DevOps and Regulatory Compliance—Like Oil and Water or Peanut Butter and Jelly?
DevOps and regulatory compliance are two critically important ingredients in today’s connected organizations. DevOps enables you to move quickly and respond to change in an era where change is increasing at an exponential rate with no sign of slowing down. Regulatory compliance ensures that your organization takes the appropriate steps to follow relevant laws that appear to require adding burdensome processes and controls to your software development lifecycle. Brandon Carlson acknowledges that at first glance these two ideas seem incompatible, but they actually go together like peanut butter and jelly. While maintaining, analyzing, confirming, and reporting on the status of required information security, compliance, and privacy controls can be difficult, integrating these tasks within your DevOps/continuous delivery pipeline is easier than you think. Using examples from real-world projects in organizations just like yours, Brandon explains how to integrate compliance and reporting into your projects using tools you already know such as pair programming, Jenkins, Chef, Metasploit, and others. When it comes to compliance, it’s not oil and water. It’s peanut butter and jelly time.
Brandon Carlson works for Lean TECHniques, Inc., an IT consultancy that helps organizations deliver high-value, high-quality products to market. Since starting his career in 1995, Brandon has held positions from development and architecture to management—and he’s still learning. Passionate about elevating the performance of IT as a whole, he has helped numerous organizations from startups to Fortune 100 companies improve their product development and delivery systems. Brandon can be reached on Twitter @bcarlso and just about everywhere else on the web as “bcarlso”.