BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Five Reasons Happy Developers Build In Better Security

Forbes Technology Council
POST WRITTEN BY
Brian Fox

Getty

Happier developers work harder, collaborate more and are better for business. But can happier developers really improve security?

Happy Developers Are More Productive

An Oxford study found that happy workers are 13% more productive. That's good news for companies going through DevOps transformations. Our recent survey of 5,045 software engineering professionals showed a strong tie between developer productivity and mature DevOps practices. Eighty-nine percent (89%) of developers in mature DevOps practices said they were capable of getting work done. Compare that to developers working within immature DevOps practices, and only 69% said the same thing.

Happy Developers Enable Easier Growth

Survey respondents revealed a strong correlation between mature DevOps practices and job satisfaction. Over 92% developers of mature DevOps organizations showed high levels of job satisfaction, compared to 61% of industry peers in immature DevOps practices.

Happy developers showed a strong desire to recruit others into their organizations. When asked if they would recommend their companies as a good place for others to work, 86% in mature DevOps shops gave their employers a thumbs-up, compared to 53% in immature practices. In highly competitive markets, a staff of happy employees makes it easier to show up to work each day, and makes recruiting easier.

Happy Developers Breed Innovation

The same Oxford research found that happy workers did not work more hours compared to their grumpier counterparts; they were more productive. Our survey participants showed a strong correlation to this finding, too.

Developers have told us every year that security is important but their time to spend on it is scarce. This year, 47% said they lacked enough time. So, security practices are finding their way into DevOps shops. Our data shows mature practices are doing more within the same time.

When asked which security tools were integrated and automated across their software development life cycles, a higher percentage of mature DevOps practices used tooling to identify security risks.

Gene Kim's book The Unicorn Project shares great insight into innovative work practices. He writes, "Microsoft still has a culture that if a developer ever has a choice between working on a feature or developer productivity, they should always choose developer productivity." Our survey demonstrates that developers are choosing the security advantages delivered through more integrated and automated tooling to make them more productive.

Happy Developers Care

Look around you. On any given day, you have colleagues working hard and others hardly working. Fewer people are engaged than you might imagine. A 2018 Gallup report noted only 34% of the U.S. workforce is engaged. The same study found that 16.5% of employees are "actively disengaged."

This dichotomy was apparent in our company survey when we looked at breach confirmations between the different groups. In what may look like a DevOps anti-pattern, we saw that 23% of mature DevOps practices had confirmed or suspected a breach tied to their use of known vulnerable open source components — compared to only 19% of immature DevOps practices. In some of the most mature DevOps practices, the breach confirmation rates bumped up to 28% of organizations.

We saw a similar pattern in our survey from last year. More mature DevOps practices confirmed higher levels of breaches. Why would this be the case? Our conversations with DevOps leaders pointed to mature cultures rewarding communication and collaboration. As Gene Kim wrote in The Phoenix Project, "To tell the truth is an act of love. To withhold the truth is an act of hate. Or worse, apathy."

Our recent survey also revealed that happy developers working within mature DevOps teams were 3.8 times less likely to rely on rumors to discover security issues. Think of mature DevOps teams as the "actively engaged" developers and immature teams as the "disengaged." The more you pay attention, the more tooling in place to support you, and the less you rely on rumors of activity demonstrates a higher propensity to give a damn — especially when it comes to protecting your organization's applications and the data tied to them.

Happy Developers Are Better For Business

In The DevOps Handbook, Gene Kim writes, "Imagine a world where product owners, Development, QA, IT Operations, and Infosec work together, not only to help each other, but also to ensure that the overall organization succeeds. By working toward a common goal, they enable the fast flow of planned work into production (e.g., performing tens, hundreds, or even thousands of code deploys per day), while achieving world-class stability, reliability, availability, and security."

When it comes to the fast flow of planned work into production, happy developers we surveyed were 1.8 times more likely to deploy to production multiple times a day compared to their grumpier counterparts. When considering teams that deployed changes to production at least once per week, 62% of happy developers made the cut compared to 43% of unhappy developers (a 1.4-times difference).

Happiness was also reflected in collaboration related metrics. For example, 28% of happy developers said they experienced "no friction" working with various roles in the organization, compared to 5% of their unhappy counterparts (a difference of 5.6 times). When looking at roles that created the most friction working together, 66% of unhappy developers pointed to executives or managers — a rate three times higher than happy developers.

Promote The Happy Factor

Happy developers not only get more work done and experience less friction doing it, but their organizations are more successful. For example, DORA's 2018 State of DevOps report revealed that elite DevOps organizations were 1.53 times more likely to meet or exceed their organizational performance goals. High performers are 1.38 times more likely to meet or exceed goals.

You can increase developer happiness by:

1. Fostering a fault-free environment that encourages experimentation.

2. Supporting ongoing educational opportunities.

3. Implementing automated tooling to pinpoint secure coding opportunities.

Happy developers are incredibly valuable. For those looking to build their business case for DevOps transformation, share evidence of the "happy factor." Happy developers are more productive, build more secure code, innovate faster and are better for business.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?