DataOps: Leveraging DevSecOps Principles for Secure Data Analytics

If you’re a Developer, Ops Admin, or a Tester, you probably know all about DevOps. But, what if you’re a data scientist or analyst? Do you feel left out of the DevSecOps revolution?

If so, you have not yet heard of DataSecsOps. DataSecOps is a secure approach to data analytics and storage that allows data engineers to benefit from the same principles and philosophies that the DevSecOps movement emphasizes.

You may also like: DZone Refcardz: Introduction to DevSecOps.

Bringing DevSecOps to Data Analytics

When you combine DevSecOps with data analytics, you get DataSecOps.

DataSecOps is the extension of DevSecOps values and practices into the data analytics world. The DevSecOps philosophy emphasizes seamless collaboration between developers, security engineering teams, and IT Operations. DataSecsOps does the same for the admins and engineers who store, secure, analyze, archive, and deliver data.

In other words, DataSecOps is all about streamlining the processes involved in storing, interpreting and deriving value from big data with security in mind. This means that security methods where information is encoded and delivered as well as how it is retained are at the forefront of the implementation. It aims to break down the siloes that have traditionally separated different teams from one another in the data storage and analytics fields as well as how data is secured.

With better communication and collaboration between the different teams, comes faster results and better time-to-value. DataSecOps is a way to optimize your data analytics and storage and security workflows in the same way that DevSecOps does for application development.

DataSecOps Infrastructure

Adopting DevSecOps requires some changes to infrastructure as well as security practices. To make the most of DevSecOps, new architecture patterns which emphasize the streamlining of development and agile methods.

DataOps also requires admins and engineers to leverage next-generation data technologies when building their data storage and analytics infrastructure. They need data processing solutions that are scalable and highly available — think cluster-based, redundant storage. They also require a secure environment that not only abides by international GDPR standards but also provides defense in case of any breach. Additionally, just like DevSecOps as staging environments where the application is tested and verified, in DataSecOps data needs to also be replicated but masked for testing purposes.

DataSecOps infrastructure also needs to be able to accommodate diverse workloads in order to achieve the same agility as a DevSecOps delivery pipeline. Building a data processing toolset composed of diverse solutions — from log aggregators like Splunk and Sumo Logic and big data analytics tools like Hadoop, Spark, Atunity — is key to achieving that agility.

Just as DevSecOps is revolutionizing the way software is designed, built, tested, and delivered, DataSecOps can and will do the same for data storage, transmission, and analytics. It will make work easier for data professionals, and lead to better value for organizations storing and processing large volumes of data.