订阅内容

DevOps – the application development paradigm for continuous integration and delivery – has become a popular methodology for banks to accelerate delivery of applications in today’s fast-paced digital economy. Now, banks are setting their sights on DevSecOps, which aims to integrate and automate security into the entire testing, development, and delivery process.

The benefits of DevOps are fairly well understood. When development and operations teams produce iterative changes more frequently, it can reduce software defects and service issues. This is important to all banking services, but even more so in digital banking. Digital-first customers expect not only new and innovative experiences, but also a secure and reliable service, particularly when they do most of their banking on mobile devices.

So, how can DevSecOps help? Customers expect strong security, and that requires taking DevOps practices to the next level – DevSecOps. Using existing security models and practices, which “bolt on” security at the end stage of development, doesn’t suit an environment that is defined by frequent change across a growing set of digital touch points, thereby creating widening the opportunity for breaches. Hence the need for a delivery process that builds in and automates security from the very start. A DevSecOps approach can facilitate this, removing boundaries that previously existed between information security and DevOps teams. Rather than treating security as an afterthought delivering a software delivery, it is integrated into the full life cycle.

Simply put, there’s too much at stake to adhere to static and outdated security processes when changes to an application may take place every few weeks or even every few days. If security isn’t treated as a shared responsibility by information security and DevOps, and if it isn’t integrated as part of the end-to-end delivery process, the risks that an application will be compromised by illicit online activity may increase. Digital banking efforts won’t be sustainable if customers lose faith that their financial transactions are secure.

The bank of the future will be better prepared to compete against the rising tide of fintechs and digitally-native banks if the DevSecOps approach is applied. Such an approach puts a laser focus on the necessary speed and security. To learn more about the impact of DevSecOps on digital banks, see DevSecOps: Critical in Building the Bank of the Future.


关于作者

Eric Marts is a financial services leader at Red Hat. Prior to joining Red Hat, Eric shaped solutions globally in the Retail Banking and Wealth Management business at HSBC. He has more than 20 years of professional experience across both startups and incumbents. He is particularly interested in unlocking new market opportunities and making financial services simpler and more inclusive for customers with cloud technology.

Read full bio

按频道浏览

automation icon

自动化

有关技术、团队和环境 IT 自动化的最新信息

AI icon

人工智能

平台更新使客户可以在任何地方运行人工智能工作负载

open hybrid cloud icon

开放混合云

了解我们如何利用混合云构建更灵活的未来

security icon

安全防护

有关我们如何跨环境和技术减少风险的最新信息

edge icon

边缘计算

简化边缘运维的平台更新

Infrastructure icon

基础架构

全球领先企业 Linux 平台的最新动态

application development icon

应用领域

我们针对最严峻的应用挑战的解决方案

Original series icon

原创节目

关于企业技术领域的创客和领导者们有趣的故事