The Doppler Quarterly Fall 2017 - Page 71

Source: Damon Edwards neers must think about the system as a whole instead of just focusing on auto- mating a component of the system. System thinking can be a foreign topic to a silo-based organization. Another area we look at is the SDLC practices. Enterprises planning to move to frequent deployments need to embrace lean principles and move away from traditional waterfall or immature scrum approaches. Governance is another important area. The old method of governing with an iron fist need to give away to baking controls, policy, and governance into the code. The days of holding multiple weekly review boards for architecture, security, and gover- nance must be put to bed. These processes and mindsets simply don’t work in the era of continuous deployment. In this new age, we must trust in our auto- mation and institute proactive and continuous monitoring to check for ongo- ing security and compliance. Manual review by humans just doesn’t scale when multiple teams are able to perform push-button deployments. We must audit ourselves in real-time in the new world. FALL 2017 | THE DOPPLER | 69