Report on DevSecOps in our Organization
You are a solutions architect for the company, KidsBuyNow, which is a fairly new (2 years old) e-commerce company specializing in kids clothing and toys. This is a very competitive environment and your CEO wants to greatly expand the customer base, capitalizing on the bankruptcy of KidsRUs and ToysRuS.
Over the past year you have migrated many of the IT resources to the cloud (see attached). This is a multi-cloud environment with four major components:
- HQ: the company still runs an internal data center which hosts the company’s ERP system, including all the company’s financial data.
- Amazon Cloud: customer facing applications such as the company catalog and the e-commerce actions. Inventory is also stored on the Amazon site and is accessible by the company suppliers such as Hasbro
- IBM Cloud, where the company’s data mining activities are housed, using tools such as IBM Watson
- Microsoft Azure Cloud including the company’s administrative systems using Office 365 and SharePoint (including documents which include the company’s intellectual property).
You have been implementing DevOps but there have been a few security issues. The CIO is concerned about the company’s reputation if data breaches and has asked you to prepare a report that address this.
This repot should include the following:
- Describe the different components of the IT infrastructure and what advantages does each cloud provider have for the company
- Discuss the value of DevOps in this environment (at least 3 references to sites that recommend DevOps)
- A description of all the security devices that are part of the solution and how they protect the company (e.g., firewall, routers)
- Discuss DevSecOps as the next project for your team, explain what it means, and how it will improve the company’s security (at least 3 links to sites that recommend DevSecOps and 2 companies that are using it)
- A summary of how you are continuing to poise the company for a sudden growth in sales as ToysRUs declares bankruptcy.
This is a formal report, with a cover page, an automatically generated table of contents, and at least 4 pages of text (you may include relevant graphics). The report is for the CEO who does not have a strong technical background and so should avoid too much jargon. To overcome this, add a glossary at the end of the report including at least 6 technical terms you have used in your report.
You also need to include a cover letter to the CEO (Jennifer Jones)
Note the Amazon router is also a load balancer