In today’s world, where technology is central to every industry, it has become increasingly important to deliver software not only faster, but safer, in order to stay competitive. One of the markets where security and compliance is a crucial element to the software delivery process is in Financial Services (FinServ). Many FinServ organizations are reliant upon technology to achieve their goals and remain competitive in the marketplace. As Jeffrey Snover, a distinguished engineer at Microsoft, observed, “In previous economic eras, businesses created value by moving atoms. Now they create value by moving bits.” The irony is that if there’s any industry that has created (and occasionally destroyed) massive amounts of economic value by moving bits as quickly as possible, it’s FinServ. While these organizations need to move fast, they must simultaneously emphasize aspects of security and compliance to eliminate risk. Whether it’s at the ATM or on a mobile app, FinServ organizations must also ensure that their customers’ private information is just that: private.
While many FinServ organizations are turning to DevOps to increase speed and mitigate risk in their software delivery process, is this methodology the best or only answer? Perhaps not. These firms may also want to consider a decades-old, reliable practice – ITIL. ITIL, formerly an acronym for Information Technology Infrastructure Library, is a set of practices for IT Service Management (ITSM) that focuses on aligning IT services with the needs of business. ITIL has helped large teams, particularly those that are heavily regulated, manage the way services are delivered in a predictable and consistent way, as a means to mitigate risk. ITIL has been viewed as a more regimented and by-the-books practice than DevOps, which is why it may mesh well with the needs of a FinServ organization.
This is not to suggest that FinServ companies already engaging in DevOps practices should drop their ways and turn to ITIL, or that those that have adopted ITIL should not look to other software delivery methods. However, for organizations that have not yet adopted a modern software delivery method to practice, ITIL might be the place to start. Even those who are already entrenched in DevOps may consider introducing a hybrid of DevOps and ITIL in their organization to bolster security and speed. When it’s all said and done, a best practice for organizations of any size or industry is to choose the method, or hybrid of methods, that best serves the needs of their business and customers.
Don’t just take my word for it. Experts in DevOps and ITIL discussed best practices for implementing both in a recent podcast. Panelist Jan-Joost Bouwman, ITSM process owner at ING Netherlands, advised those pursuing a full adoption of ITIL to “only keep aspects of the practice that bring value to the organization and lose the rest.” Just as DevOps should be taken in strides, as should ITIL. At least that’s what Kaimar Karu, head of ITSM at Axelos, recommends. In the podcast, he instructed that ITIL should be adopted and adapted – adopt the ITIL mindset and adapt by taking as much or as little as you need from the books. By embracing only the value-driving aspects of any method – whether it’s DevOps, ITIL, Agile or Continuous Delivery – heavily regulated organizations, like FinServ, can successfully develop quality software quickly and securely, keeping them competitive in the marketplace.