DevOps Definition & Digital Security | Venafi Skip to main content


<---Back to Education Center

Devops




What is DevOps



If your developers or your IT staff have recommended DevOps, you may be left wondering what they’re referring to. They may have thrown out terms like “agile” and “continuous deployment.” They may have even made a reference to “tossing software over the wall.” If you’ve struggled to stay afloat in those conversations, you’re not alone.

Tech-based occupations like system administrators (sysadmin) and developers (devs) tend to be steeped in a lot of computer-related language. That’s because they consume a lot of computer-related literature, both because they’re interested in it, and because they want to be good at their jobs. And somewhere along the line in their studies, they came across this “DevOps” term.

Don’t panic, we’ll explain how.

What is DevOps?

DevOps is an outgrowth of Agile, which itself is an iterative approach to programming. The agile approach means that you develop software incrementally, rather than all at once. DevOps takes this a step further, by offering a philosophy and methodology where the dev team and the production/operations team work together, so that development and implementation can happen in a near-continuous flow.

In a nutshell, DevOps is a methodology of cooperation—rather than function in isolation, development teams, quality assurance, and operations collaborate in order to improve the quality of software, and the speed at which it is developed and implemented.

Terms to Know

There are some terms that will be helpful to understand when talking about DevOps:

• Agile—an iterative approach to programming that breaks work into “user stories” and then delivers that work in two-week cycles called iterations.

• Lean—originally a production term, it refers to an approach where waste and excess is reduced in a software development process.

• Build automation—the process of automating the compiling source code.

• Agile iteration—a one-to-two-week period during which development happens.

• Software iteration—an instance or version of a program.

Provisioning—“The process of preparing new systems for users”.

• Continuous deployment—an umbrella term that refers to the continuous development, integration, testing, and implementation of new software.

While this is far from a crash course in programming, this list should get you started, and help you hold your ground in conversations with the devs and the ops team.

Videos to Watch

There’s a number of videos online that talk about DevOps and how to implement them. The problem is, most of them are aimed at the guys actually using the computers. For those who administrate above them, finding information that will help you help them is a little more difficult.

Luckily, IBM put out a series of videos that does a pretty good job of describing what goes into a good DevOps system, and how to start implementing it. The first one is “Understanding DevOps,” and the second is “DevOps: Where to Start.” The presenter in the video does a pretty good job in these first videos keeping the explanations very non-technical, so you don’t need to worry too much about getting lost in the jargon. It’s a good place to start your education on the topic.

Books to Read

If you’re dedicated, and want to make the implementation of DevOps successful, there are a couple of books out there on the topic that will help you make it happen.

The first is The Phoenix Project, which is actually formatted as a novel. Using the story of an IT supervisor trying to tackle an impossible task, it teaches how to make implementation of software more effective through new techniques and collaboration between departments. It’s a good read.

Another, less narrative option, is Continuous Delivery. This book goes deeper into practices on the dev side, in addition to covering things from the IT perspective. More importantly, it talks about how you can work towards making the implementation of new software a continual process that happens much faster, reducing downtime and improving software quality.

A Word of Warning

DevOps can mean a lot of positive changes, but it’s fast-paced, agile-based methodology lends itself to at least one kind of corner-cutting. It’s in regard to digital security in the form of digital signatures and certificate authorities.

Because developers aren’t necessarily experts in PKI, and because the process of acquiring digital certificates can sometimes be lengthy, developers will sometimes shortcut the process by spinning out their own certificate authorities and issuing self-signed digital certificates. These “test” certificates should, ideally, be replaced once the software gets pushed out to production, but that isn’t always the case. Often, these self-signed certificates are not stored securely which may leave DevOps certificates vulnerable to weak cryptographic security.

If you work outside the Dev team, the Ops team, or the InfoSec team, you may not have understood any of that, so here’s the Cliffsnotes version: sometimes, in favor of ease and agility, developers leave security holes in the software they’re writing. The biggest problem is the possibility that hackers may steal your company’s digital “signature,” and pass malware off as software your team wrote. It’s a common problem, and one even non-techie administrators need to be aware of.

There is a solution to problems like this—it’s having a team of experts on hand that can quickly issue you secure digital certificates.

DevOps is a deep topic, and it’s difficult to parse (that’s a computer pun) for those of us who don’t think in binary. That doesn’t mean you can’t be an effective leader of those who will implement it, though, and with a little research, you can be a significant value add to the process by helping implement the changes.

Up to Top




Continue learning with the next suggested topic:

How to Manage Keys and Certs in DevOps




Main Navigation

}
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat