The Future Belongs to Value Stream Management

Our society continues to digitize and businesses must undergo digital transformations to adapt and remain competitive as end users seek more online mediums of consumption. The increased demand for mobile apps will expose companies to three key, unique drivers pertaining to mobile app deployment that will encourage the investment into and adoption of value stream management platforms designed for mobile

What is a Value Stream Management Platform? 

What constitutes a value stream management platform (VSMP)? As defined by Gartner, a VSMP should possess most, if not all, of the key capabilities listed below: 

• Flow Metrics. Provide metrics that convey relevant information regarding the efficiency and quality of a given value stream. Examples include lead time, cycle time, and flow efficiency. 
• Governance. Enforce the security of underlying intellectual property and compliance with federal/state regulations and/or internal company policies.
• Reliability. Measure reliability indicators and objectives.
• Orchestration. Manage a product workflow, from development to deployment, by implementing automated or manual control gates wherever appropriate. 
• Collaboration. Promote the seamless collaboration of multiple different teams, whether it’s working together simultaneously or handing off the product with each progression through a product workflow.
• Tools Integration. Connect with CI/CD pipelines and other third-party DevOps/IT tools that are not currently owned by the respective company. 
• Change Risk Analytics. Analyze workflows and business data to minimize risk pertaining to executing changes.
• Business Outcome Metrics. Measure customer satisfaction, development costs, and revenue flow from rolling out new features. 

If Life Hands You Data, Make Flow Metrics 

For the most part, multiple technologies and services are used within a single value stream product workflow, and coordinating the handoffs can be challenging. When using value streams at the enterprise level, say for a company’s entire mobile app portfolio, that challenge scales to be immensely daunting. Take mobile app deployment as an example to which value stream principles can be applied. A company could be using one or more code repositories (such as GitHub or GitLab) which serve as the end of the development cycle, and the beginning of a deployment flow. Then there’s app signing and app distribution, requirements for which differ vastly depending on the OS platform (that is, iOS or Android). Some companies may apply technology to add new functionality to the app during the deployment flow. The app may need to be scanned to find any security vulnerabilities that were introduced. The key takeaway is that at least one, if not more, technology or service is involved with each step of the mobile app deployment process and that deployment data is generated. 

A VSMP will record and analyze that data to generate and compile flow metrics that will enable IT operations teams to make well-informed decisions regarding optimization of value streams. Flow metrics enable IT operations teams to gauge the efficiency and health of a value stream in question. Organizational level flow metrics provide the ability to evaluate how a particular value stream is performing when compared to others. Flow metrics also offer a crucial advantage by providing end-to-end visibility of entire workflows so that IT operations teams can determine which areas of a value stream need to be optimized to boost overall efficiency. For example, teams might notice that the wait time for the app signing stage is taking longer than expected. They can then act on it to reduce the idle time of the app. 

Third-Party Products EVERYWHERE

Companies may choose to outsource the task of developing a mobile app either to save time or monetary resources. When doing so, the most ideal outcome would be the immediate deployment of the mobile app to end users, but this is rarely the case. Oftentimes, there are modifications to the mobile app that IT operations teams must consider and implement, such as adding security features or new capabilities on top of the existing set. Unfortunately, the mobile app product’s source code may not be available to the company that’s deploying the app because granting access would surface many problems for the vendor that created the app. Even if the source code is provided, IT operations teams are most likely not resourced with mobile app developers who can write code to integrate SDKs. 

Companies have the option of sending the product back to the third-party vendor to have the desired functionality added. The issue with this solution is that the vendor is not beholden to modification requests after the product is delivered. If not outright rejected, requests may take a long time to be completed because the vendor will most likely have transitioned to another project for another client. 

On the other hand, when mobile apps are developed in-house, IT operation teams will often have to ensure that post-development modifications can be made as well, either to ensure compliance with policies (such as the ability to secure data in apps used on mobile devices not managed by the company) or to add new functionality (such as the ability to report on app usage metrics). For example, to comply with corporate security policies during mobile app deployment, IT operations may want to make an app manageable by the unified endpoint management (UEM) solution used by the company. Rather than inefficiently sending the mobile app back to development teams, who may have already started working on another project, a better approach would be to find a way to enable IT operations teams with the ability to make these modifications themselves during mobile app deployment. 

Value stream management for mobile helps to alleviate the app deployment process for IT operations teams, as they now have ownership for deploying apps that come from third-party vendors or from internal development teams that require further modifications using third-party software components. VSMPs connect with existing CI/CD pipelines and can integrate and orchestrate IT tools not owned by the respective company while providing simultaneous end-to-end visibility of the entire workflow. In addition to struggling with using and managing multiple third-party tools, most IT operations teams don’t have the same familiarity with the various app deployment activities that developers do and, as a result, often have to relearn how to perform tasks. VSMPs address this concern because they heavily emphasize automation, which reduces the need for human input wherever appropriate to increase consistency among other benefits. Lastly, VSMPs would help increase companies’ ROI as they would identify areas where third-party technologies already licensed can be integrated and put to use again. 

Privacy. Enough Said.

Regulations play a critical role in the products and services, which include mobile apps, that are made available to end users. As technology becomes more and more intertwined with our daily lives, so increases the general public’s concerns for the protection of their sensitive data and information. Companies are concerned that the intellectual property in their products could be stolen. There are various industry-specific regulations that must be adhered to. For example, PCI DSS is important for Financial Services companies, while HIPAA matters for Healthcare companies. In heavily regulated industries, having a reliable audit trail is highly valued. For example, in the context of a mobile app deployment, there would be great interest in always being able to answer the question of “who did what” prior to the app being deployed. IT operation teams should prepare to face and comply with stricter external regulations and/or internal company policies moving forward.

The COVID-19 pandemic increased consumers’ demands for more online mediums of consumption and thus rapidly accelerated businesses’ adoption of digital transformation initiatives in order to remain competitive. However, this quick transition opened the door to potentially detrimental cyberattacks that could jeopardize the security of the company’s sensitive information. A 2020 report found that 41% of remote workers experienced cybersecurity incidents when transitioning from an office setting to a work-from-home setting. Therefore, as companies look to deploy more and more mobile apps that will play a role in the transition from the office to the home, they must ensure that these products will not be vulnerable to cyberattacks aiming to steal sensitive company information.

Value stream management would significantly help IT operations teams ensure that they comply with external regulations and/or internal company policies. These platforms would have audit trails that teams can refer back to and to use as evidence of compliance. In addition, for mobile app deployment, VSMPs can maintain accountability by keeping an active record for a given app of the individuals who modified and signed it, integrated various enhancements to it, and/or pushed it to either an app store or enterprise app catalog.