It may not be the mainstream quite yet, but DevOps is set to grow as adoption continues apace. According to Statista, DevOps adoption increased to 17% in 2018 from about 10% in the year 2017 and many are predicting that 2019 will be the year where it truly becomes mainstream. In this context, Latin American companies that provide IT services must take full advantage of it, overcoming the deficit of prepared human resources in the region and joining the internal development teams of their clients.
The software delivery scheme has changed profoundly, requiring constant quality updates, aligned with the business, and characterized by various digital transformation processes in different areas. This environment – strongly influenced by the cloud, agile development, DevOps and the automation of all processes – renders obsolete the traditional schemes of software development, delivery and commercialization, replacing them with continuous and fast software deliveries.
Wanting to capitalize on this evolution, many companies start their way into DevOps with internal work teams, focused on solving very specific problems in their production, instead of hiring service providers.
Peter Bendor-Samuel, a blog contributor at Forbes, says “the possibilities promised in taking full advantage of the new digital IT environment characterized especially by agile, DevOps, automation and cloud, are exciting. However, service providers struggle to deliver digital services at their customary profit levels, and customers aren’t prepared to buy the new digital environment because they’re stuck with their existing purchasing/contracting vehicle.”
This problem has interfered with the development of a larger ecosystem of IT service providers adopting DevOps as their working philosophy, as it requires a profound evolution in business model and customer relationships. Customers must also resolve some important internal issues, such as adjusting their organizational culture to adopt DevOps and being able to hire service providers that use DevOps.
Luciano Faustinoni, IT Executive of IBM Latin America, explains that “most of the companies we have been interacting and sharing the transformation we have been doing in the past few years, usually have the same challenges: the need to deliver software and products faster and continuously, the ability to reshape the organization structure to adapt to this new model and streamline processes and controls.”
To Outsource or Not to Outsource
Although DevOps has been the subject of discussion since 2009, it is only in the past two years that it has started to become a hot topic on the CIO agenda for large and complex companies. IT departments are increasing the maturity level of Agile and as a consequence implementing DevOps practices as part of their strategic journey of transformation.
A study of developers conducted by StackOverflow in August last year shows that in LatAm there are 30% fewer developers specializing in DevOps than in the rest of the world, which – at least in theory – forces companies to consider outsourcing options. However, outsourcing to DevOps is not easy.
“Since contributing to application development often requires less sensitive company access to infrastructure, agile is easier to outsource than DevOps roles,” he said. For this reason, companies that need to outsource DevOps should develop security schemes that allow remote access, but keep the company’s sensitive data protected, among other considerations.
Faustinoni reflects on the limited human resources in the region and notes: “the availability of skilled professionals is very important to accelerate the adoption of DevOps. However, it is also important to emphasize that cultural change required to shift the mindset of the organization to a continuous delivery model is driven by the transformational leader. The role of the leader to enable the environment for this change and adoption is even more important”.
Manuel Pavón, Senior Manager of Channels for America at DigiCert, confirms the importance of taking DevOps process safety into account.
“Since DevOps focuses on increasing communication between all teams, it generates greater awareness of the customer experience. Instead of teams working in isolation, teams come together to provide visibility into all aspects of the software delivery process to each team member. In addition, DevOps emphasizes the automation of all steps of the software implementation,” says Pavón, who adds, “by including IT security in the implementation process, the organization can also achieve better and more effective security practices, such as using automated channeling to install TLS/SLS certificates for stronger identity and encrypt all data.
A greater number of resources prepared in DevOps and many capable executives are needed for the region to improve in the implementation of DevOps, which constitutes an opportunity for IT service providers.
What to expect from DevOps
In its 2017 “State of DevOps Market Segmentation Report” Puppet.com points out that “interestingly, as DevOps practices become more widespread, expectations are rising. What many might have considered ‘great’ IT efforts just a few years ago, might appear as fair to middling today. That’s an interesting twist that suggests that the gains provided by DevOps – getting departments and teams to work better across an organization – is no longer just a ‘nice to have’, but a given. DevOps is simultaneously raising the bar and expectations of what’s possible.”
Faustinoni reinforces this position: “Agile and DevOps are the basis for what is coming – digital transformation, AI, and so on – so it makes complete sense for the IT departments and CIOs to include it in their strategic agenda if they have not yet. Any company who understands the context of digital transformation and wants to play a role there must has DevOps in mind.”
However, Pavón points out that the most strictly regulated companies are afraid to implement DevOps and recommends focusing on security in these cases. “DevOps offers advantages to companies that can implement new features and enhancements more quickly. We used this philosophy in DigiCert with excellent results.”
For many companies, security can be a challenge and we are trying to help them see the benefits of including security ahead of time in development processes,” he added.
“DigiCert enables secure DevOps (SecDevOps) through our high volume and fast issuance of digital certificates. We also offer APIs that integrate with leading server configuration and orchestration platforms that help facilitate the security implementation process for DevOps.”
The Many Roads to Glory
Another study by Puppet.com, State of the DevOps Report 2018, leaves valuable lessons about the implementation of DevOps within companies that are good to consider when implementing, but remembering that there is no single path to success:
- In a DevOps evolution, there are many paths to success, but even more that lead to failure. The DevOps journey isn’t linear, with many starts and stops along the way, which can kill early momentum and lead to cynicism.
- Executives have a rosier view of their DevOps progress than the teams they manage. Executives often don’t see the bottlenecks and broken processes that are stalling progress, so they have an incomplete understanding of DevOps progress and impact.
- Start with the practices that are closest to production; then address processes that happen earlier in the software delivery cycle. Start where the pain is most acute and visible, typically application deployments which are the boundary between Dev and Ops.
- Cross-team sharing is key to scaling DevOps success. Organizations that have small pockets of DevOps success, yet never manage to spread that success further, are stalled and can’t progress to higher levels of automation and self-service.
- Automating security policy configurations is mission-critical to reaching the highest levels of DevOps evolution. As organizations evolve, security policy becomes part of operations, not just an afterthought when an audit looms. This requires first breaking down boundaries between ops and security teams (which are further from production).
With the right investment in skills development and an understanding of the challenges of DevOps deployment, Latin America could play an increasingly more important role in DevOps projects.