Skip to main content

4 posts tagged with "DevSecOps"

View All Tags

· 8 min read
Jascha Beste

DevOps and Compliance

Let's cut straight through the bullshit: if you're an engineer working in a company that deals with sensitive data or operates in a regulated industry, you've probably rolled your eyes at the mention of "compliance" more times than you can count. SOC2, ISO27001, HIPAA, GDPR – these acronyms often feel like speed bumps on the highway of rapid development and deployment.

But here's the kicker: DevOps and compliance aren't natural enemies. In fact, when done right, they're powerful allies that can supercharge your software development process and keep your ass out of regulatory hot water. So buckle up, because we're about to dive into how you can make DevOps and compliance work together without sacrificing your sanity or your velocity.

· 10 min read
Jascha Beste

I asked myself this question at my first job at Scalable Capital, 4 years ago. I had started at a FinTech startup/scaleup with somewhere between 50 and 100 engineers, enthusiastic about DevOps and a You build it, you run it mindset, which I learned about in my software engineering education in university.
But reality hit hard. You can't simply give every engineer full production access, justifying lax credential management with We want to give people ownership and trust.

· 8 min read
Jascha Beste

Datacenter

In the fast-paced world of DevOps, safely accessing production databases is a crucial competency that balances operational efficiency with stringent security measures. This comprehensive guide explores DevOps database access best practices, ensuring your engineering teams can swiftly address issues without compromising on security or system integrity. We'll cover the importance of giving engineers access, the place of migration tools, analytics, and best practices around maintenance and operational tasks. We'll also look at the role of the Four-Eyes Principle in this post.