フィードを購読する

DevOps – the application development paradigm for continuous integration and delivery – has become a popular methodology for banks to accelerate delivery of applications in today’s fast-paced digital economy. Now, banks are setting their sights on DevSecOps, which aims to integrate and automate security into the entire testing, development, and delivery process.

The benefits of DevOps are fairly well understood. When development and operations teams produce iterative changes more frequently, it can reduce software defects and service issues. This is important to all banking services, but even more so in digital banking. Digital-first customers expect not only new and innovative experiences, but also a secure and reliable service, particularly when they do most of their banking on mobile devices.

So, how can DevSecOps help? Customers expect strong security, and that requires taking DevOps practices to the next level – DevSecOps. Using existing security models and practices, which “bolt on” security at the end stage of development, doesn’t suit an environment that is defined by frequent change across a growing set of digital touch points, thereby creating widening the opportunity for breaches. Hence the need for a delivery process that builds in and automates security from the very start. A DevSecOps approach can facilitate this, removing boundaries that previously existed between information security and DevOps teams. Rather than treating security as an afterthought delivering a software delivery, it is integrated into the full life cycle.

Simply put, there’s too much at stake to adhere to static and outdated security processes when changes to an application may take place every few weeks or even every few days. If security isn’t treated as a shared responsibility by information security and DevOps, and if it isn’t integrated as part of the end-to-end delivery process, the risks that an application will be compromised by illicit online activity may increase. Digital banking efforts won’t be sustainable if customers lose faith that their financial transactions are secure.

The bank of the future will be better prepared to compete against the rising tide of fintechs and digitally-native banks if the DevSecOps approach is applied. Such an approach puts a laser focus on the necessary speed and security. To learn more about the impact of DevSecOps on digital banks, see DevSecOps: Critical in Building the Bank of the Future.


執筆者紹介

Eric Marts is a financial services leader at Red Hat. Prior to joining Red Hat, Eric shaped solutions globally in the Retail Banking and Wealth Management business at HSBC. He has more than 20 years of professional experience across both startups and incumbents. He is particularly interested in unlocking new market opportunities and making financial services simpler and more inclusive for customers with cloud technology.

Read full bio

チャンネル別に見る

automation icon

自動化

テクノロジー、チームおよび環境に関する IT 自動化の最新情報

AI icon

AI (人工知能)

お客様が AI ワークロードをどこでも自由に実行することを可能にするプラットフォームについてのアップデート

open hybrid cloud icon

オープン・ハイブリッドクラウド

ハイブリッドクラウドで柔軟に未来を築く方法をご確認ください。

security icon

セキュリティ

環境やテクノロジー全体に及ぶリスクを軽減する方法に関する最新情報

edge icon

エッジコンピューティング

エッジでの運用を単純化するプラットフォームのアップデート

Infrastructure icon

インフラストラクチャ

世界有数のエンタープライズ向け Linux プラットフォームの最新情報

application development icon

アプリケーション

アプリケーションの最も困難な課題に対する Red Hat ソリューションの詳細

Original series icon

オリジナル番組

エンタープライズ向けテクノロジーのメーカーやリーダーによるストーリー