Tanzu Talk: Hug Your Auditors, or, Treat Compliance as a Feature
Many people use "regulations" and "compliance" as an excuse to avoid changing how they build and run software. But, what if compliance was actually a beneficial feature, and auditors were "customers" you were looking to please? “Nobody thinks of it as ‘governance’ if it benefits them. They only call it ‘governance’ or ‘regulation’ if they don’t want to do it.” Let's see if we can turn this frown upside down. Book office hours: https://tanzu.vmware.com/office-hours?utm_source=cote&utm_medium=video&utm_campaign=tanzutalk Find out more about VMware Tanzu, including our kubernetes distro: https://tanzu.vmware.com/tanzu?utm_source=cote&utm_medium=video&utm_campaign=tanzutalk Pivotal Cloud Foundry - the Auditor’s Guide - https://tanzu.vmware.com/content/white-papers/pivotal-cloud-foundry-the-auditors-guide US Air Force story: https://www.defenseone.com/ideas/2017/10/how-us-air-force-made-its-isr-network-cheaper-run-and-easier-upgrade/141806/ ---- Chapters: 00:00 - People don’t like governance and regulations, but everyone has it. 00:49 - The three types of apps being governed. 02:27 - Enterprise architecture governance - governing decades of app design sprawl. 04:26 - regulations, like, laws and stuff. 06:54 - Treat regulations as a valuable feature, auditors as “customers. ” 07:39 - Example: we benefit a lot from banking regulations. 08:31 - Auditors are “customers” as well 10:50 - “Governance” is stuff you don’t want to do - so, hack your mindset. 11:20 - Auditing is an overly manual, error prone process - it needs better tools! 12:00 - Use automation and cloud native stuff to make auditing better 14:23 - Example: the US Air Force automates governance. 16:28 - Benefits of embracing regulations as a feature. 17:48 - Regulations are a strategic asset. 18:25 - Example: startup banks vs. big banks. 21:43 - Embrace regulation and compliance - good customer experience, done efficiently. 25:18 - The Return of Banana Boy.