Why DevOps is the perfect use case for automation

One of the biggest buzzwords in the IT world today is infrastructure automation (IA).

With solutions like VMware vRealize Automation, organizations see IA as the missing link in the era of cloud, where the goal is to “ruthlessly automate everything.”

Nowhere is IA’s appeal more obvious than when it’s combined with another, related strategy: DevOps.

DevOps is the perfect use-case for infrastructure automation

Coined nearly 10 years ago, the term DevOps is the methodology by which software development and IT operations teams work collaboratively to achieve rapid, continuous delivery of applications.

Automation is nothing new for Dev teams. Dev teams have always looked to add efficiency, speed, and reliability to their coding processes using automation and programmable tools. But only recently, with the growth of virtualization and IA technologies such as vRealize, has it been possible to achieve that same speed provisioning the bare metal infrastructure and hardware layers supporting their apps.

It’s no surprise then that DevOps is the killer app when it comes to infrastructure automation. And with it, businesses obtain three major advantages: speed to market; security and compliance; and winning the war for talent.

DevOps and the need for speed

The CIO of Alaska Airlines put it nicely: “We’re no longer an airline. We’re a software company with wings.”

In today’s climate, where Amazon and Uber are defining customer expectations, apps are the new gold. And DevOps is perhaps the most powerful solution to quickly and effectively mine that golden value.

How fast can you get your new investment banking app to market? How do you add new features to your eCommerce site, like drop shipping, before your competitor does? How do you give your employees the best possible workplace experience, right now?

Businesses looking to implement IA have these kinds of questions top of mind. They see a modern DevOps, where both hardware and code are automated, as the answer. IA allows powerful, one-click provisioning of validated infrastructure “blueprints,” without requiring weeks of waiting for operations teams to give DevOps the compute or networking resources they need to deliver. For any business seeking the speed gains of DevOps, doing so at both the software and hardware levels makes the most sense.

DevOps and the demand for security and compliance

Businesses are also aware of rising cyber-security threats, something that becomes more pronounced as they adopt rapid application development. In fact, roughly 30 percent of all breaches are the result of a vulnerability at the application layer. Meanwhile, failures at the infrastructure layer are equally pervasive, and lead to the same catastrophic losses and risk if configured or deployed incorrectly.

In other words, to do DevOps safely, organizations must adopt more mature, reliable and secure practices at both the software and hardware levels, spanning network, compute, server and applications.

With IA, organizations can attain peace of mind, knowing that core infrastructure “blueprints” are automatically configured to meet required compliance and security policies. For example, when vulnerabilities are identified, IA tools can automatically patch or identify risk in your own environment and make it easy for admins to address the issue.

DevOps and the war for talent

If you want the best team, you need the best tools. From giving software devs what they need to provide a unique and challenging new opportunity to your operations, DevOps is a powerful value prop in the war for talent.

On the dev side, rapid application development isn’t just a strategy for today’s best and brightest coders. It’s a philosophy, a way of life. Sitting around weeks, waiting for an environment to be spun up, is not in their vocabulary. They’d much prefer to borrow the company credit card for a quick visit to spin up resources in AWS. Or, failing that, take their talents to a business more amenable to their need for speed.
On the operations side, it’s a similar story. While some IT veterans fear to automate traditional three-tiered infrastructure risks putting them out of a job, in our experience this is the wrong way to look at it. Embracing DevOps and IA has enormous appeal to today’s aspiring IT professionals. They would much rather learn new tools and manage a full, open stack deployment than perfect their skills swapping storage boxes for another few decades.

The bottom line: automation isn’t a job killer. It’s a strategy for giving your team the tools they need to grow their skills as professionals and truly dig into today’s most cutting-edge, innovative practices.

Conclusion

 If you are looking for a reason to automate the infrastructure powering your business, then DevOps might be the perfect use case. From unlocking a strategic edge in the golden era of apps, to ensuring security and attracting the best talent, there is no shortage of compelling reasons to start with DevOps on your journey to modernizing your infrastructure.

Get a clear understanding of how Infrastructure Automation, Flash storage, and Hyper-Converged Infrastructure fit in your data center. Download our eBooks that cut through the buzz around these terms and get straight to the real value for your organization.

3 Ways Your Cloud Adoption Strategy Can Overcome Internal Barriers

Winning internal buy-in from stakeholders for cloud adoption strategy

The biggest obstacles to cloud adoption often have nothing to do with technology. Many cloud efforts fail due to misalignment with internal stakeholders.

Various departments reap the security, efficiency and flexibility benefits of migrating to the cloud. Yet, sometimes those very same groups are reluctant adopters.

[Read more…]

Cyborgsecurity with IBM Watson Advisor

There is a disappointing trend in cybersecurity – there’s more cybersecurity spending than ever, with fewer returns.

This year, Gartner projects that enterprises will spend 8% more on security than in 2017. Meanwhile, according to the Identity Theft Resource Center, the number of significant data breaches grew 37% last year.

Why are breaches growing with spending?

There’s no one answer to why this is. But, surely, a part of it is the increasing variety of threats. We simply can’t expect security operators to hold all the data about emerging exploits in their heads. The cornucopia of new security research is only valuable to the extent that it can be harnessed. If there’s an interesting security whitepaper somewhere, but security operators don’t have the energy or time to put it to use, it’s just marks on a page.

This is especially true of security research because much of it is unstructured. Security research takes the form of prose. Security researchers don’t psychically transmit knowledge. They express themselves with academic papers or blogs. These documents are valuable, but prose is inherently slow. No matter how much reading security operators do—professional or recreational—they’re not going to catch up to this endless flow of data.

Looking beyond humans for help

Fortunately, this is something that machine learning (ML) can help with. Machine learning is really good at natural language processing. ML systems can impose structures on free-flowing language. Which brings us back to IBM’s cognitive solution: Watson Advisor. Among Watson’s many roles, perhaps the most important is that it manages this flow of security-related verbiage.

When security operators analyze a threat with the Watson console, they’re looking at accumulated experience. They’re seeing a conglomeration of what researchers have discovered about the nature of that threat. They’re not just looking at the results of an algorithm that detects a malicious-looking signature. (Although, of course, that’s present as well.)

This speeds up and enhances threat analysis. Security operators can provide their specific knowledge, while harnessing Watson’s general knowledge. They don’t have to worry about keeping abreast of all the latest security data. Instead, they can focus on their own personal expertise. Things like the history of attacks on their organization, likely vulnerabilities, and where mission-critical data is located. Moreover, they can fine-tune the rules that Watson uses to analyze their firm’s traffic on an ongoing basis. They can use human intuition to perfect machine intelligence.

From Cyber to Cyborg

Watson Advisor, then, is a solution that creates cyborg security. It performs the same function as those fictional goggles that soldiers wear in science fiction movies. It provides real-time knowledge of the enemy. This speeds up analysis. Threats can be dealt with more quickly. Damage can be contained faster because security operators can instantly know about the pain that a given piece of malware inflicts.

It’s obviously good news. It’s also good news that’s especially needed right now. Everyone knows about the cybersecurity skills gap. More security staff are needed than ever before, and, as a result, security staff are scarce. This is clearly a huge issue, and there are clearly two things you can do about it if you’re running a security team. You can either hire more staff, or you can somehow make your existing staff more efficient.

Watson Advisor is the answer to “somehow.” For example, IBM reports that its client Sogeti obtained a 50% reduction in analysis times with Watson Advisor—an effective doubling of their personal power. It’s too early to tell what the ultimate effect of cognitive systems will be on security. But they appear to be the current best hope of turning the security fight around. With tools like Advisor, hopefully, companies can start getting more security for less, instead of the opposite.

Interested in learning how AI can help you develop smarter business processes? Explore the resources in our IBM AI hub to get the full story on how practical AI is for your organization.