When Deluxe was struggling with reduced time-to-market for new features, they turned to harness to automate CI/CD processes and shift application security left.
Deluxe is a leading provider of payments and technology products, services, and platform solutions for businesses. Its solutions help businesses pay, get paid, and grow through a powerful scale that supports millions of small businesses, thousands of vital financial institutions, and hundreds of the world’s largest consumer brands, while processing approximately $3 trillion in annual payment volume. The company has grown over the years through multiple acquisitions, resulting in a wide and deep tech stack that includes multiple development languages, frameworks, and databases.
Deluxe grappled with the integration and standardization of technology and roles across its portfolio of on-premises and cloud-based products and services. The company also experienced slow quarterly releases, which resulted in delays and missed deadlines. They had no standardization or templatization for deployment pipelines, and they relied on manual processes and heavy scripting, resulting in slowed-down processes. Furthermore, they needed greater compliance, security, and governance.
Pankaj Gupta, Executive Director of Product and Software Architecture, observed that “there were no consistent or single architectural patterns or shareable technology patterns. Additionally, there were various technologies, and everyone was continuously changing them without thinking about a unified cloud strategy. This all hindered our go-to-market strategy.”
The gap created by these challenges manifested as reduced time-to-market for new features, impacting customer acquisition and retention.
To solve these challenges, Deluxe decided to standardize on cloud and started looking for a solution that would offer the flexibility and capabilities needed to achieve its goals. Harness was the solution that provided the company with the required automation capabilities to speed up the go-to-market strategy for its products and functionalities.
Moreover, Deluxe recognized the need to modernize its manual Jenkins environment as a key initiative to reduce time-to-market for new features. According to Andrew MacLean, Director of Software Delivery and DevOps, “When your customer depends on you for a solution, you better make sure it's there and it works."
The current toolset required an automated solution for its CI/CD process via an innovative and modern approach from Harness. This would enable a higher degree of automation and facilitate more frequent deployments. Furthermore, they could make sure of greater application security by orchestrating throughout the CI/CD process and much earlier in the software development lifecycle (SDLC) via the Harness Security Testing Orchestration (STO) module.
Harness significantly reduced the time spent on deployment activities – lowering overhead costs associated with building and maintaining their CI/CD pipelines by 72% for modern applications.
Already, Deluxe is seeing pipeline onboarding time decrease significantly, from two weeks to a few hours for modern applications by reusing the templates and connections. As Deluxe templatizes things further, the goal is to reduce it even more. In addition, they’re seeing time to onboard deployments decrease from two months to a couple of days for modern applications on already provisioned environments. MacLean commented, “We are building new pipelines in less than two hours and onboarding deployment in a few days. Harness has enabled our developers to deploy safely and faster than ever.”
Leveraging Harness STO for one pipeline alone, the team at Deluxe found 170 issues from one scanning vendor and deduplicated them down to just nine prioritized issues. Gupta remarked, “Harness STO automated the deduplication of outputs from a security scanning vendor, reducing the noise for my team by 95%. Now, we can focus on the top issues and tackle them quickly.”
Overall, Deluxe could deliver features faster, improve customer retention, and enhance the developer experience with Harness. They also created a collaborative DevSecOps culture, as well as improved security, compliance, and governance. Gupta confirmed this, saying, "Harness not only gave us the ability to automate our CI/CD pipelines but also brought consistency and standardization across all applications and teams."