The Amazons and Googles of the world are humming along a mile a minute when it comes to innovating on modern software delivery practices and deploying software updates rapidly. These web-first, unicorn companies facilitate business at incredible speeds and with a level of agility that earns their customers’ love and loyalty. They have created a new standard and set high expectations for service that can be difficult for other industries to match, particularly ones in highly regulated businesses such as financial services.
DevOps is changing all that.
Financial services organizations face great challenges in meeting the new standards set by the unicorns. Many did not start online, and they’re busy modernizing back-end processes and systems to support today’s digital age. In addition to legacy systems and code, they face concerns around mitigating risk for better security, complying with regulations, and meeting governance requirements, all of which make software innovation a complex and slow process. Or so you would think.
Over the last few years, however, the financial services industry has not only caught up, but is leading the change when it comes to speeding up innovation and adopting modern software delivery practices such as agile, continuous delivery (CD), and DevOps. Executives in this conservative sector see DevOps as a way to roll out value to the market faster, more efficiently, and more safely. DevOps enables financial services to increase the cadence and quality of application releases while also addressing governance, risk, security, and compliance strategies.
Security and Compliance Objections Overruled
Security and compliance are top concerns in financial services and have often been the first arguments against modernizing legacy software development and delivery practices—they are the wet towel thrown on DevOps efforts. Initially, DevOps practices were viewed as a risk to security, and the increased velocity of software releases it enables was seen as a threat to governance, security, and regulatory controls.
Despite the initial pushback, however, enterprises that took the DevOps plunge have consistently demonstrated that these practices actually mitigate potential security problems and help organizations discover issues and address threats more quickly. This has led to the embrace of automation practices as a security blanket that enables and enforces security, compliance, and audit requirements. These financial services organizations now see DevOps as a resource for security efforts, rather than as a threat.
Breaking Down the Walls of the Distributed Enterprise
For many large financial services organizations, each of the four basic stages of the software delivery pipeline — build, test, deploy, and release — consists of hundreds of different processes that encompass thousands of tasks and sometimes millions of jobs executed by hundreds of people. To make things even more challenging, these people, processes, and tool sets often exist in geographically distributed silos.
Within these silos, people may be adept at understanding and improving their piece of the puzzle, but there’s no end-to-end visibility from an organizational perspective, and there’s no way to orchestrate the entire pathway that code takes from build to test to production. This leads to fragmented processes, manual handoffs, delays, errors, and a lack of governance.
Because development teams and IT operations are often geographically distributed in these large enterprises, it is imperative to enable shared control and visibility into the different infrastructures, tool chains, and processes. This is because optimizing the software delivery process should not be attacked as a disparate set of problems but seen as using a system-level approach, much as car manufacturers apply lean manufacturing principles throughout their production lines.
DevOps adoption and implementation are spreading rapidly in financial services due to the value that this systems-level, global approach enables. It does so by scaling modern IT processes across the entire enterprise to enable a robust, end-to-end pathway to production. Breaking down functional silos and removing friction between teams by orchestrating all aspects of the software delivery pipeline in order to create predictable, repeatable processes that can run frequently and with less human intervention alleviate many of the challenges distributed organizations face. To achieve consistency in the release of software, organizations promote visibility and a “learn fast, fail fast” culture, which helps optimize governance.
Improved Visibility and Control
Another essential to improving developer productivity, product quality, and resource utilization, as well as to enable enterprise-scale and cross-project visibility and management in financial services, is automating the processes throughout the software delivery pipeline. “Automate all the things” is a key motto for any DevOps or CD initiative, and it’s becoming a requirement for achieving higher product quality, ensuring compliance, and enabling speed and scalability.
DevOps provides enterprises with an effective approach to eliminate risk from software releases and support the ever-growing demand for more frequent application updates. By automating the entire end-to-end pipeline and managing all release processes in one centralized platform, these organizations gain visibility into the progress of all releases and DevOps processes and ensure that they can control, govern, and optimize their delivery pipelines even as they grow.
From a systems-level perspective, leveraging automation across the enterprise facilitates the standardization and consolidation of all tools, processes, and environments across the organization. This often requires a centralized, shared DevOps release automation platform to allow for the seamless tie-in and orchestration of all the disparate set of tools and processes involved in software delivery. This then enables reusability across teams and the shortening of cycle times and cost reductions. It reduces the risk of releasing software by having predictable processes in place to provide consistent security checks, necessary approval gates, and controls where needed.
Leading a Cultural Change
As a philosophy, DevOps focuses on creating a culture and an environment where development, quality assurance, operations, the business, and other stakeholders work in collaboration toward a shared goal.
While optimizing the tools and technology to scale DevOps adoption, automating the lifecycle, and embedding security practices throughout are important steps, they are only half the battle. DevOps is a mindset, and any cultural shift takes time. This transition will not happen in a day, but even the heavily regulated financial services industry is on the DevOps bandwagon, leading the change not only from a technology standpoint, but also from a cultural one. Financial services organizations finally have what they need to fully harness the benefits of DevOps, modernize their business, and keep pace with the unicorns.
Join me at DevOps Enterprise Summit London on June 30-July 1, where he will be talking more about cultural change and DevOps as part of my presentation, “The Yin and Yang of DevOps Transformation.”