DEVOPSdigest asked experts from across the IT industry for their opinions on the top tools to support DevSecOps. Part 3 covers security and monitoring ...
Global banks, like any large enterprise, have always aspired to be finely-tuned machines. They depend upon a vast network of employees and physical infrastructure, with each component of the network playing a small, yet integral role in ensuring a smooth customer experience to their end users. In the age of the customer, we expect instant access to funds, the ability to sign up for new banking products with ease, and an intuitive banking experience on any device, with nothing but a touch or a few keystrokes.
Today's banks are not what they were just a few short years ago. In the digital age, the lifeblood of the bank is not its chain of physical branches, its tellers or its contact centers — it's the software that the bank uses to interact with existing customers and to attract new customers. Smart banks need to put software (and consequently, their IT teams) first in order to make sure that their systems and applications are easy to use, safe, and reliable.
Despite being in a highly-regulated industry, today's best-performing banks have realized that they can no longer just be financial services companies — they need to be technology companies too. And that's why, increasingly, IT teams have become front and center components of the banks' digital transformation discussion, and even of the business development function.
Given the regulatory requirements and the importance of their function, it's not a secret that in-house builds of software are timely, costly, and often just plain inefficient for banks. As a result, banks have depended on third-party software to manage many of their most essential functions — from fraud and cybercrime prevention, to regulatory compliance, to customer onboarding and digital sales.
A large bank often works with hundreds of technology suppliers whose software is integrated into its infrastructure, and a process as simple as a new user opening a bank account often involves software from ten or more distinct tech vendors. These pieces of third-party technology have become some of the most important cogs in the global banking machine, and making sure that they operate together smoothly and securely is vital. With so many separate applications to keep track of, this can be a tall order for bank IT teams. Frequent updates, improvements, and additions to banks' software portfolios make each distinct software integration even more difficult to keep tabs on.
To stay afloat in this ocean of applications, bank IT teams must embrace that their DevOps capabilities will determine their agile capability. Agile breaks down the barrier between the business and IT, and operations must be treated as a critical element of an agile program. In modern software delivery, the business, development and operations must execute as a unified team. To achieve this, banks are increasingly turning to Continuous Integration (CI) practices as part of the solution.
CI ensures that new pieces of code are automatically tested for bugs and are only deployed once they have passed an array of automatic tests. Any errors or vulnerabilities are flagged before they have the opportunity to impact consumers. This process removes much of the effort and risk from new code deployments, helping banks to more effectively answer ever-increasing consumer technology demands without jeopardizing the smooth functioning or security of their software.
In short, CI shortens the time from ideation to delivery and de-risks deployment, which is incredibly important across banking functions in an era where applications constantly must be screened for defects, performance and security flaws, not to mention updated with shiny new features.
As bank IT teams continue to adopt CI, they're looking for third-party vendors whose software makes use of CI principles and can easily fit into their existing CI processes. Such software provides CI support through features and capabilities for configuration, testing, deployment and SCM. Deployment frequency can be increased from several times per year to several times per month, or even daily. Releasing features into production should be a business decision not an exercise in complex release management or a technology barrier.
Before effective DevOps and CI practices and third-party software providers, changes could necessitate weeks and months of code review and regression testing of the entire application. Now, banks can implement changes to their software whenever they want, at the touch of a button.
In one case, a top 10 global bank built an online account opening application. After launching the application and reviewing analytics, they decided to implement CX changes to optimize the application and decrease abandonment. In just 1.5 days, they built all the changes into the application. Compliance approved the changes in 7 days and the new experience was tested and deployed after a total of 2 weeks. Previously, these changes would have taken the bank 3-6 months.
To put it simply — software-focused banks are embracing CI and the increased agility it provides in delivering to their customers, and they want to work with third-party platforms that reflect this new paradigm and make use of the same tools, processes and configurations they're familiar with. For developers, this capability enables them to stay on the cutting edge of software development. No matter what function they're looking to carry out — be it new customer onboarding, account management, or anything else — bank technology teams want to utilize fully constructed platforms that fit seamlessly into their existing tech platforms. Committing to CI leads to a dramatic increase in quality, time to market and ultimately value to the customer by uniting the priorities and the capabilities of the business, development and operations within banks.