More Secure In The Cloud

gauges from Jeanne Masar
“morlocks” by Chilanga Cement is licensed under CC BY 2.0

I have talked to organizations that haven’t yet moved into the cloud because of security concerns. They stay locked in their own data centers because they have a fear of exposing their systems and information to the outside world. This may sound counterintuitive to those that haven’t moved to the cloud yet, but you’re more secure in the cloud than you are in your own data center.

I’ll give you three reasons why this is true — and one big caveat to make sure it’s true for you. Read on or watch the short video I did on this topic.
Continue reading

Top 4 IT Fails of All Time

smilies bank sit rest

I’m a big believer in the old adage, “Those who do not learn from history are doomed to repeat it.” You need to examine your mistakes, figure out why and how you made them, and then use those lessons so you can do better the next time. In addition, I would prefer to learn from other people’s mistakes rather than committing them myself — it’s gain without the pain. So I asked myself the question, “What are the biggest IT fails in history?” And then the more important follow-up, “What can I learn from them?”

I wanted to find the failures that were significant and spectacular. They had to be impactful and memorable. There are plenty of stories about failed IT projects that “just” wasted a lot of money like this one from the Air Force (there’s a lot to be learned from them, too). But I wanted the projects that culminated in a momentous, go-out-in-a-blaze-of-glory, end-up-on-the-evening-news kind of failure.

Here’s my short list along with the lessons I took away from each.
Continue reading

Changing How We Work

Good Samaritans work with Reserve Soldiers in Puerto Rico

I’ve been thinking a lot over the last several months about how my team and I work. This is somewhat about the actual work we do, but more about how we do it. My thinking was prompted by several factors. First, we felt like we were always maxed out on capacity. The metaphorical CPU was always pegged at 100%. As a consequence, we had long cycle times and lots of context switching. Second, much of the time we felt like we were struggling against the system to get work done. It felt harder than it should have been, was draining our energy, and hurting morale. Finally, we didn’t feel like we were collaborating as a team as much as we would like. We were operating in our own silos.

We needed a change.
Continue reading

We’re Better Together: DevOps, Security, Audit, and Compliance

nomnomnom from Katheirne Hitt
“nomnomnom” by Katheirne Hitt is licensed under CC BY 2.0

I’ve been on a kick recently about how DevOps, security, audit, and compliance all fit together. Spoiler alert: they all do fit together. In fact, we’re better off individually and collectively when we bring security, audit, and compliance into the DevOps tent and treat them like we would any other function that has valuable expertise to contribute to help our organizations win. We’d all benefit from what we can learn from each other.

I wrote about a few ways to do that on Excella’s blog. You can also get more information from a talk I gave a couple months ago on this same topic.

5 Tips for Leading a DevOps Transformation in Your Organization

Red-Green Leaves from Garry Knight
“Red-Green Leaves” by Garry Knight is licensed under CC BY 2.0

I wrote for XebiaLabs on leading a DevOps transformation within your organization. It’s based on a white paper I co-authored with a bunch of really amazing people at Gene Kim’s DevOps Enterprise Forum in 2016. The post covers five simple (but not easy) tips for making progress on adoption of DevOps patterns and practices within your organization. The tips include understanding other people’s goals and the problems they face, identifying a target mindset, and then developing and executing a plan with the most effective tactics.

In retrospect, I’ve been writing a lot for other blogs and less so for myself. Whatever gets the word out and advances the cause, right?