We’re Better Together: DevOps, Security, Audit, and Compliance

nomnomnom from Katheirne Hitt
“nomnomnom” by Katheirne Hitt is licensed under CC BY 2.0

I’ve been on a kick recently about how DevOps, security, audit, and compliance all fit together. Spoiler alert: they all do fit together. In fact, we’re better off individually and collectively when we bring security, audit, and compliance into the DevOps tent and treat them like we would any other function that has valuable expertise to contribute to help our organizations win. We’d all benefit from what we can learn from each other.

I wrote about a few ways to do that on Excella’s blog. You can also get more information from a talk I gave a couple months ago on this same topic.

5 Tips for Leading a DevOps Transformation in Your Organization

Red-Green Leaves from Garry Knight
“Red-Green Leaves” by Garry Knight is licensed under CC BY 2.0

I wrote for XebiaLabs on leading a DevOps transformation within your organization. It’s based on a white paper I co-authored with a bunch of really amazing people at Gene Kim’s DevOps Enterprise Forum in 2016. The post covers five simple (but not easy) tips for making progress on adoption of DevOps patterns and practices within your organization. The tips include understanding other people’s goals and the problems they face, identifying a target mindset, and then developing and executing a plan with the most effective tactics.

In retrospect, I’ve been writing a lot for other blogs and less so for myself. Whatever gets the word out and advances the cause, right?

Top 3 Insights from the 2017 State of DevOps Report

2017 State of DevOps Report

The 2017 State of DevOps Reportis out. As in previous years, it provides a lot of information about the state of DevOps within the industry and some of the important factors that differentiate high-performing organizations from their non-high-performing peers. I noted a few highlights from this year’s report: the impact of leadership, the continued misconception about the perceived tradeoff between throughput and stability, and autonomy with teams and architectures.

I wrote about my insights from this year’s report on Excella’s blog.

You can also see my insights from 2015 and 2016.

How I Want My Team to Feel After Meeting with Me

gauges from Jeanne Masar
“Gauges” by Jeanne Masar is licensed under CC BY 2.0

A few years ago, I went through some executive coaching individually and as a group. In one of the individual sessions, the coach and I were talking about my team and the meetings I had with them. The coach asked me how I wanted someone on my team to feel after meeting with me. I had to think about it because I had never been asked that question before. And yet, it was an incredibly important answer to have. After a minute or two, I came up with the following answer.
Continue reading

DevOps and Audit Resources

binary and magnifying glass

I’ve heard a lot of questions about DevOps, audit, compliance, and how they all fit together. I’ve fielded more questions from more people recently. In my mind, that means more people are applying DevOps patterns and practices to their work and the work they’re doing is real (as opposed to sandbox, pilot, or “let’s try this stuff out” projects). Why else would they be interested in audit and compliance?

Here are some resources that might be helpful if you’re “doing the DevOps” and interested in making audit and compliance efforts go more smoothly.
Continue reading