​How CIOs can sleep better at night by giving up control

How can you be sure that everything’s going to be cost-effective, compliant and secure if your developers are doing whatever they want?

The very heart of successful and innovative DevOps comes from allowing your teams to own their own infrastructure. There are numerous and obvious benefits to this, not least of which is that teams can avoid wasting hours, days or weeks waiting for servers to be spun up. Especially in the cloud, it also means teams can find the right technology to solve your business problem because they can experiment quickly and with agility.

This approach to DevOps is the one to which everyone aspires, but it can often be a confronting proposition for many large IT teams and the CIOs who lead them. How can you be sure that everything’s going to be cost-effective, compliant and secure if your developers are doing whatever they want?

The answer is visibility. The right visibility lets your organisation have a coherent, consistent, and up-to-date view of issues. This means problems get fixed before they become serious. As a CIO, it allows you to minimise the number of issues that get urgently escalated to you and, most importantly, keeps your costs in control.

Pairing cloud with coalface ownership of metrics and KPIs is hugely powerful, adding to and multiplying the productivity benefits of DevOps. Startups do this naturally, because everyone in the organisation knows what the goals are. That’s why they’re agile, nimble and disruptive. It’s also possible for enterprises to follow this model and reap the benefits.

CIOs can empower their teams to do more through open communication and guidelines, sharing specific information with various teams. Tell your developers how much cloud costs. Tell your product teams what the security implications of their actions are. Tell your DevOps teams how their deployments are affecting compliance. Share any other piece of information you can push down to a dashboard.

Armed with the right information, the right people on the ground can and will hit your targets and proactively avoid issues—for a tiny fraction of the cost and risk of after-the-fact enforcement. It has the power to give you more confidence, rather than less.

Cost and efficiency through leaderboards

Cost efficiency lends itself to the leaderboard approach. Show a team how inefficient their microservices are versus their peers and watch how fast they find a way to improve, no micromanagement required. The leaderboard keeps efficiency top of everyone’s mind and cuts wastage. And if there’s a cost spike, they’ll find out about it immediately and be able to address it before too much money leaks out of your budget.

The right security information

Application teams rarely have enough security competency to be trusted to build infrastructure without pulling in an expensive security architect. This can be yet another delay on each project, when you just need to get to market sooner. If you surface the right information, the project team can almost always take care of it: maybe alerts when they’ve opened a port to the world or made files publicly available; or visibility when something’s misconfigured or dangerous; or anomaly detection for spikes in actions taken.

Compliance in motion

Compliance is everyone’s least favourite task. But CIOs can achieve ’compliance in motion’, that’s proactive monitoring and visibility of potential future compliance issues. It avoids the terrible and costly yearly big bang project, and not only is it cheaper but you’ll actually end up with fewer serious issues, because they’ll be remediated early.

There are five simple yet powerful steps that CIOs can take to empower teams to own their infrastructure while concurrently gaining better insight on their cloud environments, costs and efficiency. These can be achieved through powerful tools available to enterprises:

  • Pull in data from all the important sources, especially your cloud provider.
  • Build shared dashboards for your crucial metrics.
  • Tailor these metrics so they match each business division; whether project team or cost centre or tribe or product.
  • Add alerting to the picture so you proactively find out about issues.
  • Leverage the big data you have to predict the future, detect anomalies, and uncover hidden relationships.

Dave Slutzkin is general manager at Stax.