We spend a lot of time defining DevOps and outlining what it means to developers, operations, and organizations as a whole. But there's one aspect of DevOps that doesn't get the attention that it deserves: its role in helping to maintain a good security posture for all organizations, particularly federal government agencies.
This is an important topic that a panel of experts recently spoke at length about at Red Hat's Defense in Depth conference (listen to the recording here). During that session, representatives from Red Hat and elsewhere laid the groundwork by explaining what DevOps is – essentially, a methodology and outgrowth of agile application development that involves developers and operations managers coming together to continuously innovate and update new and existing apps at a very rapid pace.
This is something that is very unfamiliar to many government organizations. Over the years, these groups have become accustomed to long-term vendor contracts that offered the promise of periodic software updates over months or, in some cases, years.
Today's threat environment is far too accelerated for that type of approach. Agencies are at a point where security vulnerabilities are coming at them hard and fast, and threat vectors change on a regular basis; today's Shellshock could easily lead to tomorrow's who-knows-what.
Agency IT personnel need to be able to react in real time. Therefore, they need a system that allows for continuous software development that will help them keep pace with current and potential threats.
DevOps can be that system because it offers a blueprint to which federal IT managers can map their ongoing vigilance. Through continuous integration and delivery, and by updating software every few days (rather than months or years), they can quickly respond to potential threats while helping to keep hackers on their heels. In this sense, one could say that DevOps is a great way to significantly cut down the time it takes to address the timeless problem of maintaining an effective security posture.
However, like many new approaches, adopting a DevOps approach can be a challenge, particularly in the federal space, which has a culture that is very steeped in traditional roles and responsibilities. A committed DevOps approach requires that these roles and responsibilities must change; people must take on new assignments and workloads, learn to work with different teams, and more. Therefore, it's incumbent upon everyone in the organization to adhere to that old security adage “trust, but verify.” Everyone needs to be accountable for their team members and make sure they are all doing their respective jobs. Not doing so can cause cracks to appear in a DevOps methodology – and, as a result, the security posture it's helping to solidify.
Adopting DevOps is important, not just to federal administrators, but also to the defense of government IT as a whole. Technology can only do so much, and the technology that allows governments to secure their information and networks is already fully in place. Now, it needs to be complemented by processes and policies that match its capabilities.
Adopting a DevOps methodology can help federal IT administrators match a suitable process to the fantastic technology they have at their disposal. In the process, it can help both them and the warfighters they support by greatly assisting in their age-old effort to maintain rock-solid security.
Über den Autor
Mehr davon
Nach Thema durchsuchen
Automatisierung
Das Neueste zum Thema IT-Automatisierung für Technologien, Teams und Umgebungen
Künstliche Intelligenz
Erfahren Sie das Neueste von den Plattformen, die es Kunden ermöglichen, KI-Workloads beliebig auszuführen
Open Hybrid Cloud
Erfahren Sie, wie wir eine flexiblere Zukunft mit Hybrid Clouds schaffen.
Sicherheit
Erfahren Sie, wie wir Risiken in verschiedenen Umgebungen und Technologien reduzieren
Edge Computing
Erfahren Sie das Neueste von den Plattformen, die die Operations am Edge vereinfachen
Infrastruktur
Erfahren Sie das Neueste von der weltweit führenden Linux-Plattform für Unternehmen
Anwendungen
Entdecken Sie unsere Lösungen für komplexe Herausforderungen bei Anwendungen
Original Shows
Interessantes von den Experten, die die Technologien in Unternehmen mitgestalten
Produkte
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Cloud-Services
- Alle Produkte anzeigen
Tools
- Training & Zertifizierung
- Eigenes Konto
- Kundensupport
- Für Entwickler
- Partner finden
- Red Hat Ecosystem Catalog
- Mehrwert von Red Hat berechnen
- Dokumentation
Testen, kaufen und verkaufen
Kommunizieren
Über Red Hat
Als weltweit größter Anbieter von Open-Source-Software-Lösungen für Unternehmen stellen wir Linux-, Cloud-, Container- und Kubernetes-Technologien bereit. Wir bieten robuste Lösungen, die es Unternehmen erleichtern, plattform- und umgebungsübergreifend zu arbeiten – vom Rechenzentrum bis zum Netzwerkrand.
Wählen Sie eine Sprache
Red Hat legal and privacy links
- Über Red Hat
- Jobs bei Red Hat
- Veranstaltungen
- Standorte
- Red Hat kontaktieren
- Red Hat Blog
- Diversität, Gleichberechtigung und Inklusion
- Cool Stuff Store
- Red Hat Summit