MacStadium announced that it has obtained Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Level 1, meaning that MacStadium has publicly documented its compliance with CSA’s Cloud Controls Matrix (CCM), and that it joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
Real digital transformation is built on a foundation of adaptability and the ability to embrace change. As we all face new challenges, I am offering some tips as a way to look deeply at your distributed work that is occurring and evaluate where and how it might be improved.
Start with Building Resilience in Geographically Distributed Teams - Part 1
Here are a few more things to look for when considering a partner or moving into this space on your own:
1. Team Distribution
Beyond mere geographic distribution, how well do your teams work if they are distributed in multiple locations? Can you get specialists from a geography quickly and onboard them onto a team whose main contingent is elsewhere?
2. Work from Home
Can your team work from their homes? Will this distribution impact team norms or processes? How well is this contingency planned for?
3. Company Culture
Do teams embrace distributed culture and the opportunities it provides, or do they still prefer to work in the same location?
4. Certifications and Standards
Certifications such as ISO 27001 standardize how organizations operate. If distributed execution principles are built into the company’s standards, all the better. These codified processes allow them to function in a distributed fashion more cleanly and with fewer question marks that team members themselves need to resolve. The playbook is in place and IT and teams can execute that playbook. You can also worry less about data, code, and environments knowing that these certifications very often govern how teams handle these items.
5. Mature Development Processes
Does your vendor have a mature, documented development process with enough flexibility to handle your specific needs? If they do, they will be better able to handle the distributed model.
6. Cloud-Based DevOps
Look for a vendor that utilizes cloud development and cloud-based infrastructure for much of their work, including DevOps best practices. This type of maturity means that systems and source code can easily be protected, mirrored, and backed-up across multiple geographies. It also means that code and test systems are less likely to be hosted in local, insecure data centers or server rooms that might be more likely to suffer an outage in the event of a localized issue.
7. Tool Use
Use of work-management systems like Jira and standardized workflows ensure that work is tracked and Scrum Masters (and you) have clear visibility into the health of development. By ensuring that requirements, designs, work processes, and task assignments are the same on every project and that none of these things rely on physical co-location of teams, a truly distributed team is equipped to meet distributed development challenges.
8. Video and Real-Time Communication Come Standard
Every distributed team should use these tools to communicate among themselves and with their clients. They should not miss a beat - and they should know how to make remote meetings feel more like face-to-face meetings.
If you are looking for a digital transformation partner, look for one that has resilience built into its work processes and culture. Even if a vendor has teams physically located in the same place they should adhere to the processes and guidelines listed above. If they do, suddenly working from home and being not physically located together does not pose an issue, nor will it negatively impact performance or communication.
Industry News
The Cloud Native Computing Foundation® (CNCF®) released the two-day schedule for CloudNativeSecurityCon North America 2024 happening in Seattle, Washington from June 26-27, 2024.
Sumo Logic announced new AI and security analytics capabilities that allow security and development teams to align around a single source of truth and collect and act on data insights more quickly.
Red Hat is announcing an optional additional 12-month EUS term for OpenShift 4.14 and subsequent even-numbered Red Hat OpenShift releases in the 4.x series.
HAProxy Technologies announced the launch of HAProxy Enterprise 2.9.
ArmorCode announced the general availability of AI Correlation in the ArmorCode ASPM Platform.
Octopus Deploy launched new features to help simplify Kubernetes CD at scale for enterprises.
Cequence announced multiple ML-powered advancements to its Unified API Protection (UAP) platform.
Oracle announced plans for Oracle Code Assist, an AI code companion, to help developers boost velocity and enhance code consistency.
New Relic launched Secure Developer Alliance.
Dynatrace is enhancing its platform with new Kubernetes Security Posture Management (KSPM) capabilities for observability-driven security, configuration, and compliance monitoring.
Red Hat announced advances in Red Hat OpenShift AI, an open hybrid artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across hybrid clouds.
ServiceNow is introducing new capabilities to help teams create apps and scale workflows faster on the Now Platform and to boost developer and admin productivity.
Red Hat and Oracle announced the general availability of Red Hat OpenShift on Oracle Cloud Infrastructure (OCI) Compute Virtual Machines (VMs).
The Software Engineering Institute at Carnegie Mellon University announced the release of a tool to give a comprehensive visualization of the complete DevSecOps pipeline.