The telecom industry thrives on customer loyalty. For a leading telecom provider, achieving sustained growth hinged on attracting and retaining users. This case study explores how close collaboration between Business and IT departments, coupled with a shared digital transformation roadmap, played a pivotal role.
By actively simplifying products and features through value-stream development, the provider prioritized customer needs while implementing short, automated development cycles. This ensured high-quality, stable changes delivered at speed, ultimately maximizing customer value.
Key Challenges
- Need for Business-IT Alignment: Bridging the gap between business goals and IT deliverables.
- Complex Application Landscape: Managing DevSecOps solution for a diverse landscape of legacy, SAAS, COTS, microservices based applications.
- Slow-Release Cycles: Lengthy release times impacting market responsiveness.
- Lack of Consistency: Limited Automation, Manual processes, Multiple Non-Standard DevSecOps solutions hindering efficiency and consistency.
- Security and Quality: Limited checks on security and Quality.
Ready to experience?
TALK TO EXPERTS
The Solution
Centralizing and standardizing DevSecOps: Cloud, Security Scans, and Data-Driven Insights
- Cloud-First Approach: To achieve scalability and elasticity, a cloud-first approach was adopted for DevSecOps solution by leveraging Google Cloud Platform (GCP). This move enabled them to handle fluctuating workloads and demands more efficiently.
- Shift-Left Security: Introduced automated security scans like Software Application Security Testing (SAST) and Software Composition Analysis (SCA) in the Continuous Integration (CI) pipelines. To ensure effectiveness of the security checks, the security policies were reviewed and jointly agreed with the security team.
- Data-Driven Approach: A data-driven approach was implemented by utilizing data from pipelines. This provided real-time visibility into performance, quality, and security for all stakeholders, enabling informed decision-making.
Building a Future-Proof DevSecOps solution with Automation and Governance using Infosys DevSecOps Engine
- Centralized DevSecOps Solution: A strategic and future ready unified DevSecOps solution, built using Infosys DevSecOps Engine was implemented to automate development, integration, continuous delivery, and security testing across various applications. This facilitated quicker time to market while ensuring quality and security through centralized governance.
- Our DevSecOps solution is based on the principles of auto invocation of tools, auto gating of engineering stages, built-in quality and security and monitoring and alerting of pipeline executions. This solution currently integrates 15+ tools in the CICD pipelines and automates 10+ essential life cycle stages, with appropriate gating criteria
- Team Enablement: To ensure successful adoption and maximize the benefits of DevSecOps, development teams were upskilled. Comprehensive role-based training was developed and delivered to 600+ people in multiple waves and included tool demonstrations and interactive “SME speak” sections.
- To cater to continuous learning and flux in application teams, e-learning modules were developed and are hosted for self-paced learning.
Benefits
Improved deployment frequency from 6-8 weeks to daily/2-weeks for most applications, enabling a massive 6x to 12x increase in responsiveness to market demands.
Improved Governance through real-time data dashboards provide clear visibility into pipeline execution, application quality, and security posture for all stakeholders.
Automation and Centralized DevSeCOps solution resulted in reduced effort maintenance cost
