DevSecOps, IT Operations, InfraOps, DevOps – is there a difference?


The last few years have seen a proliferation of terms, but what is the actual difference between them, where do they overlap – or is it all just buzzwords? So what does a DevOps, a DevSecOps, an InfraOps or IT Operations engineer actually do? And what happens, if the role becomes that one of an “Agile InfraOps engineer”?

On the basis of job descriptions the answer seems to be: read the requirements first, as there does not seem to be a lot of agreement between roles, even though they may carry the same title. In reality there is probably a significant overlap between all of these areas and every company will do things differently depending on:

  • The overall approach: are you using an Agile approach and if so, in what areas is it implemented?
    1. Is it IT-/company-pervasive or does it apply only to select areas?
      Is the focus more on technology, culture, mindset or does it cover all of them?
      Which items does it include, i.e. from the above abbreviations is Security, Business and Applications part of the agile approach?
  • Size of the company: a larger company will usually split IT delivery into a larger number of teams with their own specialisation or area(s) of responsibility.
  • Use of partners and their inclusion (or not) in the various areas of Operations and Development, i.e. how do you best integrate a Managed Service Provider or Consulting Partner?
  • Regardless of the term used, the aim should be to:
    1.Deliver more often
    2.Reduce impact and risk
    3.Reduce delivery effort
    4.Increase security

    What ultimately matters is the outcome and not the terminology. While the terms below will create an initial view, the implementation will vary on each environment and implementation.

  • DevOps – combining Development and Operations with all staff having development skills and being equally responsible for Operations, resulting in developers quickly identifying and resolving issues as they are familiar with the applications.
  • InfraOps – Infrastructure Operations (cloud or on-premise; virtualised, containerised, serverless or physical) or Infrastructure Optimisation with a focus on automation and simplification.
  • DevSecOps – DevOps with Security integrated into the team, ensuring that Security is not an afterthought or becomes a blocker.
  • All of these approaches will depend on staff willing and interested to adapt and learn continuously, a good framework for automation, orchestration and instrumentation, and company support to develop new ways of working and new products.