Justin Stone, senior director of Secure DevOps Platforms at Liberty Mutual, helps lead a team that has responsibility for the end-to-end developer experience at the company, and the DevOps model plays a critical role. Founded in 1912, Boston-based Liberty Mutual is one of the largest insurers in the U.S. and over its century of business operations has seen all manner of technologies come and go.
Stone explained that there is a centralized marketplace portal that provides Liberty Mutual's developers with access to tools and resources in what he referred to as a choose-your-own-adventure approach. Developers can choose from different types of boilerplate code to help get a project started, and they can also see what other teams within the organization have done, to learn from them.
"Our developers are building solutions that are meeting our business needs," Stone told ITPro Today. "That list can be anywhere from product policy systems to our core underwriting systems as well as our back-end systems of record for all the data we collect and make decisions based on."
What DevOps Means to Liberty Mutual
For Stone, DevOps is not a team or even a single role within the organization; rather, it's a way of doing work.
The key reason for using the DevOps model is to break down the barriers of a more legacy approach to development that is separate from operational functions, Stone said. The goal for Liberty Mutual, as it builds and consumes development platforms with the DevOps model, is to own the entire stack, including the operational nature of it, he said.
"It's about fully empowering our developers and engineers to solve things in a manner they need, with the toolsets that are available in the industry," Stone said. "We want them to codify development, we want them to leverage building deployment pipelines, and we want them to bake security, availability and resiliency into the process."
The DevOps model that Liberty Mutual uses has a centralized portal for resources, meaning that the code repositories are tied into all the various systems of record that are used to track assets across the organization.
"So we know who created it, who owns it and what they're doing with it," Stone explained. "It allows us to track the full lifecycle from the moment the repo is created all the way through that code finding its way into production implementations."
Having that full visibility enables Stone and his team to track security and compliance as well as observability to make sure coding efforts are meeting the business's needs. For developers, what the DevOps model provides is more insight for making decisions.
Speed has been another benefit of embracing the DevOps approach, according to Stone.
"What used to take months to provision, from the ground up on bare metal hardware, now through our DevOps processes and through our cloud implementations, we can now do in minutes," he said. "So, what used to be a barrier for getting things started is now an accelerator to try and experiment."
Because developers can now experiment in far less time and even throw their experiment away if it doesn't work out without feeling like it was a wasted effort, Liberty Mutual is now seeing much more experimentation and the incubation of new ideas and new approaches, Stone said.
"It has really empowered that experimentation from our developers and engineers and opened up their eyes for what might be possible because the expense to do that is far less than it ever was before," he said.
Getting the Most Out of DevOps
The path to DevOps success has its fair share of challenges along the way, though Stone emphasized that most DevOps challenges are not related to technology.
"I think it's how you communicate out the value that some of these changes bring," he said.
The real key though is getting started.
"First and foremost, stop delaying the start. Just get started with a small team and prove it out, build the confidence around it," Stone recommended.
Stone, however, warned that as organizations ramp up DevOps practices, things will break. As development teams speed up, areas of your operations that are more fragile are going to be exposed more often, he said. That's not necessarily a bad thing though, as that will also create opportunities to fix things.
"I think that's where early on, there has to be that strong commitment from the operations team to really be at the table to help make it more automated and streamlined to make the tools more nimble and capable," Stone said. "Otherwise, it's going to frustrate everyone, and you're not going to go as fast as you want."