TBF I work with SME's & I think devops (like healthy living) means different things to different people.
Once you have your infrastructure ready to deploy, backup, test & migrate, roll creds via code (most of which is borrowed from open source); you're done until you grow significantly in the SME space.
Enterprise DevSecOps is so far off these business radar, and capability compared to a bank or other industries if through nothing but price, that being able to delete your application, log events and statuses, whilst not losing or sharing pii is where its at.
I'd agree you're never done, but unless its a tech startup that's funded and regulated, iterating below the application will still be a once per {insert-period} activity resisted or classed as "we're done", or "I thought we'd tackled" no matter how large an emphasis is placed.
I know people working for HUGE payment processors that deal with these SMBs when they breach and get fined. Its the same every time "we didn't know"... " how to avoid?" :ostrich impression: "that's impractical"
I'd just like there to be more practical advice for the mom-and-pop shops, or innovation so they can get the ford focus, or kia roadmap for decent development with some things borrowed from cloud & automation
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
TBF I work with SME's & I think devops (like healthy living) means different things to different people.
Once you have your infrastructure ready to deploy, backup, test & migrate, roll creds via code (most of which is borrowed from open source); you're done until you grow significantly in the SME space.
Enterprise DevSecOps is so far off these business radar, and capability compared to a bank or other industries if through nothing but price, that being able to delete your application, log events and statuses, whilst not losing or sharing pii is where its at.
I'd agree you're never done, but unless its a tech startup that's funded and regulated, iterating below the application will still be a once per {insert-period} activity resisted or classed as "we're done", or "I thought we'd tackled" no matter how large an emphasis is placed.
I know people working for HUGE payment processors that deal with these SMBs when they breach and get fined. Its the same every time "we didn't know"... " how to avoid?" :ostrich impression: "that's impractical"
I'd just like there to be more practical advice for the mom-and-pop shops, or innovation so they can get the ford focus, or kia roadmap for decent development with some things borrowed from cloud & automation