book

Policy Design in the Age of Digital Adoption

Name: Policy Design in the Age of Digital Adoption
Author: Ricardo Ferreira
ISBN: 9781801811743

by Ricardo Ferreira

May 2022

Intermediate to advanced

332 pages

6h 51m

English

Packt Publishing

Read now

Unlock full access

Policy Design in the Age of Digital Adoption
ContributorsAbout the authorAbout the reviewers
Preface
Who this book is forWhat this book coversTo get the most out of this bookDownload the color imagesConventions usedGet in touchShare your thoughts
Section 1: Foundation
Chapter 1: Introduction to Policy Design
The why, what, and how of policiesWhy policiesWhat is a policy?The how of policiesFrom design theory to policy implementationDesign thinking theoryDesign thinking processPersuasive system designAn overlay framework for designing policiesPolicy design – key issues, tools, designs over time, and effectivenessSuasion toolsAuthority toolsFinancial toolsConflict management Understanding the three Cs for effective policy designThe business value of digital policiesEffective digital programsGovernance agilitySummary
Chapter 2: Operationalizing Policy for Highly Regulated Industries
Highly regulated industries and their policy needsFinancial Services Industry (FSI)HealthcarePolicy through catalog controlsNational Institute of Standards and Technology Access controls for enforcing policiesSecurity principlesAccess controlsSummary
Chapter 3: Policy as Code a Business Enabler
Policies at speed – Policy as CodeSpeed as a business enablerThe rise of DevOpsEverything as codeGovernance agility – automating policiesThe challenges of digital governanceThe Cloud Center of ExcellenceBusiness benefits of PaCSummary
Section 2: Framework
Chapter 4: Framework for Digital Policies
Framework componentsFramework overview Challenge identificationPolicy designPolicy implementationEvaluationExploring the framework stagesReal-world examplesSummary
Chapter 5: Policy for Cloud-Native Environments
Technical requirements Cloud-native environmentsContainersServerless computingCaaS versus FaaSEvent-driven architectureNative policy constructs for FaaSComponentsNative policy constructs for CaaSComponentsResource policiesExamples of cloud-native policiesSummaryFurther reading
Chapter 6: Policy Design for Hybrid Environments
Technical requirements The challenges of hybrid environments Hybrid environmentsThe challenges within hybrid environmentsPolicy as Code in hybrid environmentsZero trust Automation, segregation, and enforcementDetective controlsPreventative controlsGovernanceDevSecOpsIAMAn example of a policy spanning hybrid environmentsSummary

Chapter 7: Building a Culture of PolicyOps
Technical requirements PolicyOps – designing, embedding, and managing policies PolicyOps as an augmentation to DevOpsThe benefits of PolicyOpsPolicy DLC – coherence, congruence, and consistency The three CsThe policy life cycleAgile policy design Speed as a key tenetPolicy design in practiceSummary
Section 3: Tooling
Chapter 8: Policy Engines
Technical requirements Policy enginesWhat is a policy engine?Pod Security PoliciesPod Security AdmissionKyvernoKyverno policiesArchitectureKyverno main benefitsSentinelSentinel policiesArchitectureBenefitsOpen Security Controls Assessment LanguageArchitectureOSCAL document propertiesK-RailK-Rail architectureK-Rail policiesjsPolicyjsPolicy architecturejsPolicy policiesSummary
Chapter 9: A Primer on Open Policy Agent
Technical requirements Open Policy Agent IntroductionArchitectureGetting started Use casesRegoIntroductionExamples in the Rego PlaygroundOpen Policy Agent extension and integrationAPI integrationExtending OPASummary
Chapter 10: Policy as Code Tool Evaluation
Technical requirements Cloud-native open source ecosystemsCloud CustodianSPIFFEParliamentVendor ecosystems HashiCorpStyraRegScaleOKTACSP-native capabilities AWSMicrosoft AzureGCPThe evaluation frameworkThe main pillarsEvaluationCMMISummary
Chapter 11: Cloud Providers Policy Constructs
Technical requirements Types of CSP policiesAdoptionRegulationsCSP-specificAWS native policy offeringsService control policies (SCPs)AWS Organizations AWS Control TowerAzure native policy offeringsAzure management groupsAzure PolicyAzure BlueprintsGoogle Cloud native policy offeringsOrganizational policiesGoogle Cloud FoundationPolicy AnalyzerSummary
Chapter 12: Integrating Policy as Code with Enterprise Workflows
Technical requirements Integration with existing enterprise workflow software Enterprise frameworksVendor ITSM Policy as Code automated life cycleCI/CDPolicy testingDesigning for automated policy enforcement across the enterprise Summary
Chapter 13: Real-World Scenarios and Architectures
Technical requirements A cost policy scenario Framework analysisAn authorization policy scenarioFramework analysisA service migration policy scenarioFramework analysisA compliance enforcement scenarioFramework analysisSummary
Why subscribe?
Other Books You May EnjoyPackt is searching for authors like youShare your thoughts

Overview

In "Policy Design in the Age of Digital Adoption," None Ferreira provides actionable insights into adopting and implementing Policy as Code (PaC) to streamline organizational digital transformation. Through this book, you'll understand the core concepts of policy design, learn about Open Policy Agent (OPA) and associated tools, and discover how to embed policies into existing organizational frameworks.

What this Book will help me do

Comprehend the challenges and opportunities of adopting Policy as Code within digital and cloud environments.
Gain proficiency in working with Open Policy Agent and utilizing its features for organizational benefit.
Learn a structured approach to integrating policies into business workflows using a PolicyOps framework.
Evaluate and choose suitable tools for implementing Policy as Code effectively.
Develop the ability to facilitate collaboration between technical and business teams in the context of organizational policy integration.

Author(s)

None Ferreira is a seasoned expert in cloud technologies, policy design, and DevOps practices. With years of hands-on experience in implementing digital transformation strategies, Ferreira provides a pragmatic and structured approach to adopting Policy as Code. They are passionate about helping organizations navigate the complex interplay of policy, technology, and business outcomes.

Who is it for?

This book is written for technology leaders like CIOs and CISOs, as well as DevOps architects, engineers, and security professionals. Readers should have a foundational understanding of cloud-native technologies, Infrastructure as Code, automation, and DevOps practices. If you're aiming to align technical implementations with overarching business objectives, this book is tailored for you.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

The Lost Art of Thinking in Large Organizations

Publisher Resources

ISBN: 9781801811743

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills