The majority of organisations are stuck in a “plateau” in their DevOps evolution and are struggling to advance into the higher stages of adoption.
BMC Software knows a thing or two about the subject and recently sponsored Puppet’s 2021 State of DevOps report.
Developer spoke with Ram Chakravarti, CTO of BMC Software, to gain some insights into how to break the DevOps plateau and how automation can be used to bolster security.
Developer: Puppet’s 2021 State of DevOps report highlighted that most organisations’ DevOps evolution has plateaued. What would be your advice to enterprises looking to break their lull and join the ranks of those in the coveted high stages of DevOps adoption?
Ram Chakravarti: As cited in the State of DevOps report, 58 percent of the group “stuck in the middle” have multiple handoffs between teams to get to deployment. Some of that could be from a lack of automation or having the right skillsets in place. But another factor we see, especially in large organisations, is a lack of trust between teams. Development teams want to go fast, and operational teams want to reduce risk. The development team needs the friction to deployment reduced, while the ops side needs the confidence that deployments will go smoothly.
Using automation to ensure governance requirements are met on the dev side and intelligent monitoring on the ops side to make sure things are running smoothly can help both sides achieve their objectives, breaking the lull in DevOps maturity.
D: A report from cybersecurity firm Venafi found that – of a sample of 1,000 DevOps and IT security professionals – 48% said development teams are responsible for security and 48% say their IT teams are. To help end the stand-off, which team do you think is responsible?
RC: Let’s be honest: Everyone is responsible for enterprise security at an organisation. When it comes to DevOps, the answer—as demonstrated in the data—is somewhere in the middle. Developers need to ensure the code they produce is free of bugs or vulnerabilities that could be exploited. The operations team needs to ensure that production systems remain secure and that any updates (i.e. patches) are applied in a timely fashion to protect corporate data.
Working together is the best way to help keep systems secure. Making security a responsibility of the entire set of stakeholders is at the heart of the natural transition from DevOps to DevSecOps.
D: Research suggests “shift left” testing is yet to be widely adopted. Why do you think that is and how can we overcome challenges preventing wider uptake?
RC: The customers we serve have large, complex systems spanning from cloud to mainframe and they have a lot of technical debt. Shift left is a big change in both philosophy and the needed tooling for these large enterprises. Vendors need to continue to innovate in this space to make it simpler for customers to put shift left testing into practice so they can enjoy the benefits of automation, increased delivery speed, and improved customer satisfaction.
D: How are the new BMC Automated Mainframe Intelligence (BMC AMI) and BMC Compuware innovations announced earlier this month helping to bolster security?
RC: The most recent updates to BMC AMI and BMC Compuware enable users to uncover weaknesses and malicious activity before a compromise occurs with automated detection and response to suspicious or unusual, privileged user activity.
To help bolster security, the portfolios accelerate development of team outputs with new integrations that simplify continuous integration and continuous delivery pipelines. Additionally, they orchestrate automated deployments across multiple platforms and increase mainframe performance and resilience with a solution that diagnoses potential performance issues.
D: Gartner has BMC among the leaders for IT service management tools in its most recent Magic Quadrant report for the seventh year running—with the analysts recognising the company’s ability to execute and completeness of vision. What are some of BMC’s other key advantages over rivals in your view?
RC: BMC’s mission is to help organisations across the globe evolve to ADEs, and service management capabilities are a key component of that mission. We see service management as more than just ticketing, it’s about integrating with operations management and discovery technologies to help monitor systems and proactively fix problems before they impact customers. The combination of AIOps and AI Service Management (AISM) gives customers the ability to deliver Service Operations, which we believe is a competitive differentiator for us.
D: BMC is a sponsor of this year’s AI and Big Data Expo Global in London and will also be hosting a keynote at the event. What insights do you plan on sharing with the audience?
RC: At the AI and Big Data Expo our focus will be on how enterprises are continuing to amass data at exponential rates, why it’s becoming more imperative to unlock its value and how traditional approaches to data and analytics transformations have seen high failure rates. In my session, I look forward to sharing a recipe for success that rapidly turns new insights into fully operationalised production deliverables – all designed to unlock tangible business value from data.