The customer in today’s DevOps Case Study is a global supplier of financial service technology who was challenged by this organizational tension and other internal factors that constrained growth. It turned to the DevOps consulting team at Flux7 to help it bridge the gap with DevOps automation that would help it streamline its delivery processes, ensuring faster times to market with security built in for operational stability.
Specifically, the FinTech firm was challenged by processes that had become complex, cumbersome and even confusing over time. As its deployment management process became more and more unwieldy, reaching up to 50 pages that included many manual steps to follow, the time to provision new resources grew, eventually taking up to a month for developers to receive resources. As a result, the organization sought to address three strategic elements to more fully realize the benefits of cloud delivery: best practice cloud governance, effective cloud demand forecasting and a system to promote cloud knowledge sharing.
The financial services firm selected Flux7 because:
- Their team spans home offices in several states and as a result, it needed a virtual team model that would fit with its own virtual approach.
- Working with highly sensitive data, the firm needed a partner who it could trust and had proven expertise in handling personally identifiable information in highly regulated industries.
- Flux7’s approach is centered on an in-depth assessment from which it could embark on a sprint-based engagement plan with defined outcomes to be completed in 8-10 weeks.
The engagement began with an Enterprise DevOps assessment. Bringing together the CIOs responsible for retail and commercial banking, wealth, and retirement business units as well as IT Operations, and Development, Flux7 began the assessment, held through a series of discussions all designed to actively make group decisions and gain alignment across the organization for the resulting DevOps blueprint.
The first step was to hold a series of conversations around business requirements, getting a firm understanding of how Flux7 could design for the new hybrid -- cloud and on-premise -- architecture. Second, Flux7 solution architects worked with the financial services firm to assess its NetOpsSec requirements and thirdly, learned how DevOps process improvements could help it improve. Over the course of the assessment, Flux7 also interviewed internal customers to learn how the team’s challenges were affecting others in the organization -- and how positive change could influence their work product.
Within two weeks, Flux7 designed a proposed DevOps architecture for the financial services firm. Based on the Flux7 Enterprise DevOps Framework, it consists of a blueprint for a Flux7 Landing Zone; pipelines for code, configuration, containers, and infrastructure; injectors for secret management; inspectors for automated security auditing and systems management; and architecture and automation services.
In addition to the architecture framework, the Flux7 team recommended that this firm:
- Start with a simple and efficient process, deploy its infrastructure and a proof of concept application to AWS. At the same time, setting up DevOps tools in a Shared Services environment.
- Establish a Cloud Common baseline
- Push for a culture shift that embraces DevOps best practices via a Center of Excellence.
According to a Senior Systems Engineer, “One of things we struggle with is trying to shift our security auditing process. When adopting an automated process, every action that needs to be taken still needs a security check. Yet, it hinders the movement in DevOps if we audit every single task. We need to shift our mentality, to find a way to facilitate a tougher process that does not block the automated flow of work.”
Given this legitimate desire, Flux7 recommended that the firm adopt security with agility that allows it to prioritize security by automating key monitoring and logging systems, and build security in through technologies like a Service Catalog that retains governance while reducing the workload on IT Operations and eliminates Development wait times. Flux7 proposed the use of several tools to automatically analyze all changes as they occur within the environment -- from Docker security analysis in the pipeline to automated code analysis. In addition to automated auditing, Flux7 recommended log management, the use of a WAF, and golden AMIs that would bake security in and ensure DevOps security best practices were implemented and followed.
Extending Agile DevOps
While the firm had some Agile and DevOps practices in place, they were in their infancy and needed coaching in order to fully take root, grow and mature. To do so, Flux7 showed this firm’s teams how they could implement advanced tools and processes, like Infrastructure as Code, in order to expand their DevOps adoption and gain momentum within the organization. Most importantly, Flux7 helped the firm see how it could streamline its processes -- removing steps where necessary and automating others -- in order to drastically reduce errors and decrease its provisioning time from weeks to hours to even minutes.
Flux7’s AWS Landing Zone design is comprised of a collection of application agnostic components that provide a secure, manageable foundation for landing applications in AWS. For additional reading on AWS Landing Zones and how to get started, download our paper today: