How Financial Institutions Can Reap Dividends From ... · keeping clients is having the best...
Transcript of How Financial Institutions Can Reap Dividends From ... · keeping clients is having the best...
WHITE PAPER
LEARN MORE AT SAUCELABS.COM
DevOps offers a number of valuable benefits to companies in the financial services industry.
To date, however, adoption of DevOps practices within this sector has been limited due to
the difficulty of overhauling legacy practices, strict compliance needs and other challenges.
By adopting automated testing, financial services companies can overcome these hurdles
and reap the benefits of DevOps in order to stay agile and be more competitive.
How Financial Institutions Can Reap Dividends From Automated Testing and DevOps
TABLE OF CONTENTS
3 Executive Summary
4 How DevOps Creates Value for
Financial Services
4 Competitiveness
4 Regulatory Compliance
5 IT Governance
5 Security
6 The DevOps Migration Challenge
6 Automated Testing: Indispensable for
Enabling DevOps
7 Ensuring Stability, Security and Compliance
7 Adapting Legacy Apps for DevOps
7 Enabling Software Diversity, Including for
Mobile Environments
8 Enabling Continuous Delivery
9 Maximizing Security
9 Conclusion: Join the DevOps Trend
LEARN MORE AT SAUCELABS.COM PAGE 3
EXECUTIVE SUMMARY
DevOps is a set of cultural values and practices that emphasize agility,
efficiency and visibility when developing and deploying software. Since the
late 2000s, when programmers first began embracing the DevOps concept,
DevOps has been reshaping the way software is created and managed.
DevOps constitutes a culture rather than a specific product or technology,
and effecting cultural change is usually difficult. For that reason, migrating to
DevOps can be challenging. This is especially true for large organizations in
established industries, including financial services, which already have strongly
embedded legacy software delivery practices in place.
Yet the fact that adopting DevOps may be difficult for these organizations
does not mean that DevOps migration is not worth the effort for them.
On the contrary, as this white paper explains, DevOps can pay enormous
dividends for companies in sectors like finance. And achieving DevOps is not
difficult when organizations adopt the right tools and practices, including
automated testing.
PAGE 4LEARN MORE AT SAUCELABS.COM
HOW DEVOPS CREATES VALUE FOR FINANCIAL SERVICES
DevOps practices and methodologies can help solve a number of challenges
that are of particular concern to the financial services industry. Those
challenges include the following.
Competitiveness
The financial services sector is highly competitive. A full 18 percent of
millennials switched their primary bank in the last 12 months, according
to a recent Accenture survey.
In an age when most financial services customers rely on technology to
access and manage accounts, an important component of attracting and
keeping clients is having the best software. DevOps helps companies do this
by enabling them to build better software faster, push updates to users quickly,
and adapt easily to changing user demands and stay ahead of competitors.
DevOps offers particular advantages to companies seeking to stay relevant
as more and more computing shifts to mobile devices. Because mobile
platforms are so diverse, writing and testing software for mobile devices in
an efficient way is impossible without taking advantage of the agile delivery
techniques that define DevOps.
Regulatory Compliance
Keeping up-to-date with ever-changing regulatory policies requires the ability
to adapt quickly as compliance priorities change. That is difficult to do for
organizations whose software delivery chains are large and inflexible because
they have not adopted DevOps.
DevOps mitigates compliance challenges in several ways. First, by
streamlining the development and deployment of software, DevOps ensures
that companies can update their software quickly whenever compliance
needs change. For example, if regulators institute a new rule regarding
disclosure statements within an application used by customers, a highly
automated DevOps delivery chain enables organizations to update the
application and push the new version to users rapidly.
Second, DevOps maximizes the flexibility of the software development and
deployment frameworks that a company uses. It makes applications portable
between different types of infrastructure, and allows developers to change
from one programming framework to another without overhauling their
entire operation. This agility is important for meeting changes in regulatory
PAGE 5LEARN MORE AT SAUCELABS.COM
policies that might occur—for instance, when regulators deem a particular
software tool used by a company to be unfit. In that case, the company can
easily switch to an alternative tool as long as it has the flexibility of DevOps
at its disposal.
Third, DevOps maximizes visibility. By streamlining communication between
all members of the IT organization and breaking down silos that limit the
ability of one part of the team to understand what others are doing, DevOps
makes it easy for organizations to identify compliance issues within their
software before they come to the attention of auditors.
IT Governance
Establishing an IT governance policy is easy. Enforcing it is generally much
more difficult, especially in established companies with entrenched workflows
and siloed IT operations.
Adopting DevOps enables much better governance enforcement. It
encourages and facilitates collaboration between developers, IT Ops teams
and quality assurance engineers so that all parts of the organization can work
together in implementing governance goals.
Security
Financial services is among the industries most likely to face cyberattacks,
according to IBM, and the cost of such attacks—which includes loss of brand
value, intellectual property theft, regulatory fines, and more—is more than
$200 per affected record, according to Symantec. Symantec also reports
that the number of records stolen in recent cyberattacks has been in the tens
of millions, and the total cost of these attacks can be staggeringly high. For
this reason, security should be a top priority for companies in the financial
services industry.
DevOps can help these companies achieve their security goals. By maximizing
agility, DevOps empowers organizations to keep their software up-to-date
and adopt the development tools and frameworks that are most secure.
Continuous software delivery powered by automated testing also helps
DevOps teams to identify and fix security flaws quickly, before they enter
production environments.
PAGE 6LEARN MORE AT SAUCELABS.COM
THE DEVOPS MIGRATION CHALLENGE
If DevOps brings so many benefits to the financial services industry, why
haven’t more companies adopted DevOps techniques? The answer is that
the industry is subject to several factors that can make DevOps adoption
particularly challenging. They include:
• A high need for stability, security and compliance. More so than in many
other industries, financial services companies require software that is
highly stable and secure in order to keep their customers’ information
safe and meet regulatory requirements. For this reason, adopting DevOps
practices such as continuous delivery can be challenging, because they
increase the rate at which software changes, and organizations need to
update their testing procedures in order to keep pace.
• Legacy software. The financial services sector was among the first to adopt
digital technology. While that is a strength in one respect, it also means that
some of the IT systems that companies in this industry use are decades
old. Adapting legacy applications to DevOps workflows can be difficult if
companies do not have efficient testing solutions in place to ensure that
those applications remain stable when delivery techniques change.
• Old-generation infrastructure. The DevOps conversation often focuses
on next-generation infrastructure technology, like Docker containers,
rather than the mainframe systems that continue to power much of the
financial services industry. This may lead financial services companies to
believe that DevOps is not for them, because they mistakenly assume that
legacy infrastructure cannot fit into continuous delivery and automated
testing pipelines.
There is no denying that these considerations can make the DevOps journey
appear particularly challenging for financial services companies. Yet that does
not mean these challenges cannot be overcome.
AUTOMATED TESTING: INDISPENSABLE FOR ENABLING DEVOPS
For financial services companies, one of the key components to overcoming
the challenges described above and implementing DevOps is automated
testing. In a number of crucial ways, automated testing enables financial
services organizations to adopt DevOps successfully without compromising
stability, cost, organizational efficiency or compliance fulfillment.
PAGE 7LEARN MORE AT SAUCELABS.COM
Ensuring Stability, Security and Compliance
DevOps practices such as continuous delivery of software mean that software
changes quickly. If the rate at which quality assurance teams test software
updates is slower than the pace of software evolution, organizations risk
releasing software that is subject to stability, security or compliance flaws.
With automated testing, however, that risk virtually disappears. Automated
testing allows development and quality assurance teams to test software
updates as quickly as they are made, and scale their rate of testing up or
down as the rate of development changes. The result is software that can
be updated easily, without sacrificing stability or security.
Adapting Legacy Apps for DevOps
While it may seem difficult to adapt legacy applications for a DevOps
workflow, it is important to remember that DevOps is about culture, not
a specific technology. So long as DevOps teams take the right approach to
legacy apps, legacy software can be continuously delivered as effectively as
any modern application.
Including legacy applications in automated testing workflows is one way to
enable DevOps for old-generation software. And when using modern, flexible
cloud-based testing frameworks, there is no reason why legacy applications
cannot be automatically tested.
Enabling Software Diversity, Including for Mobile Environments
Automated testing is the only way to deliver software efficiently that supports
a wide variety of platforms. Since financial services companies are likely to
release software for multiple types of environments—including traditional web
apps, as well as mobile software for different devices and operating systems—
automated testing is essential for helping them apply DevOps to their diverse
software delivery needs.
In addition, without automated testing, companies that develop software
for multiple types of platforms are at risk of delivering inferior code to users.
Because the manual testing of software for hundreds of different combinations
of hardware and software platforms is not feasible, automated testing is the
only way to achieve DevOps for companies whose software needs to work
reliably on Windows PCs, Macs, Linux, Android phones, iPhones, tablets,
wearable smart devices, and the platforms that are yet to come.
PAGE 8LEARN MORE AT SAUCELABS.COM
Enabling Continuous Delivery
Achieving continuous delivery without full automation is impossible for
organizations with finite staff and material resources. That’s because in the
absence of automation, software delivery and testing cannot scale. Even if
just one part of the software delivery pipeline is not automated, continuous
delivery is virtually impossible.
But when you automate testing—especially by running automated tests in
the cloud, which can scale on demand whenever the amount of tests you
need to perform changes—the size of your staff no longer limits the pace
of testing, and by extension, delivery. Even during periods of peak demand
or development activity, automated testing assures that you can continue
to deliver software continuously regardless of the availability of your quality
assurance staff.
In addition, running your test infrastructure in the cloud means you can
make much more efficient use of your resources—which ultimately lowers
development and testing costs. This is because software tests typically do not
consume resources at a constant rate; instead, their resource consumption
“spikes” when tests are being performed, and zeroes out again after tests are
complete. (One way to avoid these spikes is to run fewer tests, or choose
not to run multiple tests at once, but that is a mistake because it leads to less
thorough testing and slower results.)
An on-premise infrastructure capable of supporting those spikes would
need to be massive, making it costly to set up and maintain. Yet it would
only be under full load occasionally—which means you would be paying
for considerable hardware resources that are severely under-utilized much
of the time. By moving tests to the cloud, however, you only have to pay
for infrastructure when you are actually using it to perform tests. In this
way, cloud-based testing facilitates continuous delivery by allowing you to
optimize resource consumption and devote more hardware and financial
resources to development and deployment.
Automated testing also provides your DevOps team with a fast and efficient
feedback. It allows them to learn early and often about potential problems
with software they are developing so that they can correct those problems
quickly. An efficient feedback loop ensures that your continuous delivery
pipeline flows smoothly and that problems are discovered during the
development process, well before they reach your customers.
PAGE 9WP-07-012017
Maximizing Security
Strong security is essential for companies in the highly regulated, attack-
prone financial services industry. Automated testing is vital for enabling this
level of security.
That is because automated testing is designed to maximize security. When
you perform automated tests in the cloud, testing data and communication
channels are secured with TLS encryption. Modern automated testing
platforms also allow you to store testing data only on on-premises servers
if required for compliance or security reasons.
In some respects, automated testing delivers even more security than manual
testing. Whereas manual tests are subject to human error and oversight,
automated testing promotes strong security by standardizing the testing
process and facilitating faster test results, which help DevOps teams to
identify potential security issues sooner.
CONCLUSION: JOIN THE DEVOPS TREND
A number of major financial services companies, including Capital One,
Goldman Sachs, Bank of America, Fannie Mae, USAA, Fidelity and Intuit, have
already embraced DevOps by taking advantage of automated testing and
other techniques that help organizations implement a DevOps culture.
For companies that have yet to embark on the DevOps journey, the time
to start is now. Regardless of the type of hardware or software a company
uses, the stability or compliance goals it needs to meet, or the nature of the
competition it faces, DevOps is crucial to staying agile and relevant today.
And while the DevOps journey may seem intimidating, automated testing
can do much to make it simple.
ABOUT SAUCE L ABS
Sauce Labs is the leading provider of continuous testing solutions that deliver digital
confidence. The Sauce Labs Continuous Testing Cloud delivers a 360-degree view of
a customer’s application experience, ensuring that web and mobile applications look,
function, and perform exactly as they should on every browser, OS, and device, every
single time. Sauce Labs is a privately held company funded by Toba Capital, Salesforce
Ventures, Centerview Capital Technology, IVP, Adams Street Partners and Riverwood
Capital. For more information, please visit saucelabs.com.
SAUCE LABS INC. - HQ 116 New Montgomery Street, 3rd Fl San Francisco, CA 94105 USA
saucelabs.com/signup/trial
FREE TRIAL