An intensive development process in connection with the digital transformation is now ongoing within many companies and organisations for whom the digital sphere has increasingly become part of their core operations. IT departments’ developers are fully occupied realising digital business models for their companies’ future applications and services, while traditional areas of responsibility, such as operating services and infrastructure-related application services, are increasingly being outsourced to specialists.
“In simple terms, clients’ development departments need the right tools that give their developers the peace of mind they need to be able to focus on their companies’ applications, along with feedback on how to deliver operable components,” says Björn Österman, DevSecOps Manager at Iver.
The “right tools” in this context largely entails combining development and operations – the ability to meet the challenge by giving the people who run the operations stable systems, while simultaneously giving the developers the opportunity to release new code and roll out new versions, continuously, quickly, and securely.
This is where DevOps comes in – a modern method that bridges the gap between Development and Operations. The method involves close collaboration between Development and Operations on producing new versions that can be released quickly and securely.
“Iver is very good at DevOps-related processes. We have a certified and standardised way of reviewing, testing, rolling out, and commissioning applications and ensuring that they work and perform as desired. Simply speaking, we offer the services that allow the client to focus on developing their systems while we handle the rest,” says Björn Österman.
The term often used for companies with particularly stringent security requirements is DevSecOps, which adds an extra layer of security to the method. And when Iver works with banks and clients in the financial sector, for example, we comply not only with the international standard for information security, ISO 27001, but with PCI-DSS (Payment Card Industry Data Security Standard) as well.
In the past, years could pass between every upgrade to a system or application. Today’s rapid and agile development means the current picture is very different. Companies nowadays have a real need not only to be able to upgrade systems and applications continuously, but also to be able to manage the constant changes in a controlled manner with the help of IaC and Build Pipe services.
“Using IaC (Infrastructure as Code) and Build Pipelines to manage changes in environments enables us to automate and standardise the management process, thereby minimising the risk of errors that can occur during manual processing. The process becomes repeatable and, because the infrastructure’s configuration is described in code, we not only have a version management of the environments, we can also have a built-in peer review process where the DevOps technicians help and learn from one another.”
“The interface between developers and operating technicians can be a challenge sometimes, essentially because they have different types of goals. It’s actually pretty cool when your job involves acting as the bridge between the developers’ focus on creation and the operating technicians’ sense of responsibility for the environments,” says Björn Österman.
“DevOps, DevSecOps and IaC are the central methods and tools in Iver’s application development offering, but we also help our clients realise their entire digital transformation – from analysis and design to development, commissioning, and management. We customise solutions that ensure their operations get the maximum possible benefit and value from digitalisation,” says Björn Österman.