When Speed and Security Matter
The Client’s Challenges
If you or someone you know has ever received a paycheck, chances are good that ADP was involved. ADP’s 60,000+ employees support some 610,000 clients around the world in processing more than 31,000,000 paychecks per day. The development teams were upgrading a number of corporate applications, but they faced an immediate directive to address security concerns in their practices.
The challenges were many, including: recurring deployment failures that repeatedly bled into the business day; lack of end-to-end visibility; inconsistent and insecure development practices that stemmed from a largely contingent workforce; agile practices that had fallen out of practice for 9 months.
What We Did
On the first day of the engagement, we found the Dev and Ops teams mired in fire-fighting mode from yet another significant deployment failure. We were brought into the conversation at 2PM. By 3:30PM, we had finished debugging, successfully redeployed, and emailed a post-mortem analysis. We proved how a transparent data corruption occurred, how we fixed it, and how to prevent it from ever happening again.
From there, we introduced ADP to our proprietary Release Readiness process, which produced successful outcomes at Citigroup, Barclays Bank, Ernst & Young, Russell Reynolds Associates and NJM. We also coached them in making the daily scrum more succinct; in grooming the product backlog; and in re-introducing scrum ceremonies such as sprint retrospectives.
Using our experience with all versions of Visual Studio and all versions of Team Foundation Server (TFS), we upgraded some legacy applications, and debugged within hours coding problems that had sometimes taken developers a couple of weeks. We started moving them away from manual to automated build processes, including the creation of one build per application, instead of one build for each environment. We also created easy-to-maintain scripts to deploy any application to any target environment.
Throughout the engagement, we provided hands on training, including on the following Topics:
1. Release Management (Release Readiness; deployment documents, code comments for code review as well as post-mortems; release verifications)
2. Productivity Tips (TFS Cache management; Standardizing the Visual Studio workspace; troubleshooting; strategies for discovery of transparent corruptions)
3. Tool introduction (TFS plugins; TFS Power Tools; encryption; management for 3rd party dependencies)
During this work, ADP demonstrated why it is rated as one of the best places to work. Architects, development leads, business analysts, developers and project managers packed our hands-on training classes. They enthusiastically experimented and implemented what we taught them. Best yet, management now feels confident providing signoffs because they have a single-pane view of their release readiness, and because we implemented much more secure protocols than they received from the recommendations of their original security assessment.