Book Review of The Phoenix Project
There is a great book out right now about devops and how it impacts your business. It is really good and you should definitely read it and buy 3 copies for your friends (or give those 3 copies to the people in your org stuck in 1997 doing waterfall and doing monthly or quarterly releases but I digress).
The Amazon.com teaser for the book reads:
Bill is an IT manager at Parts Unlimited. It’s Tuesday morning and on his drive into the office, Bill gets a call from the CEO.
The company’s new IT initiative, code named Phoenix Project, is critical to the future of Parts Unlimited, but the project is massively over budget and very late. The CEO wants Bill to report directly to him and fix the mess in ninety days or else Bill’s entire department will be outsourced.
With the help of a prospective board member and his mysterious philosophy of The Three Ways, Bill starts to see that IT work has more in common with manufacturing plant work than he ever imagined. With the clock ticking, Bill must organize work flow streamline interdepartmental communications, and effectively serve the other business functions at Parts Unlimited.
In a fast-paced and entertaining style, three luminaries of the DevOps movement deliver a story that anyone who works in IT will recognize. Readers will not only learn how to improve their own IT organizations, they’ll never view IT the same way again.
What I really liked about this book is that this book exposed me to some new concepts and made some concepts that I was familiar with but didn’t understand more digestible and practical. For instance, the book covers value stream mapping. I had heard of it before, and I know it is something that all the Lean hipsters get excited about, but I couldn’t do it myself or walk someone through the process of how to do it. When the team went through the value stream mapping exercise, it was super useful for me and I feel like I could do it or would at least know how to get started with that.
That is one of many examples, and the book is full of great insights like this as it exposes concepts or ideas that you may be familiar with but wouldn’t be able to execute or perform yourself. The authors include quotes and ideas from Deming to Goldratt to Humble to Allspaw and do is in such an elegant way so that they paint a picture of what a good IT organization should look like.
The team in the book working to transform the organization also included the security guy. The security guy himself was a the complete personification of a phoenix (the mythical creature) maybe even more than any other character in the book as he completely rose from the ashes and transformed into someone who added value to the business instead of being a drain on resources. At the start of the book you got the feeling he was rooting for the business to fail the audit so the organization would have to pay penance for all their security sins. By the end of the book he was promoting rugged ideals and helping to inject security in the dev cycle with security testing being done at every code change. Being one of the core contributors to the gauntlt project, this was near and dear to my heart. I strongly believe that you need to security testing on every code commit and that security testing shouldn’t wait until the annual PCI audit but should be codified into the dev environment. (These are the drivers behind gauntlt and you can find out about how we do it from this AppSec USA video.)
I am still processing how this book will shape my philosophy about work and my career but I got excited about the significance of this quote, “In ten years, I’m certain every COO worth their salt will have come from IT.” The future is bright and technology can be a significant business advantage.
We are at the dawn of a new era in IT and The Phoenix Project can be your guide.