By Gerry Gebel for DevOps.com
Fundamentally, DevOps is all about speed and agility. Customers expect companies to deliver and update applications at an accelerated pace and businesses must adopt modern technologies to meet customer expectations. With DevOps, organizations can implement a continuous development and deployment cycle to reap a multitude of benefits.
Not only can organizations operate and evolve applications at high speeds with DevOps, but they also can do it more cost-effectively by automating all steps involved with software construction to avoid manually deploying code or configuration changes for each application.
While speed and security are not necessarily enemies, if the security or access control technologies deployed are not in tune with a continuous deployment flow, the full promise of DevOps will not be realized. Waiting until the end of a development cycle to review security opens organizations up to security issues that could have been more easily resolved had security controls been implemented in the first place. Late discovery of security concerns also slows down the process—which is, of course, counter to some of DevOps’ primary objectives. To obtain the full potential of DevOps, organizations must ensure that security controls, such as externalized authorization, are an integral part of the security process from the very beginning.