As the year comes to an end, we are taking a look back on the major data breaches and vulnerabilities that disrupted the security of both small, and large and very important organizations around the world and across all industries. According to a recently published report: As this trend is on the rise, governmental organizations and companies of every size put more emphasis on the security of their systems and networks.

Over the last two to three years, we’ve seen increasing demands on all kinds of software companies to comply with security and compliance standards. More and more organizations are looking to benefit by moving their operations to the cloud, but this increases the potential for cybersecurity attacks and breaches. A new type of compliance vendor has emerged to help companies that must comply with the security standards designed to ward off cybersecurity threats.

In this blog post, I take a look at modern IT governance by applying the classic “Three Ways” of DevOps principles originally introduced by Gene Kim in his seminal 2012 article. “We assert that the Three Ways describe the values and philosophies that frame the processes, procedures, practices of DevOps, as well as the prescriptive steps.” Here’s a quick reminder of the three ways set out by Gene: For Gene, all DevOps patterns can be derived from these three principles.

Let’s not beat around the bush: change management is a prehistoric discipline desperately in need of fresh thinking. Its “best practices” are frankly terrible. Nobody honestly thinks manually filling out change tickets, waiting for CAB meetings and external approvals does anything to meaningly reduce risk. Change management is slow, inconsistent, doesn’t scale, and is prone to error.

Backstage, a development portal, allows developers to maintain constant vigilance over the health of their networks and services, no matter where they are deployed. This is invaluable to teams, as many different deployments across different environments need to be monitored to ensure security and compliance. Find out how to evaluate, implement, and succeed with Backstage in order to maintain your security perimeter and ensure that all deployments are working as intended.

Today, federal agencies rely extensively on Cloud-based SaaS applications for everything from payment processing and document management, to data security and employee workflow automation. These tools help departments to function very efficiently, but because they are being used for essential government functions, it’s vital that they are safe and secure. For example, personnel at The Pentagon or The Department of Homeland Security can’t just choose any software vendor in the marketplace.

Let’s talk about what ISO 27001 compliance means for the tech team. If you’re a CTO, DevOps team lead, or cyber security specialist, you’ll have a lot of plates spinning at any given point in time. You need to ensure and maintain security protocols and compliance without hindering the development team’s ability to test and deploy new code (often at scale). It’s a constant battle to align development speed with governance tasks like audit, compliance, and security.

If you’re using containers to deploy your software, it is important to be aware of potential vulnerabilities within your container images. These may be introduced through dependencies in your built image, or perhaps through dependencies within the base image(s) used to build your image.

This third installment of the “Succeeding with Backstage” series explores how you can improve the adoption of Backstage within your organization. The previous two parts dealt with customizing the look and feel of Backstage and creating and maintaining custom plugins.

This final article in the “Succeeding with Backstage” series focuses on how you can incorporate Backstage as part of a broader developer productivity engineering (DPE) initiative. The previous parts dealt with customizing the look and feel of Backstage, creating and maintaining custom plugins, and improving Backstage adoption.