infrastructure icon


Erfahren Sie das Neueste von der weltweit führenden Linux-Plattform für Unternehmen

application development icon


Entdecken Sie unsere Lösungen für komplexe Herausforderungen bei Anwendungen

Original series icon

Original Shows

Interessantes von den Experten, die die Technologien in Unternehmen mitgestalten