Most of us have been working remotely for more than two months now; and day by day we are learning and getting accustomed to the new norms of working and collaboration. Whether we like it or not, this is the only possible solution to avoid the spread of Covid-19. While various precautionary steps are being taken across the globe; thanks to the IT era, we have new collaboration options to stay connected with our customers as well as with our teams. This, of course, has resulted in an increase on the time that we spend on calls and video chats these days. Almost every organization is focusing on their business as usual (BAU) and have limited or have delayed their change-the-business (CTB) demands. The simple reason is to reduce risks while teams are working remotely.
New features or change requests (apart from bug fixes) are being delayed since the focus is only on BAU. But this cannot continue for long. It is time that we trust our teams and revisit on how effective our tools and platforms are. We need to ensure that while security is not compromised; we continue CTB activities as well– in fact that’s what agility is all about.
HCL’s organic IP-based division DRYiCE is an ideal partner to facilitate this change. DRYiCE offers products and platforms that transform and simplify IT and Business operations by leveraging modern technologies like process automation, AI Ops, service orchestration etc. All DRYiCE products are modeled on the best practices that enable automation and DevOps.
Let us look at some of the key DevOps practices and ideas that we apply in DRYiCE and that should be implemented by any organization to resume their CTB function.
Practice 1: Focus on Collaboration
An important principle of DevOps is how people interact and focus on delivering value irrespective of their location. Teams that are co-located, meaning working from the same office location are now further distributed due to the pandemic. We have micro-distributed teams within the same location, and this challenges our teams’ throughput. With the passing weeks, teams should resume (if not started so) their Agile practices like sprint planning, standups, huddle meetings, backlog prioritization, etc. They should be able to estimate efforts as well as risks now. If the sprint cycle earlier was planned for 2 weeks, you should think of revisiting the same and make it for 3 weeks. This will allow teams to put more focus on code quality, peer reviews, continuous testing, and other factors, and all this is needed since teams are not in office. They need time to connect over calls/video chats with their teammates. And this is where tools come to the rescue.
Practice 2: Leverage Tools
While there are numerous communication and collaboration tools like Microsoft Teams, Skype, Atlassian HipChat, Slack, WebEx, Google Meet; what matters is how effectively these platforms are being used within the teams. Most of the said tools integrate with product lifecycle tools; make a check if the integrations are live and it not then establish the links. This will enable teams to stay connected as well as be up to date on issues and risks. Teams should also practice using tools wherever applicable to minimize risks and increase team velocity / throughput. Focus on code quality by using code review tools and introduce quality gates before deployments are done from one environment to another. Also look at end-to-end traceability of the product features/user stories from inception till deployment. Teams should continue to have visibility on the project and that’s what builds up the trust. While teams continue their day-to-day support stuff; they also should be encouraged to look at areas that can be automated. Automation is another area that strengthens the DevOps journey.
Practice 3: Support Automation
Let teams identify use cases for automation that helps them while working remotely and speeds up their deliverables. Spend time to study the tools inventory and check out the tools that can help expedite a change. The target should be to optimize areas that need attention– focus on how to introduce and automate implementation of security policies or running security scans (via APIs) or relook at your RBAC (role-based access control) or look on how deployments can be fully automated (continuous delivery- from Dev to QA to pre-production and then to production) or how to empower development teams to setup and teardown test environments. So before resuming CTB; teams can spend time at automating the required use cases and make it available for all their teams.
Practice 4: Re-prioritize per Budgets
Most organizations are revisiting their IT budgets and that’s where they are reducing their spend on new initiatives. While that makes sense, what about current products that need new upgrades and attention? After all, our customers cannot be left behind. While we re-prioritize our product epics or stop on new change requests; we should look at avenues that help us resume on the path of continuous delivery. Big bangs don’t help but small increments, when well-planned, do help. While re-prioritizing, look at what can be released within budgets. Some organizations are also expediting on cloud adoption; that’s needed since teams are remote and you cannot just delay the CTB demands forever. This isn’t easy; since many organizations have compliance needs that cannot be ignored. Cloud service providers like AWS, Azure, Google, and more, provide IaaS/PaaS platforms for teams to quickly scale up and they do abide with several compliance rules.
Practice 5: DevSecOps
DevOps has been evolving since 2010 and some of us coin it as DevSecOps as well. That’s because security cannot be left behind– it’s a part of the product life cycle in the new era. With the current pandemic, security teams have become alert since organizations feel challenged and would like to avoid issues/hacks as much as possible. This demands close collaboration between product, or say, DevOps teams, with their Security teams. Teams should enforce security practices during the development stage and emphasize on performance and security testing without fail. DevSecOps necessitates a lot of stress to be made on IDAM– identity access management, proactive monitoring and logging, alert notifications and if possible, look at enforcing security policies. Cloud providers offer secure platforms and intelligent tools (like Azure Sentinel, AWS Shield, etc.) that detect, analyze, prevent, and respond to threats. If you are not on cloud yet, then try to extend your existing in-house security platform (like AppScan, Qualys, etc) with the product teams. But yes, teams need to understand and implement security practices as part of their product journey.
In conclusion, it’s time that organizations introduce new ways of working if not done yet and concentrate on how to enable agility and security with continued collaboration. While product teams continue to work remotely for some more time– both the development and operations teams should start leveraging the best of automation and the tools available at their disposal.
If your organization is looking for support on any of the above said areas, then HCL’s DRYiCE portfolio offers potent products that can enable such initiatives. The portfolio comprises offerings that enables teams to continuously deliver applications as well as switch to AI Ops for better customer service– all that is needed to drive a digital enterprise in testing times.