For secure and reliable applications, separate deploy from release

Few operations are both as common and as risky as deploying new applications or updates. Agency after agency has run into situations where, for whatever reason, rollouts run into trouble. Functions don’t work. Maybe they cause unintended consequences. The result? Users, in the agency and the public, fume, and operations gum up.

But there is a way to reduce deployment risk and, at the same time, enable greater developer productivity. It’s called feature management, said Sara Mazer, federal chief technology officer at LaunchDarkly. She added that several agencies are already using it.

“Feature management is one of the best tools that agencies have to reduce risk,” Mazer said during Federal News Network’s Industry Exchange Cyber.

How feature management works

Feature management works by separating code deployments from releases of new features in the continuous integration and continuous deployment (CI/CD) pipeline. Developers work continuously writing and checking code. But at some point, a developer or someone nontechnical, such as a program manager, enables a particular feature.

“The cool thing is that you can actually release a feature and then target a small subset of users first” to test it in real use, Mazer said. That’s how LaunchDarkly, works, she said.

“We enable launching features in the dark. If you have dark launched it, you want to maybe even test it in production, and then see that, before you roll it out to the rest of your user base,” Mazer explained.

As a product, LaunchDarkly enables this process of code assurance before wide deployment. It consists of elements of software development kits (covering 26 languages so far), Boolean statements to delineate code sets that constitute a feature, and a dashboard to flag and manage individual features.

Why feature management reduces risks

Feature management is “very in tune with cybersecurity needs” because it’s a best practice of a development, security and operations (DevSecOps) methodology, Mazer said. By launching a feature in the dark, IT staff can monitor the feature’s security before turning it on widely. And, if after that a security issue comes up, for example someone attempting to download an entire database, the staff can instantly turn off the feature through the feature management dashboard.

“And then that feature disappears in like 200 milliseconds,” Mazer said. “Meanwhile, you don’t have to take the whole database down or the whole application down. It’s just that one feature that’s impacted.” The result is less disruption to users, yet you’ve dealt with a security risk.

Mazer said IT staffs can configure feature management tools to automatically turn off features or even entire applications if the tool detects a certain cybersecurity condition. The IT team can also configure a tool such as LaunchDarkly to switch off nonessential features when performance monitoring indicates a need to enable more capacity in essential features, such as during a peak enrollment or filing period.

Organizations realize cost savings in two ways when using feature management, Mazer said. Developers themselves are more productive “because you don’t have these big bang releases that, potentially, might have an issue you have to then go back and deal with,” she said. “Then, developers are constantly developing as fast as they can.”

Plus, by testing features with limited users — that is, testing in the production environment — the organization “doesn’t need all those preproduction environments anymore, your dev, test, staging and so forth. You may have a couple still, but you don’t need as many as you did before,” Mazer said.

Impact of feature management on modernization

A harder-to-define benefit comes from how feature management modernizes the workplace for developers and application designers, the very types of people the government is trying to attract, Mazer said. “Anytime you introduce a technology that makes their lives easier, you’d see a whole team’s morale just change completely,” she said.

Moreover, with feature management, there’s less risk of bringing down an application because of a problem in a single feature, she added. That means fewer emergency system fire drills in the middle of the night.

“If you use feature management, you just wake up, you go to the dashboard, and you toggle off that feature, and then maybe even go back to bed and deal with it in the morning,” Mazer said.

Learn about more security best practices and technologies shared during Federal News Network’s Industry Exchange Cyber.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.