The old engineers’ adage of “fast, safe and cheap, pick two” doesn’t apply in the cloud-native application world. Organizations need to quickly deliver innovation, reduce time to value, while ensuring that appropriate controls are in place for security and compliance. Niu Solutions is tackling this problem head-on to deliver on all three of these dimensions for their clients. With a customer base ranging from startups to large financial services corporations, Niu’s challenge is to help these high-velocity organizations deliver value fast, while enforcing the appropriate level of regulatory checks to ensure compliance of the final solution. A new case study and video featuring Jon Williams of Niu digs into how Jon’s team reengineered their processes to meet these two opposing needs in a predictable and efficient fashion.
With clients such as financial institutions, effective compliance enforcement are table stakes for any IT project. Jon and his team used InSpec to allow Niu to continuously and automatically monitor projects for compliance based on specific rules. Using InSpec to handle this task frees up resources on Jon’s team so they can shift their focus to create and deliver core value rather than dedicating cycles to audit processes. This change reduces the time Niu spends on compliance checks by 93%.
“With InSpec, you have a real-time view of how you’re performing. When you come to that audit exam you already know if you’re passing or not. In fact, the event of the audit is a simple step of printing the output.”
According to Jon, handing off compliance work to InSpec also created a blueprint for Niu to adopt Continuous Automation for their infrastructure configuration, deployment and management. Combining InSpec and Chef Automate allows Jon’s team to detect and correct in the same process, and then automate the ongoing configuration and deployment based on lessons learned. One upside of this implementation is a reduced SQL setup time from a full day to just 12 minutes.
“Literally, anything that went through an automated build had no issues, which is amazing and, actually, a revelation.”
The final and most important step in the process identified by Jon was to get people involved in the process early. Engaged teams, he notes, not only drive successful adoptions but teams who understand the benefits will find new and expanded use cases to expand the impact of the investment in continuous compliance and continuous automation. As Jon points out, “Now the teams are coming to us and asking for the developer services team to write cookbooks for them to realize the upside benefits.”
Ready to learn more? Hear about the Niu journey in Jon’s own words in the embedded video, or read the NIU Continuous Compliance case study.