Why banking apps crash
Where things fall flat is around quality control, testing and backup, and getting the apps into production.
It’s a simple fact of life: the faster we’re able to do things, the faster people want them done. There’s a constant race to be quicker to market, and the shift to agile DevOps is enabling that drive. However, unless the entire process is agile and automated from start to finish, it’s probably going to hit a roadblock if an updated app is released using manual release processes.
“A lack of visibility and the risk of faulty deployments are challenges faced by enterprises implementing agile DevOps,” says Gary de Menezes, Managing Director of Micro Focus South Africa. “Successful DevOps transformation programs enable enterprises to simplify app delivery, but this requires DevOps processes that include build, deployment and test automation technologies. While single DevOps processes can be relatively easy to manage, enterprises increasingly need to support multiple process approaches.”
Release management is one aspect of DevOps that people always leave until the last minute because it’s not really front of mind, says Seph Robbertse, Senior Pre-sales Solutions Architect at Micro Focus South Africa. “Everyone is trying to work in a more agile DevOps way. This works well for teams, but on an enterprise level there are more dependencies and intricacies to consider.”
Robbertse refers to the SAFe (Scaled Agile Framework) industry standard that can help enterprises build more agile businesses by implementing release trains.
He goes on to explain: “The financial sector has suffered some major outages over the past few months, and this is largely because in the back end, they’ve been implementing agile DevOps and open source. They have a lot of project teams and are dealing with multiple releases of new functionalities into an app that are coming from multiple areas and need to be consolidated into a single app.
“Where things fall flat is around quality control, testing and backup, and getting the app into production. The development teams each test their contributions individually, but when they all come together for roll-out, errors occur nonetheless. This is because the agile DevOps process that they’re using doesn’t include quality control and release management across the whole.”
In SAFe speak, the app’s release train has several stations on the way that include quality and security testing during the handovers between various stations, but what’s also required is total visibility.
“You need to have proper release automation and control in place before the updated app functionality goes live,” says Robbertse. “Business is under enormous pressure to get new capabilities out faster instead of having proper business processes in place to make sure that what goes out is quality controlled and tested. The challenge is that you can’t slow down the release because you’ve got all this input coming through the back end from all of the different teams.”
This is where one of the biggest pitfalls lies for an enterprise when going from a traditional DevOps lifecycle to an agile DevOps lifecycle. The traditional method required planning, establishing specifications, different development phases and eventually, different processes were rolled out. But this approach took too long to get anything out. With agile, the development is broken up into agile teams that are each doing their own thing and pushing out solutions on an ongoing basis.
“However, enterprises can’t just switch from a waterfall to an agile approach to development because things will likely fall apart at the end of the development process,” says De Menezes. “To prevent this, they need to pay more attention to release automation and release control.”
While Gartner refers to it as app release automation, Forrester calls it continuous delivery automation. Regardless of the term of choice, enterprises have to start orchestrating or having some form of automation in their releases to avoid time being lost during handovers between the different stations.
Organisations need to implement an auditable and compliance-governing release management process. Robbertse says: “You need to be able to trace who hit the ‘go’ button so that you can hold people accountable, and that capability is lacking in tools. Enterprises have outages but have no idea where the problem originated as the contributing teams are so widely dispersed.”
It’s clear: a central solution is required to provide actionable insights into where all the different releases are in the organisation as that will provide governance and compliance.
Manual release control is the single biggest cause of continual outages of enterprises’ key apps. Modernisation of the app lifecycle is putting too much pressure and demand on the still manual operation's piece of releasing the apps safely into production.
Enterprises have invested large quantities of time and money on implementing agile DevOps at the back end of the development lifecycle so that they can become more agile and implement changes more quickly. However, they’re unable to deliver those changes because the final part of the process is still manual, and there are just too many changes coming through from the development phase for the manual processes to handle effectively. The final production phase needs to be automated.
Failure to do so is causing security breaches and, in most cases, serious outages to customers; for example, as seen recently in the banking sector.
De Menezes says: “I’m not aware of any enterprise that has focused on modernising and automating the release of new business requirements with the same level of intelligence that they’ve introduced to the development lifecycle. That’s where the mismatch is. When something goes wrong and the app doesn’t work as it should, the enterprise doesn’t know which version to roll back to. It’s vital to modernise and automate the release control portion.”
According to Gartner, by 2023, 90% of organisations will fail to meet required release speed to deliver full business value to their customers if they use a centralised release management approach in DevOps environments. Also by 2023, 75% of applications will be released by a release orchestration tool to meet customer requirements for speed and risk mitigation.
“What has further complicated the world of manual releasing is the inclusion of cloud,” De Menezes continues. “Some people have pieces of apps in the cloud and others on premises, and release from and to different places, but still have their old manual processes in place to do this. That piece of the value chain needs to be modernised and automated if enterprises are going to keep up with demand for greater velocity.”
To find out more about using release orchestration to govern a DevOps tool chain, watch this webcast.