Modernizing your database processes with DevSecOps...DBmaestro Moderniing your database processes...

Modernizing your database processes with DevSecOps

Modernizing your database processes with DevSecOpsDBmaestro

1

2

6

7

9

10

11

Introduction

The Shift to DevSecOps

Database Flow

Comprehensive Security

Managing “Drift”

Transparent Auditing

Conclusion

Table of Contents


1

Not long ago, companies enjoyed the luxury of releasing new

products and services occasionally. In those days, developers

might work for weeks, months, even years, accumulating database

changes across a mix of update scripts and shared development databases.

When it was time for the infrequent release, the burdens of assembling,

ordering, and dealing with potential conflicts and deployment issues

typically fell squarely on database administrators (DBAs). It wasn’t

uncommon for DBAs to invest significant effort installing/upgrading

production or customer sites manually, often because their databases

had long since “drifted” from the prior release schema. And that’s to say

nothing of the hair-whitening, wee-hours work involved in recovering after

unforeseen issues.

The DevOps movement has effectively rendered that a competitive

impossibility. The window between releases has shrunk in many

industries from years to weeks, days, even hours, all in the quest to deliver

incremental value to the customer more quickly and increase market share.

Such “heavy”, manual processes are simply unworkable at those speeds.

In this document, we will describe four pillars to building the infrastructure

you need to shift your database development into high gear and succeed in

today’s environment.

Introduction


2

The Shift to DevSecOps

This is precisely why various tools have come (and gone) since the dawn

of the DevOps revolution, pioneering techniques to bring database power

back to “the people”. Today’s developers enjoy a variety of offerings that

provide assistance and guidance in their database interactions.

For example, database source generation, compare & sync tools have

made it possible to focus on a database model, shared and versioned via

simple text files just like traditional code, and (more or less) detect and

synchronize changes between said model and live databases hosted by

various SQL servers. Tools to manage snapshots, clones, even generate

complex rollback scripts, have also made it safer to manage the install/

upgrade process for customers.


3

This “democratization of database development” has helped, but it

overlooks a simple, painful truth: developers are not DBAs (generally

speaking). Giving developers increased database power has made it

easier than ever before to deploy bad schemas, sub-optimal procedures

and execution paths, and that’s to say nothing of the painful wiping-the-

production-database anecdotes that litter the online graveyard of less-

fortunate companies.

Image 1: Democratization Of Database Development

DBmaestroThe Old Way

Database Database

Developers

DBAs

Security Control

Developers & DBAs

Database Release Automation


4

The resulting trajectory of DevOps today is toward bringing together not

only developers and operations, but increasing security, control, auditing,

and visibility at every level. It’s not enough simply to build, test, and deploy

new releases as quickly as possible. Winning organizations must accept

that great database power requires great database responsibility: during

development and continuous integration (CI), continuous testing (CT), and

continuous delivery (CD).

DevSecOps

Security OpearationsDevelopment

Image 2: Development + Security + Operations = DevSecOps


5

The tricky part is building the proper database “civic infrastructure” to

serve and protect along the way, striking just the right balance between

freedom and security. Developers need the freedom to iterate quickly—

even fail badly and learn from their mistakes. But that freedom needs to

end where production/customer security concerns begin.

A pipeline mechanism

to enable database change integrations

Security measures with granularity

and focus to match capability with understanding

Database compare and merge

capabilities to catch and manage

“configuration drift”

Transparent auditing for every significant action

at each step of the process

1

We suggest there are four pillars for success:

3 42


6

Developers have long enjoyed source control systems and CI tools that

automate integration of “code drops” from multiple teams into a single,

production build, but database development has lagged behind. What’s

needed is a similar pipeline approach to structure and control the flow of

database changes.

The goal is to allow teams to work in isolation yet incrementally push

their results through a tightly controlled series of stages, all the way

from integration to production. Such a framework allows the freedom

developers need to iterate quickly, yet maintains sufficient control of

their results to review and ultimately validate all the changes before

they’re pushed to production.

Database Flow


7

Image 3: Breaking Down Different Roles/Permissions and enforcing policies

Denied Acess

Partial Acsess

Unlimited Acess

Experienced Developers

DBAs

New Developers

All developers may be created equal, but not all developers are equal—

especially when it comes to working with today’s SQL databases.

Whatever tools you choose, they should offer sufficiently flexible and

finely-grained security to achieve the proper balance across your entire

DevSecOps pipeline.

Comprehensive Security


8

It’s relatively common, for example, to restrict deployment of particular

applications to specific environments, but this is only the final step. A

more comprehensive approach should include more subtle controls as

well, such as ensuring that only those developers who actually understand

the implications of a sensitive operation, say dropping a key table or

reconfiguring a crucial index, have the permissions and capability to do so.

It’s also important to consider different vectors of delivery for database

changes, as developers can be surprisingly resourceful (even downright

crafty at times). A tool that lets you secure features in its own interface

is helpful, but developers with access to the database vendor’s GUI can

simply work around it. And in the end, developers can always write their

own code to execute statements directly in the database engine. They are

developers after all.

In short, you need to ensure that your tools allow only what you wish to

happen. Otherwise, you’re leaving yourself open to new-guy-nightmare

scenarios, like accidentally wiping years of work with a single, poorly-

understood command.


9

And of course, the real world isn’t a model, so let’s be honest: sometimes

things happen to production databases that shouldn’t. Even those who

know better are sometimes forced to deploy a “hotfix” to make it through

the business day. So whatever tools you choose, you’re going to need a way

to handle such “drift” from the model before you deploy any new changes.

Otherwise – you are at risk of overriding new changes with outdated ones.

Image 4: The risk arising from simple two-way compare

Two -Way Compare Three -Way Merge

Compare Compare Compare

Override

Database Model 1

A AB B

Database Model 2

C C

Conflicts Conflicts

Known - Good Baseline

Database Model 2

Database Model 1

Merge

Managing “configuration Drift”


10

The trickiest part of the whole process is sometimes the process itself,

making sure that everything is proceeding according to plan. And this can

be especially painful in the increasingly litigious world we occupy. Proper

reporting for compliance, particularly when criminal or civil liability may be

involved, is crucial to the long-term survival of any organization.

You need answers to the big questions, if you want to defend yourself at

any arbitrary level of scrutiny. Your tools should track and let you approve

every change, and provide solid audit trails for chasing down any issues. In

short, you always need to know who made the change, what objects were

involved and where they were altered, when it all occurred, and why it

happened—just like traditional source control systems. Otherwise, you’re

practically begging for trouble at your next compliance audit.

Transparent Auditing

Headquarters: 300 Baker Avenue, suite 300, Concord, MA 01742, USA +1 978.405.3368EMEA Headquarters: 21 Yagiya Kapaim st. Petach Tikva 4900101, Israel +972.3.9248558

Copyright © 2017 DBmaestro. All rights reserved. DBmaestro is registered trademarks of DBmaestro. The DBmaestro Logo is a trademark of DBmaestro. All other trademarks used herein are the property of their respective owners.

Follow Us:

The question isn’t whether you need to replace older, “heavy”, manual

deployment and release processes; it’s how long you can survive in today’s

environment until you do. Your tools must strike the right balance between

developer liberty/capability, DevSecOps control, and database control, so

choose wisely.

Conclusion

https://twitter.com/DBmaestro

https://www.facebook.com/dbmaestro/

https://www.youtube.com/user/dbMaestroDemo

https://plus.google.com/+Dbmaestro

http://www.dbmaestro.com/subscribe/

https://www.linkedin.com/company-beta/457315/

Modernizing your database processes with DevSecOps...DBmaestro Moderniing your database processes...

Documents

Transcript of Modernizing your database processes with DevSecOps...DBmaestro Moderniing your database processes...