By including databases in the DevOps workflow, agencies can reduce the attack surface and keep data safe, minimize human error and limit the damage from data breaches.
With the government sector under continuing pressure to adopt digital solutions to offer the public modernized access to services, state, local and federal entities are looking for ways to make these digital transformations as successful as possible.
Over the past couple of years, as digital initiatives have moved from the wish list to the to-do list, DevOps has proved to be key in enabling and facilitating change efficiently and at speed. By introducing cross-functional team collaboration and automation, DevOps allows IT teams to release features, updates and solutions faster, and it is often adopted in conjunction with Agile development practices which aim for smaller, more frequent releases.
Including the database in DevOps is becoming the norm, both to avoid database development slowing down releases and to introduce a policy-driven approach to data management, where the data in databases is protected by design and by default, while maintaining SLAs.
Some sectors like financial services and health care have been quicker to adopt DevOps, but the government sector is catching up, as shown in the 2021 State of Database DevOps report from Redgate Software. While the latest report showed 65% of government respondents had implemented DevOps compared to 74% across all sectors, this was up from 57% in 2020, and two percentage points higher than the general upwards trend.
Agencies looking to implement DevOps or increase its rollout across teams should focus on these three areas to ensure its long-term success.
1. Start with a collaborative culture
DevOps is all about removing silos and breaking down the walls between development and operations teams. IT departments should embrace the openness and collaboration DevOps encourages, change the way they function, encourage experimentation and innovation and bridge departmental divides.
All of which is much harder than it sounds when the bureaucratic cultures that typically exist in government conflict with the collaboration and cooperation that DevOps thrives on. However, it is possible for different cultures to exist in different parts of the same organization; change just needs to start somewhere.
To achieve this transformation, leaders must build trust with their people, empower them with autonomy and encourage frequent communication within and across teams to ensure that everyone understands their roles and objectives.
2. Introduce standardization and automation early on
One of the big advantages of DevOps is that it helps to streamline and standardize workflows and automate laborious and manual processes. Adopting practices like version control, for example, helps speed up development and improve the quality of development, by having one centralized source of truth for code being worked on by different team members.
It also means Continuous Integration (CI) can be implemented, which ensures that code and the related resources are integrated and tested by an automated build system as soon as changes are checked into version control. This allows teams to detect errors in the code much earlier in the development pipeline so that they can be fixed faster and more efficiently.
This then opens up development and operations teams to work together in automating other elements of the release pipeline so that a Continuous Delivery (CD) process can be introduced to build, test, configure and deploy changes. This strategy helps improve productivity, find and resolve bugs faster and deliver new features and updates sooner.
3. Use it to address data management and privacy concerns
DevOps isn’t just about the development of applications – database development should be integrated into the same workflows so that the database does not hinder the faster speed and quality of releases. Importantly, database DevOps aims to mitigate risk and reduce the attack surface by keeping data safe, minimizing human error and diminishing the damage from data breaches.
For any government IT team, this is a welcome advantage, given that cybersecurity and risk management has consistently been the No. 1 concern in the annual State CIO Top 10 Priorities list compiled by the National Association of State Chief Information Officers.
Hence the importance of including the database in a DevOps workflow. Changes to the database code should be tested early and often so that errors are spotted and fixed before they ever reach production, but should not create a bottleneck when doing so. Close collaboration and an audit trail of every change, including who changed what, when and why, is also available in the version control logs and deployment scripts. Copies of production databases used in development and testing can additionally be masked to protect personally identifiable information so that, even if there is a breach, data is still protected.
The biggest challenge for any government IT team is keeping up with the speed of change and tech innovation in the private sector, while also protecting citizen data. The advantages of database DevOps are waiting and, as with any IT modernization strategy, the key is to start small with one team or one project, demonstrate that it works and build out from there.
NEXT STORY: County puts ‘Band-Aids’ on power shortage pain