How to Start a DevOps Continuous Delivery Transformation in Financial Services
January 08, 2016

Derek Langone
XebiaLabs

DevOps is difficult to define, but is almost always considered to be a complicated mix of processes, people, and tools. For DevOps to succeed, teams must work in harmony with their processes and tools, and most importantly, share common goals.

In the field of financial services, transitioning to DevOps can be especially challenging for two main reasons. First, there is a strict separation of Development and Operations, a situation that inhibits but does not prevent the successful adoption of DevOps. The separation revolves around the notion that it is risky to allow developers to gain access to the production-side of the house ­ and to allow operations people to tinker with software development.

Secondly, there is the conservative, reactive mind-set that is endemic in the industry. Many executives and IT people believe that the software and hardware environments of financial services, companies particularly banks, are not compatible with DevOps.

Their arguments mostly focus on: the plethora of legacy-based mainframe applications that have run unaltered for years and do not need to be changed; and the industry-specific processes (such as automatic cash dispensing) that do not easily integrate with new software.

These outdated opinions are causing many financial services companies to fall behind their more nimble competitors that are offering flexible ways for consumers to interact with their firms and transact business. Releasing features and applications more efficiently and in a standardized way across platforms is becoming necessary for survival.

Enough with the challenges. Here are some practical ways for financial services companies and many other organizations to embrace DevOps successfully.

1. Keep Your Eye on the Business Drivers

Make sure that your transformation is driven by a critical business need such as keeping ahead of competitors, delivering better software faster to customers, reaching new markets, or improving business processes, or some combination of the above.

Don’t get bogged down in strictly Dev or Op concerns, such as reducing production incidents, cutting security incursions, or speeding up the time spent on testing.

2. Start Small with a Pilot Project and Measurable Goals

DevOps is a process that is best implemented in digestible and measurable bites. Focus on one application that will allow you to get up and running quickly. This is particularly vital in a large enterprise that requires large groups of people to work together to develop, qualify and deploy code.

Create a plan that all interested parties can contribute to and that unites the different IT groups.

Set some clear and realistic goals. Don't worry too much about whether those goals are in line with one particular philosophy of software development or another. However, bear in mind that you need to achieve your goals without negatively affecting the experiences of your customers and/or incurring serious financial loss.

Your success will depend on: taking baby steps; getting the right tools and infrastructure in place; and creating a test environment that enables the team to build, test, and deliver small apps or features that work in production.

3. Get Senior Execs on Board As Early as Possible

To move your plan forward to the next app, the next process or the next department, you will need to get leadership buy-in to make it happen quickly and smoothly and with the appropriate funding. You will need C-level support because the cost will rise relative to the changes you want to make.

The key here is to recognize that moving to DevOps is an organizational challenge that can only be solved with the participation of senior management.

To sell the concept of DevOps to senior management, people need to sell the business benefits first, and the technology ones second. A successful example of moving a single application to DevOps is an easy way to demonstrate benefits to senior management.

The business benefits to highlight are: improved processes, lower costs, faster time to market, and better software for end-users. Those benefits can only be achieved by leveraging best-of-breed DevOps practices; and using tools that facilitate the continuous delivery of software while giving instant, transparent visibility and control to all involved.

4. Involve Mid-Level Managers – It’s Vital

In most large-scale transformations, IT management and C-level management often overlook the value of engaging middle-level management. Big mistake.

Middle-level managers are the vital communications link between C-level execs and lower-level managers and non-management people. They can share the business and technical objectives of the transformation plan into language that lower-level managers and employees can easily understand.

But, even more importantly, they can play the role of investigative reporters by: asking tough questions of people at every level, exploring issues, and connecting the dots between the planned technology transformation and business objectives.

Fundamentally, middle-level managers are ideally positioned to remove organizational barriers, and to work with the executive team to prioritize issues to accelerate the adoption of DevOps throughout the organization.

5. Enforcing the Vision is a Team Sport

Naysayers will claim that making the move to continuous delivery is not easy. There are too many complicated factors, too many processes and tools, too many regulatory mandates. In many ways they are correct, but for many financial services companies, the move to DevOps has quickly gone from optional to necessary.

Moving an enterprise incrementally to an Agile and DevOps aligned process is one of the most impactful IT investments that can be made. The speed, quality and compliance gains that will be realized are massive. However, team commitment, clear goals and a willingness to take a step by step approach, are critical considerations for success.

The good news is that all of these items are well within the control of the IT organization and a wealth of knowledge and tools are now available to play the right supporting role.

Derek Langone is CEO of XebiaLabs.

Derek Langone is CEO of XebiaLabs

The Latest

July 16, 2018

The key to mainframe DevOps success is in quickly identifying and removing major bottlenecks in the application delivery lifecycle. Major challenges include collaboration between mainframe and distributed teams, lack of visibility into the impact of software changes, and limited resource flexibility with scaling out necessary testing initiatives. Now let's take a closer look at some of these key challenges and how IT departments can address them ...

July 11, 2018

How much are organizations investing in the shift to cloud native, how much is it getting them? ...

July 10, 2018

In the shift to cloud native, many organizations have adopted a configuration-as-code approach. This helps drive up application deployment velocity by letting developers and DevOps teams reconfigure their deployments as their needs arise. Other organizations, particularly the more regulated ones, still have security people owning these tools, but that creates increased pressure on the security organization to keep up. How much are organizations investing in this process, and how much is it getting them? ...

June 28, 2018

More than a third of companies that use serverless functions are not employing any application security best practices and are not using any tools or standard security methodologies to secure them, according to the State of Serverless Security survey, conducted by PureSec ...

June 27, 2018

The popularity of social media platforms and applications is spurring enterprises to adopt "social business" models to better engage with employees and customers and improve collaboration, according to a new study published by ISG ...

June 25, 2018

The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...

June 21, 2018

DevSecOps is quickly gaining support and traction, within and beyond information security teams. In fact, 70% of respondents believe their culture can embrace the change needed to fuse Security and DevOps, according to a new survey of 80 security professionals by Aqua Security ...

June 20, 2018

The larger the company size, the higher the proportion of low IT performers, according to the State of DevOps: Market Segmentation Report from Puppet, based on the 2017 State of DevOps Survey data ...

June 18, 2018

An overwhelming 83 percent of respondents have concerns about deploying traditional firewalls in the cloud, according to Firewalls and the Cloud, a survey conducted by Barracuda Networks...

June 14, 2018

Despite the vast majority of cloud management decision-makers believing that DevOps and microservice enablement are important, very few believe that their organizations are capable of delivering them today — a gap that is costing the average enterprise $34 million per year, according to new report from the Ponemon Institute ...

Share this