DevOps – the application development paradigm for continuous integration and delivery – has become a popular methodology for banks to accelerate delivery of applications in today’s fast-paced digital economy. Now, banks are setting their sights on DevSecOps, which aims to integrate and automate security into the entire testing, development, and delivery process.
The benefits of DevOps are fairly well understood. When development and operations teams produce iterative changes more frequently, it can reduce software defects and service issues. This is important to all banking services, but even more so in digital banking. Digital-first customers expect not only new and innovative experiences, but also a secure and reliable service, particularly when they do most of their banking on mobile devices.
So, how can DevSecOps help? Customers expect strong security, and that requires taking DevOps practices to the next level – DevSecOps. Using existing security models and practices, which “bolt on” security at the end stage of development, doesn’t suit an environment that is defined by frequent change across a growing set of digital touch points, thereby creating widening the opportunity for breaches. Hence the need for a delivery process that builds in and automates security from the very start. A DevSecOps approach can facilitate this, removing boundaries that previously existed between information security and DevOps teams. Rather than treating security as an afterthought delivering a software delivery, it is integrated into the full life cycle.
Simply put, there’s too much at stake to adhere to static and outdated security processes when changes to an application may take place every few weeks or even every few days. If security isn’t treated as a shared responsibility by information security and DevOps, and if it isn’t integrated as part of the end-to-end delivery process, the risks that an application will be compromised by illicit online activity may increase. Digital banking efforts won’t be sustainable if customers lose faith that their financial transactions are secure.
The bank of the future will be better prepared to compete against the rising tide of fintechs and digitally-native banks if the DevSecOps approach is applied. Such an approach puts a laser focus on the necessary speed and security. To learn more about the impact of DevSecOps on digital banks, see DevSecOps: Critical in Building the Bank of the Future.
執筆者紹介
Eric Marts is a financial services leader at Red Hat. Prior to joining Red Hat, Eric shaped solutions globally in the Retail Banking and Wealth Management business at HSBC. He has more than 20 years of professional experience across both startups and incumbents. He is particularly interested in unlocking new market opportunities and making financial services simpler and more inclusive for customers with cloud technology.
チャンネル別に見る
自動化
テクノロジー、チームおよび環境に関する IT 自動化の最新情報
AI (人工知能)
お客様が AI ワークロードをどこでも自由に実行することを可能にするプラットフォームについてのアップデート
オープン・ハイブリッドクラウド
ハイブリッドクラウドで柔軟に未来を築く方法をご確認ください。
セキュリティ
環境やテクノロジー全体に及ぶリスクを軽減する方法に関する最新情報
エッジコンピューティング
エッジでの運用を単純化するプラットフォームのアップデート
インフラストラクチャ
世界有数のエンタープライズ向け Linux プラットフォームの最新情報
アプリケーション
アプリケーションの最も困難な課題に対する Red Hat ソリューションの詳細
オリジナル番組
エンタープライズ向けテクノロジーのメーカーやリーダーによるストーリー
製品
ツール
試用、購入、販売
コミュニケーション
Red Hat について
エンタープライズ・オープンソース・ソリューションのプロバイダーとして世界をリードする Red Hat は、Linux、クラウド、コンテナ、Kubernetes などのテクノロジーを提供しています。Red Hat は強化されたソリューションを提供し、コアデータセンターからネットワークエッジまで、企業が複数のプラットフォームおよび環境間で容易に運用できるようにしています。
言語を選択してください
Red Hat legal and privacy links
- Red Hat について
- 採用情報
- イベント
- 各国のオフィス
- Red Hat へのお問い合わせ
- Red Hat ブログ
- ダイバーシティ、エクイティ、およびインクルージョン
- Cool Stuff Store
- Red Hat Summit