Couldn’t attend Transform 2022? Check out all the top sessions in our on-demand library now! Look here.
For those technologists eager to keep up to date with the latest relevant acronyms, add Development Data Security Operations (DevDataSecOps) to the list of need-to-know.
DevDataSecOps builds on the commonly used terms devops and dataops. While the term is not yet widely used, data practices across many organizations suggest that it will soon be.
“We are increasingly seeing organizations need to move to a DevDataSecOps model that encompasses the core of the devops model, while also encompassing the critical security and data decisions that drive operational and development decisions,” Karthik RanganathanCTO and co-founder at Yugabyte, VentureBeat told. “While a DevDataSecOps approach may feel uncomfortable at first and come with initial challenges (as devops did), we believe it offers major benefits that data-first organizations can no longer ignore.”
What’s so important about DevDataSecOps?
What is driving this new trend?
Event
MetaBeat 2022
MetaBeat will bring together thought leaders to offer advice on how metaverse technology will change the way all industries communicate and do business October 4 in San Francisco, CA.
Register here
“To be an effective data-driven company, it’s important to build a strong foundation for the data architecture up front,” Ranganathan says. “As companies evolve to meet the needs of distributed employees, partners and customers, they cannot build modern applications that deliver the desired user experience with a legacy approach to data. Distributed users need distributed data. Trying to change the data layer after building an application results in reduced developer productivity and slower time-to-value.”
In addition, Ranganathan emphasized that “working in modern environments where being highly secure from day one is essential, security can no longer be an afterthought. Just as the data architecture is critical to how an application is built – and what experiences and capabilities are allowed to be used.” expected – the same is true for security.”
By embracing DevDataSecOps practices, data and security architectures are recognized as integral parts of building and deploying services rather than “specialized” or “expert” aspects, Ranganathan said. This enables teams to identify key requirements and make thoughtful holistic design decisions during the planning stages to ensure key service objectives can be met.
As a result, major re-architectures mean IT groups face fewer surprises and blockages in building and shipping new features.
“DevDataSecOps also requires upfront investment in these areas. This means that IT groups need a little more time to plan and design in advance to make the later development and testing processes, which are usually more expensive and time-consuming, more successful,” said Ranganathan.
Benefits of a DevDataSecOps strategy
In the same way that devops brought developer skills and insights to operations teams, DevDataSecOps would enable organizations to build similar bridges with data architects and information security teams, Ranganathan believes.
“By creating natural times for when and why the teams should work together, and establishing shared goals for developing new services or capabilities, the end result should increase the chances of meeting all the goals of an initiative,” Ranganathan said. . “The end-to-end approach should increase the efficiency of the developer teams by providing them with all requirements up front and minimizing major reworks later in the process.”
When done right, some key benefits to be realized are:
- Faster time-to-value by taking a small hit up front, but significantly reducing the chance of major delays later in the project.
- Increase developer productivity by focusing on value-added efforts and ensuring the right data and security architectures are in place to minimize unnecessary churn and work.
- Reduced risk by establishing core data and security needs as the foundation of any project, rather than an additional thought that makes it more difficult to ensure full compliance or address all needs correctly.
Cultural change will be an obstacle
Despite these potential benefits, adopting a DevDataSecOps strategy is not without its challenges.
“As we saw with the adoption of devops, the biggest challenge facing DevDataSecOps is driving culture change and educating teams for a holistic, end-to-end approach,” explains Ranganathan. “While there may be some inefficiencies at the outset as new processes are established and additional voices become part of the early design phases, over time the overall key requirements and needs will be better understood by the larger organization, enabling smarter decisions and approaches. proposed from the beginning.”
Most IT teams, especially at larger organizations, should also work with other remote teams to build the required skills and establish the right processes for assessing data and security requirements, Ranganathan said.
In the meantime, many leading organizations are already on their way to adopting DevDataSecOps, even if they don’t recognize it.
“While the DevDataSecOps term is not yet widely embraced (and is a mouthful to say), the reality is that many forward-looking organizations that rely heavily on data to power their businesses, such as major financial institutions and retailers, are already prioritize their data and security architectures as fundamental parts of their business,” said Ranganathan.
The mission of VentureBeat is a digital city square for tech decision makers to learn about transformative business technology and transactions. Discover our briefings.
