I’ve been on a kick recently about how DevOps, security, audit, and compliance all fit together. Spoiler alert: they all do fit together. In fact, we’re better off individually and collectively when we bring security, audit, and compliance into the DevOps tent and treat them like we would any other function that has valuable expertise to contribute to help our organizations win. We’d all benefit from what we can learn from each other.
I delivered a talk on September 13, 2017 to the local section of the Automated Software Quality organization on how to bring audit, security, and compliance into the DevOps movement. I provided a lot of resources at the end of the talk. Here they are with a description of each.
I wrote for XebiaLabs on leading a DevOps transformation within your organization. It’s based on a white paper I co-authored with a bunch of really amazing people at Gene Kim’s DevOps Enterprise Forum in 2016. The post covers five simple (but not easy) tips for making progress on adoption of DevOps patterns and practices within your organization. The tips include understanding other people’s goals and the problems they face, identifying a target mindset, and then developing and executing a plan with the most effective tactics.
In retrospect, I’ve been writing a lot for other blogs and less so for myself. Whatever gets the word out and advances the cause, right?
The 2017 State of DevOps Reportis out. As in previous years, it provides a lot of information about the state of DevOps within the industry and some of the important factors that differentiate high-performing organizations from their non-high-performing peers. I noted a few highlights from this year’s report: the impact of leadership, the continued misconception about the perceived tradeoff between throughput and stability, and autonomy with teams and architectures.
I wish I had read The Manager’s Path by Camille Fournier twenty years ago when I started down the path of being a manager. I could have avoided a lot of pain, confusion, and conflict for myself and those I was managing. I agree with much of what is in the book about what works mainly because I learned the hard way about what doesn’t work.
A few years ago, I went through some executive coaching individually and as a group. In one of the individual sessions, the coach and I were talking about my team and the meetings I had with them. The coach asked me how I wanted someone on my team to feel after meeting with me. I had to think about it because I had never been asked that question before. And yet, it was an incredibly important answer to have. After a minute or two, I came up with the following answer.
Many of us have too much going on. Busy is the new status symbol. I’m no exception. And yet many of us also feel that while we do more and more, we actually accomplish less and less. I’m no exception on that point, either.
Essentialism: The Disciplined Pursuit of Less by Greg McKeown is a response to that trend. It advocates for whittling down what we spend our time and energy on so we can focus on the few activities and efforts that will have the most impact. In truth, it should have been subtitled “The Disciplined Pursuit of Less but Better” (which is an actual quote from the book).
“Essentialism is not about how to get more things done; it’s about how to get the right things done.” (emphasis added)
If there is the concept of “essentialism”, there must be one of “nonessentialism”. In fact, the book contrasts the mindset, assumptions, decisions, and choices between “essentialism” and “nonessentialism”.