Reinforcing DevOps approach with security and risk management: An experience of implementing it in a data center of a mexican organization

Abstract

Nowadays the importance of the term DevOps (Developer Operations) has increased around the world, and Mexico is not the exception. This paper describes the implementation of information security and risk management best practices in a DevOps approach established in a Data Center of a large government organization of Mexico. The DevOps approach with security and risk management practices was named as DevSecOps + Risk Management and it aims to produce a strategy among automatize operation within the organization or enterprise using information technologies, software engineering and quality controls, so that, it allows managing work flows, version control, software product release, risk management and security reinforcement, considering people and technology.