DevOps and Segregation of Duties
How you can make them work together.
DevOps and Segregation of Duties (a.k.a Separation of Duties) or SoD are not usually spoken about in the same sentence. DevOps is all about removing barriers and minimizing hand-offs, while segregation of duties is about adding gates to minimize risk.
When working in highly regulated industries, such as Finance or Healthcare moving teams towards a DevOps way of working can by quite challenging. This is due to the fact that regulators want assurances that only requested, approved and fully tested changes make it to production. In these situations the main control that is used to give this assurance is in fact Segregation of Duties.
Segregation of Duties
So what is Segregation of Duties?
Separation of duties (SoD; also known as Segregation of Duties) is the concept of having more than one person required to complete a task. In business the separation by sharing of more than one individual in one single task is an internal control intended to prevent fraud and error.
In the software engineering world, this basically means the person (or team) who developed the code cannot approve or deploy the code. Again, to prevent the accidental or malicious release of…
