Deluxe Corporation Modernizes Deployments and Automates DevSecOps Processes with Harness

Harness Impact 

• Lowered overhead costs associated with building and maintaining their continuous integration/continuous development (CI/CD) pipelines by 72% for modern applications.
• Decreased new pipeline build times from 2 weeks to a few hours for modern applications by reusing the templates and connections.
• Reduced time to onboard deployments from 2 months to a couple of days for modern applications on already provisioned environments. 
• Decreased code security issues noise by 95% with STO.

About Deluxe Corporation

Deluxe is a leading provider of payments and technology products, services, and platform solutions for businesses. Its solutions help businesses pay, get paid, and grow through a powerful scale that supports millions of small businesses, thousands of vital financial institutions, and hundreds of the world’s largest consumer brands, while processing approximately $3 trillion in annual payment volume. The company has grown over the years through multiple acquisitions, resulting in a wide and deep tech stack that includes multiple development languages, frameworks, and databases.

Challenge: Reduced Time-To-Market for New Features

Deluxe grappled with the integration and standardization of technology and roles across its portfolio of on-premises and cloud-based products and services. The company also experienced slow quarterly releases, which resulted in delays and missed deadlines. They had no standardization or templatization for deployment pipelines, and they relied on manual processes and heavy scripting, resulting in slowed-down processes. Furthermore, they needed greater compliance, security, and governance.

Pankaj Gupta, Executive Director of Product and Software Architecture, observed that “there were no consistent or single architectural patterns or shareable technology patterns. Additionally, there were various technologies, and everyone was continuously changing them without thinking about a unified cloud strategy. This all hindered our go-to-market strategy.”

The gap created by these challenges manifested as reduced time-to-market for new features, impacting customer acquisition and retention. 

Solution: Automating CI/CD Processes and Shifting Application Security Left

To solve these challenges, Deluxe decided to standardize on cloud and started looking for a solution that would offer the flexibility and capabilities needed to achieve its goals. Harness was the solution that provided the company with the required automation capabilities to speed up the go-to-market strategy for its products and functionalities.

Moreover, Deluxe recognized the need to modernize its manual Jenkins environment as a key initiative to reduce time-to-market for new features. According to Andrew MacLean, Director of Software Delivery and DevOps, “When your customer depends on you for a solution, you better make sure it's there and it works."

The current toolset required an automated solution for its CI/CD process via an innovative and modern approach from Harness. This would enable a higher degree of automation and facilitate more frequent deployments. Furthermore, they could make sure of greater application security by orchestrating throughout the CI/CD process and much earlier in the software development lifecycle (SDLC) via the Harness Security Testing Orchestration (STO) module.

Results: Building Pipelines Faster, Reducing Security Scanner Noise by 95%

Harness significantly reduced the time spent on deployment activities – lowering overhead costs associated with building and maintaining their CI/CD pipelines by 72% for modern applications.

Already, Deluxe is seeing pipeline onboarding time decrease significantly, from two weeks to a few hours for modern applications by reusing the templates and connections. As Deluxe templatizes things further, the goal is to reduce it even more. In addition, they’re seeing time to onboard deployments decrease from two months to a couple of days for modern applications on already provisioned environments. MacLean commented, “We are building new pipelines in less than two hours and onboarding deployment in a few days. Harness has enabled our developers to deploy safely and faster than ever.”

Leveraging Harness STO for one pipeline alone, the team at Deluxe found 170 issues from one scanning vendor and deduplicated them down to just nine prioritized issues. Gupta remarked, “Harness STO automated the deduplication of outputs from a security scanning vendor, reducing the noise for my team by 95%. Now, we can focus on the top issues and tackle them quickly.”

Overall, Deluxe could deliver features faster, improve customer retention, and enhance the developer experience with Harness. They also created a collaborative DevSecOps culture, as well as improved security, compliance, and governance. Gupta confirmed this, saying, "Harness not only gave us the ability to automate our CI/CD pipelines but also brought consistency and standardization across all applications and teams."