CMMC 2.0 requirements are here — and The Cybersecurity Maturity Model Certification (CMMC) is mandatory for organizations involved in the Defense Industrial Base (DIB). Established by the Department of Defense, this framework outlines strict cybersecurity standards, aiming to safeguard Controlled Unclassified Information (CUI) throughout for contractors and subcontractors of the Department.

Role-based access control (RBAC) is a way to secure IT systems and networks by limiting access to roles that can be assigned to individuals and groups of users. It makes sense for just about any IT team. After all, not everyone needs access to everything in a system, right? Different roles have different responsibilities, and those responsibilities require access to different things. RBAC makes sure that only the users who need access to certain services and resources have it.

Configuration management tools can help you track and manage changes to systems within your infrastructure, making sure that your software and hardware runs reliably and smoothly.

Why make a migration from Ansible to Puppet — or in some cases, start with Puppet over Ansible right out of the gate? In this blog, we’ll explore some common reasons that organizations say they chose Puppet over Ansible, citing specific use case examples around the functionality of each platform.

If you’re doing cloud operations right, your cloud needs are going to change over time. Cloud scaling can help you add cloud resources when you need them and retire or recycle them when you don’t. Cloud scaling is great for meeting traffic demands, accommodating demanding workloads, and controlling the chaos of cloud ops. But for all the flexibility that cloud scaling offers, it can also introduce liabilities in your cloud infrastructure.

Infrastructure as code (IaC) is the act of writing infrastructure configurations as code so they can be understood, repeated, and enforced with less manual effort. IaC is also a powerful way to convert tribal knowledge into technical knowledge. It’s a far-reaching and essential part of managing infrastructure at scale, with benefits that have expanded to platform engineering, security and compliance, network administration, and so much more.

When looking at the broad landscape of IT automation tools, you’ll find dozens of tools that seem like viable solutions to your automation needs. Almost all of those tools can be broken down into two categories: Open source automation tools and commercial automation tools. (Open source automation tools with a commercial offering are still considered open source, even if the commercial version has a price tag.)

Tech debt affects just about every software organization. For better or worse, speed is one of the core tenets of the software development industry – the rush to build more, add new features, and find solutions fast can drive short-term growth for small organizations and add value for large companies. But haste, as it usually does, makes waste: The mass of suboptimal code, redundant services, and bottlenecked processes that we call tech debt.

Following good practices in the Day 0, Day 1, and Day 2 software development lifecycle can help you create a consistent environment that is easier to maintain. In this blog, we will deepen your understanding of how to make Day 2 operations succeed, and how high performing teams put Puppet to work on Day 2 to make a stronger, less manual, software development lifecycle.