Skip to Content

Realize compliancy with policy automation

Jul 1, 2021
Sogeti Labs

In our latest whitepaper, 6 tips to integrate security into your DevOps practices, one of the tips is realizing compliancy through automation.

Regulatory regimes are increasingly rigorous. That’s a good thing. Nonetheless, ensuring compliance across a burgeoning application landscape isn’t easy. The Enterprise DevOps 2020-2021 Report¹ states that almost half of the surveyed executives said they were not sure which data compliance standards they needed to meet. The report further noted that simply verifying the security of an application or environment when it’s first deployed is no longer sufficient. Clearly, the logical solution is to ensure continuous compliance at every step of application development and management (ADM).

Policy automation builds on the argument in Tip 2 (Integrate security in the early stages of the development lifecycle)
to illustrate why shifting security left is critical for every enterprise. Taking Microsoft Azure as our reference, here are six
steps for your enterprise to realize continuous compliance with policy automation:

  1. Determine your policy set
  2. Adopt a policy-as-code model
  3. Update policies in code and push to Azure
  4. Close the loop with compliance scanning
  5. Shift left using a quality gate
  6. Use Azure Security Center to monitor and observe

The end goal of these six steps is enabling closed loop policy automation. When set up, compliancy is continuously monitored and aligned with all changes, at any time.

Want more info? Read the full whitepaper here!

About the author

Principal Consultant | Netherlands
Peter Rombouts is a Multi Cloud Solution Architect (Azure and AWS) with a strong focus on the Microsoft Azure platform. Supporting enterprise organisations in the Netherlands as consultant, lead developer and architect. Currently employed as a SIG Certified software consultant, Microsoft Certified Azure Architect, AWS Certified Solution Architect and certified Scrum Master in the Netherlands.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Slide to submit