This post is an excerpt from our recent guide, Agile, DevOps & More: How to Succeed at Government Project Management. To download the guide for free, head here.
Today’s IT public sector development atmosphere is incredibly different than even a decade ago. Organizations must balance high velocity software development in a world of increasing compliance, security threats and application complexity.
To learn about how these pressures affect organizations trying to develop faster and deploy sooner, GovLoop spoke with Greg Hughes, CEO at Serena Software, which helps IT organizations develop and release better software with more efficient project management methods.
Hughes pointed out that today there’s a set of technology changes making software more important, more strategic, and more central to everything than ever before. And the most important technology change is the rise of mobile computing.
“Visualize this world, that’s going to happen very quickly, where 80% of the adult population on the planet has a mobile device that’s a supercomputer connected with near infinite capacity to a huge pool of computing power in the cloud,” said Hughes. “Every physical device will have an IP address and will be connected, and there’ll be massive analytical power and capability to crunch all of this together.”
This means, Hughes explained, that the applications happening on top of this infrastructure are unimaginably powerful – which means that organizations must then focus on the importance of software.
“Software unlocks the capabilities of this massive change in infrastructure and this technology disruption,” Hughes said. “The burden now on all enterprises across every sector to improve their software development and lifecycle and make it go faster is enormous.”
Organizations must deliver fast on projects without compromising security, compliance or capabilities while under pressure from all sides to adopt new technologies, methodologies and topologies without increasing risk, expense or complexity.
To do this, organizations need to move towards more modern development practices. Automation and integration of your Dev, DevOps and Ops infrastructure can address these conflicting demands, Hughes said.
For a long time, Hughes explained, the Waterfall approach has been the software development methodology of choice – which can still be a very powerful and important methodology.
“But a lot of the customers I talk to are moving towards also adding new methodologies like Agile or Continuous Delivery, Continuous Integration, parallel development, Lean, and DevOps,” Hughes said. “Application developers and software developers are experimenting with these new, faster, higher velocity software development methodologies.”
This approach is especially important for what Hughes referred to as “highly regulated large enterprises” or “HRLEs” – large-scale organizations like government and defense agencies.
“Developers need to be free to innovate,” Hughes said. “But we also have to protect the enterprise, or the HRLE, at the same time. HRLEs need to manage the risk of software development as well. The first risk is security, the second is compliance, and the third is performance. So the challenge is, how do you move fast without breaking things? How do you move towards high velocity computing and not break the organization?”
That’s where Serena Software comes in. Their expertise is in helping HRLEs achieve their DevOps initiatives. Hughes said there are five best practices organizations must follow:
Adopt developer-friendly tools: “If the developers don’t like the tools they’re given, or, how they’re implemented, they’ll circumvent them. But we need to protect developers from inadvertently increasing risks to the enterprise.”
Upgrade the level of process control over the end-to-end SDLC: “In many enterprises, the software development lifecycle is comprised of many separate products, without a strong foundation of cross-product workflow management. Robust process management platforms can make it easy to coordinate activities and information across these tools
Automate the SDLC whenever possible: “If you can substitute manual steps with automation, you get lower cost and fewer errors.”
Reign in repository proliferation, and create a centralized hardened source code management system. “Too many enterprises let the number of source code repositories get out of hand. There can be literally dozens of places where source code is stored in an enterprise. If you have something valuable, you don’t put it in dozens of places, you put it in one place, and you protect that place.”
Continue using the mainframe for core transactional systems: Mainframes have unparalleled security and availability. Keep using it, and modernize it.”
“We can help you develop and execute on these best practices for development,” Hughes said. “These allow you to balance the desire to move to a high velocity software development approach, while also managing these risks in the software development lifecycle. This really requires focusing more on the software development lifecycle as a whole, and getting a partnership between the application development team, the change management team, the operations team, security team, the audit team and more. We help you get more functions across the organization to do that balance.”