Public Company Accounting Reform and Investor Protection Act

Compliance Journal

Subscribe to Compliance Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Compliance Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Compliance Journal Authors: Elizabeth White, Don MacVittie, Fouad Khalil, Jason Bloomberg, Pat Romanski

Related Topics: Security Journal, DevOps Journal

Blog Post

DevOps and Automation Bolster Security | @DevOpsSummit #DevOps #Microservices

As 2016 has arrived, we reflect upon one of the most debated issues around DevOps in 2015 - Information Security and compliance

Hot Button 2016: How DevOps and Automation Bolster Security and Compliance

As 2016 has arrived, we reflect upon one of the most debated issues around DevOps in 2015 - Information Security (InfoSec) and compliance. Needless to say, both are critical to an enterprise (especially given past examples of data breaches and looming cybersecurity threats). As a result, the combination of InfoSec and DevOps practices can be viewed as counter-intuitive, since the ability to "go faster" can be seen as a potential risk to security mechanisms in place, and thus harder to ensure compliance and enable auditability.

However, we repeatedly heard a different story in 2015 - InfoSec teams are embracing DevOps as the practice that enables - and enforces - security and compliance requirements. But how?

To answer this question, I had the pleasure of working with TechBeacon on a new story for the ‘New Year' that outlines the different ways of how DevOps is increasingly underpinning the security blanket for enterprise IT organizations. In fact, DevOps provides a huge opportunity for better security across an entire company. Many of the practices that come with DevOps, such as automation, emphasis on testing, faster feedback loops, improved visibility, collaboration, consistent release practices, and more, are fertile ground for integrating security and audit capabilities as a built-in component of your DevOps processes.

devsecops-techbeacon

For the 9 ways that I think DevOps and automation bolster security and compliance, read the article on TechBeacon »

If you want to hear what other experts are saying on the subject, be sure to check out Episode 29 of our Continuous Discussions (#c9d9) video podcast where we talk with James DeLuccia and Jonathan McAllister about "Security & Compliance as part of your DevOps Processes."

More Stories By Anders Wallgren

Anders Wallgren is Chief Technology Officer of Electric Cloud. Anders brings with him over 25 years of in-depth experience designing and building commercial software. Prior to joining Electric Cloud, Anders held executive positions at Aceva, Archistra, and Impresse. Anders also held management positions at Macromedia (MACR), Common Ground Software and Verity (VRTY), where he played critical technical leadership roles in delivering award winning technologies such as Macromedia’s Director 7 and various Shockwave products.