We spend a lot of time defining DevOps and outlining what it means to developers, operations, and organizations as a whole. But there's one aspect of DevOps that doesn't get the attention that it deserves: its role in helping to maintain a good security posture for all organizations, particularly federal government agencies.
This is an important topic that a panel of experts recently spoke at length about at Red Hat's Defense in Depth conference (listen to the recording here). During that session, representatives from Red Hat and elsewhere laid the groundwork by explaining what DevOps is – essentially, a methodology and outgrowth of agile application development that involves developers and operations managers coming together to continuously innovate and update new and existing apps at a very rapid pace.
This is something that is very unfamiliar to many government organizations. Over the years, these groups have become accustomed to long-term vendor contracts that offered the promise of periodic software updates over months or, in some cases, years.
Today's threat environment is far too accelerated for that type of approach. Agencies are at a point where security vulnerabilities are coming at them hard and fast, and threat vectors change on a regular basis; today's Shellshock could easily lead to tomorrow's who-knows-what.
Agency IT personnel need to be able to react in real time. Therefore, they need a system that allows for continuous software development that will help them keep pace with current and potential threats.
DevOps can be that system because it offers a blueprint to which federal IT managers can map their ongoing vigilance. Through continuous integration and delivery, and by updating software every few days (rather than months or years), they can quickly respond to potential threats while helping to keep hackers on their heels. In this sense, one could say that DevOps is a great way to significantly cut down the time it takes to address the timeless problem of maintaining an effective security posture.
However, like many new approaches, adopting a DevOps approach can be a challenge, particularly in the federal space, which has a culture that is very steeped in traditional roles and responsibilities. A committed DevOps approach requires that these roles and responsibilities must change; people must take on new assignments and workloads, learn to work with different teams, and more. Therefore, it's incumbent upon everyone in the organization to adhere to that old security adage “trust, but verify.” Everyone needs to be accountable for their team members and make sure they are all doing their respective jobs. Not doing so can cause cracks to appear in a DevOps methodology – and, as a result, the security posture it's helping to solidify.
Adopting DevOps is important, not just to federal administrators, but also to the defense of government IT as a whole. Technology can only do so much, and the technology that allows governments to secure their information and networks is already fully in place. Now, it needs to be complemented by processes and policies that match its capabilities.
Adopting a DevOps methodology can help federal IT administrators match a suitable process to the fantastic technology they have at their disposal. In the process, it can help both them and the warfighters they support by greatly assisting in their age-old effort to maintain rock-solid security.
Sobre o autor
Mais como este
Navegue por canal
Automação
Últimas novidades em automação de TI para empresas de tecnologia, equipes e ambientes
Inteligência artificial
Descubra as atualizações nas plataformas que proporcionam aos clientes executar suas cargas de trabalho de IA em qualquer ambiente
Nuvem híbrida aberta
Veja como construímos um futuro mais flexível com a nuvem híbrida
Segurança
Veja as últimas novidades sobre como reduzimos riscos em ambientes e tecnologias
Edge computing
Saiba quais são as atualizações nas plataformas que simplificam as operações na borda
Infraestrutura
Saiba o que há de mais recente na plataforma Linux empresarial líder mundial
Aplicações
Conheça nossas soluções desenvolvidas para ajudar você a superar os desafios mais complexos de aplicações
Programas originais
Veja as histórias divertidas de criadores e líderes em tecnologia empresarial
Produtos
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Red Hat Cloud Services
- Veja todos os produtos
Ferramentas
- Treinamento e certificação
- Minha conta
- Suporte ao cliente
- Recursos para desenvolvedores
- Encontre um parceiro
- Red Hat Ecosystem Catalog
- Calculadora de valor Red Hat
- Documentação
Experimente, compre, venda
Comunicação
- Contate o setor de vendas
- Fale com o Atendimento ao Cliente
- Contate o setor de treinamento
- Redes sociais
Sobre a Red Hat
A Red Hat é a líder mundial em soluções empresariais open source como Linux, nuvem, containers e Kubernetes. Fornecemos soluções robustas que facilitam o trabalho em diversas plataformas e ambientes, do datacenter principal até a borda da rede.
Selecione um idioma
Red Hat legal and privacy links
- Sobre a Red Hat
- Oportunidades de emprego
- Eventos
- Escritórios
- Fale com a Red Hat
- Blog da Red Hat
- Diversidade, equidade e inclusão
- Cool Stuff Store
- Red Hat Summit