DevOps and Segregation of Duties

Jeehad Jebeile
9 min readNov 19, 2018

How you can make them work together.

DevOps and Segregation of Duties (a.k.a Separation of Duties) or SoD are not usually spoken about in the same sentence. DevOps is all about removing barriers and minimizing hand-offs, while segregation of duties is about adding gates to minimize risk.

When working in highly regulated industries, such as Finance or Healthcare moving teams towards a DevOps way of working can by quite challenging. This is due to the fact that regulators want assurances that only requested, approved and fully tested changes make it to production. In these situations the main control that is used to give this assurance is in fact Segregation of Duties.

Segregation of Duties

Image Credit

So what is Segregation of Duties?

Separation of duties (SoD; also known as Segregation of Duties) is the concept of having more than one person required to complete a task. In business the separation by sharing of more than one individual in one single task is an internal control intended to prevent fraud and error.

Wikipedia

In the software engineering world, this basically means the person (or team) who developed the code cannot approve or deploy the code. Again, to prevent the accidental or malicious release of unauthorized code into production.

In contrast, DevOps is about bringing together (or merging) the two once discrete functions of Development and Operations into one. By having the same team that develops and tests the code, also support the operation of the code in production. Segregation, i.e. the act or practice of segregating; a setting apart or separation of people or things from others or from the main body or group, is the complete opposite of merging. Yet, this is still one of the most common practices to control what can or cannot be promoted to production.

What are the drawbacks of Segregation of Duties in DevOps teams?

  1. SoD can slow teams down by adding unnecessary hand-offs and has the potential to introduce errors. Every time a hand-off occurs, a transfer of information needs to occur, which not only slows things down but can also introduce a Chinese
Jeehad Jebeile

Written by Jeehad Jebeile

133 Followers

Lover or all things Agile, DevOps and Software delivery. Employing over 20 years of Software Engineering and Leadership techniques to making teams Awesome.

More from Jeehad Jebeile

See all from Jeehad Jebeile

Recommended from Medium

Lists

General Coding Knowledge

Stories to Help You Grow as a Software Developer

Good Product Thinking

Coding & Development

See more recommendations