The ongoing coronavirus pandemic has resulted in massive changes in resource consumption, end-user needs, and the workplace. And these changes could extend for months into the future.
As IT departments, developers, cybersecurity professionals, and operations teams find themselves working remotely and racing to meet the needs of an increasingly remote workforce of end-users, they need every tool at their disposal to help them keep up and meet demands. One of those tools that can help them meet these requirements more effectively and efficiently is automation, which is rapidly becoming an essential component in virtually every step of the development lifecycle.
Development teams that are implementing DevSecOps methodologies need to discover ways to automate processes to meet these ever-changing demands. But they may not know where to start. Luckily, Alessandro Perilli of Red Hat recently shared four steps that agencies can take to embrace automation within their DevSecOps environments:
1) Focus on many small tasks rather than a big complex process.
The current situation requires a return on the investment faster than ever. And you cannot realize a return on the investment very quickly if you focus on one big process with many complex subprocesses that have never been standardized or automated before. It’s a waste of resources, and I have seen this approach fail many times in my career. Rather, automate as many small tasks as you can. Aggregated, they represent a significant overload for the company and a distraction from the bigger projects.
The more small tasks you automate, the more you will gain experience with and confidence in the automation solution you selected. At the same time, you’ll have a foundation of automated processes that can become the building blocks of more complex automation projects.
2) Review what others have automated.
If you have limited experience, the knowledge of your industry peers will prove invaluable. Find online marketplaces for automation (Ansible Galaxy is an example, but there are others, depending on your automation platform of choice) and study what tasks people automate the most, and how. Evaluate how much is applicable to your IT environment and how much you’d have to change to adapt the automation workflow to it.
3) Treat automation like software.
Some automation solutions (like Ansible) adopt a language that is much easier to write, understand, and troubleshoot than actual development code. The easier to understand, the more people can use it in their respective domains of expertise, the faster the return on investment.
Yet, no matter how easy to understand, an automation language is still prone to human error. A risk that you can mitigate by applying some of the best practices in software development. Start by thinking about things like automation workflow reviews or version control. The more mission-critical the environment being automated, the more robust the development process should be.
4) Think out of the box.
IT automation is usually associated with the provisioning and configuration of servers in a data center. While existing automation solutions excel in those tasks, some of them have expanded beyond the realms of IT operations and are becoming invaluable tools for network operations, security analysts, and security operations. Here are some examples:
- Automation can help configure hardware network devices as fast as they are deployed.
- Automation can help deploy new security solutions where you need additional protection.
- Automation can help speed up the triage of security attacks as more bad actors attempt to exploit the explosion of people and organizations going online.
Click HERE to read Alessandro’s article in its entirety on the Red Hat Blog. Or, click HERE to download a complimentary copy of the white paper, “Making Government More Nimble: A Roadmap to Drive Innovation in the Public Sector.”