There is a moment that most engineers who have worked in traditional organisations will recognise. A feature is built, tested, approved, and handed off to the operations team for deployment. Then it sits. Days pass. Questions are asked. The operations team raises concerns about the environment. The developers say it works on their machines. A ticket is opened. Another meeting is scheduled. Meanwhile, the business is waiting.
This is the "throw it over the wall" model — and for a long time, it was simply how software was delivered. Development built things. Operations ran things. The wall between them was organisational, procedural, and in many companies, almost physical.
DevOps is the recognition that this wall is not a feature. It is the source of most of the friction, most of the delays, and most of the incidents that plague software delivery. This article explains what DevOps actually is, where it came from, and what concretely changes when an organisation adopts it — not as a job title or a toolset, but as a philosophy.
Where the wall came from
The separation between development and operations was not arbitrary. It was a rational response to the conditions of the time.
In the era of on-premises servers and quarterly release cycles, it made sense to have specialists. Developers optimised for writing code. Operators optimised for keeping systems stable. The two concerns genuinely required different skill sets, and the cost of a failed deployment — which might mean downtime for a physical data centre, a rollback of weeks of work, or a Saturday night emergency — made caution the rational default.
The wall was a risk management tool. If operations controlled what went to production, they could gatekeep quality and protect stability. Developers, insulated from production concerns, could move faster in their development environments without worrying about breaking live systems.
The problem is that this model optimised each side of the wall in isolation, while making the overall system — the delivery of working software to users — slower, more brittle, and harder to reason about.
What the wall actually costs
The costs are not always visible because they accumulate gradually and get attributed to the wrong causes. But they are real and measurable.
Slow feedback loops. When developers do not see their code running in a production-like environment until late in the cycle, bugs compound. A defect found in development takes minutes to fix. The same defect found in production, weeks later, takes days — because context has been lost, because other code has been built on top of it, and because fixing production requires a formal change process.
Misaligned incentives. Development teams are measured on feature output. Operations teams are measured on stability and uptime. These two goals are structurally in tension: every new deployment is a risk to stability. The natural result is that operations becomes a bottleneck, not by malice but by incentive design. They are doing exactly what they are measured to do.
Knowledge silos that become single points of failure. When only the operations team understands the production environment, and only the development team understands the application, neither can fully diagnose incidents. The knowledge required to debug a production failure is split between two groups who are organisationally separated and, often, in different time zones.
Fear of deployment. In organisations with infrequent, high-stakes releases, deployment becomes an event rather than a routine. Events accumulate anxiety. Teams batch more changes into each release to amortise the overhead, which makes each release larger, which makes it riskier, which increases the anxiety. This is a reinforcing loop that produces exactly the opposite of what both sides want.
What DevOps proposes instead
DevOps does not propose eliminating specialisation. It proposes eliminating the handoff.
The core idea is that the team that builds a piece of software should maintain shared responsibility for its behaviour in production. Not necessarily that developers should do sysadmin work, or that operators should write feature code — but that both groups should be aligned around the same outcome: software that works reliably in front of users.
This shared responsibility changes everything downstream.
Continuous integration removes integration risk
In the old model, integration happened late — at the end of a development cycle, when all the branches were merged and thrown at the operations team. Late integration means late discovery of conflicts, incompatibilities, and environment-specific failures.
Continuous integration (CI) moves integration to the earliest possible moment. Every commit triggers an automated build and test suite. The question "does this code work with everything else?" is answered within minutes of writing it, not weeks later. Defects are caught while context is fresh and the fix is trivial.
The discipline required to implement CI well — short-lived branches, fast test suites, a culture of keeping the main branch deployable at all times — forces practices that reduce risk across the entire development process.
Continuous delivery makes deployment routine
Continuous delivery (CD) extends CI to the deployment process itself. The goal is that any commit that passes the automated pipeline can be deployed to production at any time — not that it is deployed automatically, but that it could be, with confidence.
When deployment is a routine, automated, well-understood process, several things change:
- Release size decreases — there is no longer any incentive to batch changes, because deploying is cheap
- Risk per release decreases — smaller changes are easier to reason about, easier to test, and easier to roll back
- Time to market decreases — features reach users as soon as they are ready, not when the next release window opens
- Incident recovery improves — when something goes wrong, rolling back or forward is a matter of triggering a known process, not a manual emergency procedure
Monitoring and observability close the feedback loop
In the old model, developers received feedback from production in one of two ways: a bug report from a user, or a ticket from the operations team. Both are slow, imprecise, and often arrive long after the relevant code has been forgotten.
DevOps practice treats observability — metrics, logs, traces — as a first-class product concern, not an operations afterthought. Developers instrument their own code. Performance dashboards are accessible to the teams that need them. Alerting is owned by the team that can act on it. The feedback loop from "code is deployed" to "we know how it is behaving" shrinks from days to minutes.
Access is role-appropriate, not unrestricted: security and compliance requirements still govern what raw data developers can query directly. The goal is not to give everyone access to everything, but to ensure that the people responsible for a service can see how it behaves — without filing a ticket and waiting three days for an ops team to extract a log.
This changes how developers think about what they build. When you can see how your code behaves in production, you write it differently. You add meaningful log lines. You expose the right metrics. You design for observability because you know you will need it.
The before and after, concretely
Abstract principles are useful, but what changes in practice is what matters. Here is a direct comparison between the two models across the dimensions that organisations feel most acutely.
- Releases every few weeks or months
- Manual deployment steps, written in a document
- Testing happens at the end of the cycle
- Developers learn about production failures from tickets
- Rollback means a manual, stressful procedure
- Environment configuration lives in the ops team's heads
- Deployment requires a change approval board
- Incidents trigger blame between dev and ops
- "Works on my machine" is an acceptable response
- Releases multiple times per day or week
- Deployment is automated and repeatable
- Testing is continuous, triggered on every commit
- Developers have controlled, role-appropriate access to production metrics
- Rollback is automated for stateless services; migrations require an explicit strategy
- Environment configuration is code, version-controlled
- Deployment automation reduces approval overhead; compliance gates still exist where required
- Incidents are reviewed for process improvement
- Environments are designed to be as close as possible; data and config differences are managed explicitly
DevOps is not a job title — and the wall does not disappear, it evolves
One of the most common misapplications of the term is using it to describe a role: "we are hiring a DevOps engineer." In many organisations, this means they want someone who can manage CI/CD pipelines and cloud infrastructure — which is a legitimate skill set, but it is not what DevOps means as a philosophy.
Hiring a "DevOps engineer" and placing them between development and operations does not remove the wall. It adds a person whose job is to bridge it. The wall is still there. The silos are still there. The misaligned incentives are still there. The only thing that has changed is that someone is now responsible for managing the friction rather than eliminating it.
In practice, mature organisations do not eliminate specialisation — they restructure it. The wall does not disappear; it evolves into something more intentional. This is where Platform Engineering enters the picture.
A Platform team builds and maintains the internal tooling — CI/CD pipelines, deployment abstractions, observability infrastructure, secrets management — that product teams consume as a service. Instead of each development team reinventing the same pipeline or managing their own Kubernetes namespace configuration from scratch, the Platform team provides a paved road: opinionated defaults that are easy to follow and hard to misuse. Development teams retain ownership of their services; the Platform team owns the delivery infrastructure underneath them.
This model resolves the tension between specialisation and shared ownership. The Platform team is a force multiplier: their work scales across every product team in the organisation. SRE teams, where they exist, own reliability standards and incident response frameworks. Development teams own feature delivery. The difference from the old model is not that everyone does everything — it is that the interfaces between teams are automated and explicit, not manual and opaque.
Real DevOps adoption, in whatever organisational shape it takes, requires shared goals, not just a new job posting. It means development teams taking accountability for how their code behaves in production. It means infrastructure teams building for developer experience, not just operational correctness. It means shared on-call responsibilities — the team that writes the code is also the team that gets paged when it breaks at 3am, which is a powerful incentive to write observable, resilient software.
You cannot buy DevOps. You cannot install it. You can only build the conditions under which it emerges: shared goals, short feedback loops, automation that removes manual gates, and a culture that treats failure as a learning opportunity rather than a reason to assign blame.
What the research actually says
The DevOps Research and Assessment (DORA) programme, now part of Google Cloud, has been measuring software delivery performance across thousands of organisations since 2014. Their annual State of DevOps report consistently identifies four key metrics that distinguish high-performing engineering organisations:
- Deployment frequency — how often code is deployed to production
- Lead time for changes — time from code commit to production deployment
- Change failure rate — percentage of deployments that cause a production incident
- Time to restore service — how long to recover from a production failure
Elite performers on these metrics — organisations that deploy multiple times per day, restore service in under an hour, and maintain a change failure rate in the 0–15% range — are not simply better at technology. They have specific organisational characteristics: loosely coupled architectures, teams with end-to-end ownership, deployment automation, and blameless post-mortems. These are cultural and structural properties, not technical ones.
Crucially, the DORA research also shows that high software delivery performance correlates with better business outcomes — higher profitability, larger market share, and greater ability to meet customer requirements. This is not coincidental. Organisations that can deliver software reliably and frequently can respond to the market faster, validate assumptions sooner, and compound learning more quickly than organisations that cannot.
Where to start — and what nobody tells you about the transformation
DevOps transformation is not a project with a start and end date. It is an ongoing shift in how an organisation thinks about software delivery. And it is genuinely difficult — not technically, but organisationally. Most failed DevOps initiatives fail not because the tooling was wrong, but because the cultural change was underestimated.
The most common pattern we see: a company adopts CI/CD tooling, declares itself "DevOps", and then finds that six months later the same handoff friction exists — it has just moved to a different part of the process. The wall was rebuilt around the new tools.
The resistance is real and often legitimate. Operations teams that have spent years being the last line of defence before production do not easily accept a model where code can go to production without their explicit approval. Developers who have never been on call do not immediately understand why reliability is a design constraint, not an operations problem. Senior engineers who have built expertise in a specialised domain can feel threatened by a model that asks them to broaden their responsibilities. These are not problems to be dismissed — they are change management problems that require honest conversation, not just a new pipeline.
With that context, here is where to actually start:
Start by removing a handoff, not by adding a tool. Identify one place in your delivery process where work stops and waits for another team. Understand why that handoff exists — often it is a legitimate quality gate in disguise. Automate the check, not the approval. When the check passes automatically, the approval becomes redundant.
Reduce cognitive load before you increase autonomy. Asking development teams to own their deployments without giving them good tooling is not empowerment — it is a burden transfer. The Platform Engineering model addresses this directly: build golden paths, opinionated defaults that make the right thing easy. A developer should be able to deploy a new service to production by following a well-documented, automated path — not by learning the internals of Kubernetes, Terraform, and the company's network topology simultaneously.
Shift security left, not out. Security reviews that happen after development is complete are expensive and disruptive. Integrating security checks into the CI pipeline — static analysis, dependency scanning, container image scanning, secret detection — catches issues when they are cheapest to fix and removes the security team as a deployment bottleneck. This is what "shift-left security" means in practice: moving the check earlier, not removing it.
Make deployment boring. The goal is a deployment process so well-understood and automated that it generates no anxiety. Start with staging. Document every manual step. Automate one step at a time. When staging deployments are trivial, extend the same process to production.
Instrument before you need it. Add structured logging, application metrics, and health endpoints to your services before something goes wrong. The worst time to build observability is during an incident.
Run blameless post-mortems — and actually mean it. When something breaks in production — and it will — the goal of the review should be to understand how the system allowed the failure to happen, not to find the person who caused it. This is easy to say and hard to sustain, especially in organisations where incidents have historically triggered blame. The first few post-mortems where leadership visibly protects the person who caused the outage and focuses the conversation on process are the ones that change the culture.
The costs that do not appear on a slide deck
No honest treatment of DevOps is complete without acknowledging what it costs — beyond the tooling budget.
On-call is a real burden. Shared on-call responsibility is a sound principle. It is also exhausting if not managed carefully. Teams that go from zero on-call exposure to full production ownership overnight experience burnout. The transition needs to be gradual, well-supported, and compensated — both financially and through investment in the reliability of the systems they are being asked to own.
Cognitive load increases before it decreases. Asking developers to understand deployment pipelines, infrastructure abstractions, observability tooling, and their own application simultaneously is a significant ask. This is exactly why the Platform Engineering model matters: its explicit goal, borrowed from Team Topologies, is to reduce the cognitive load on product teams by abstracting complexity into a well-maintained internal platform. Without that investment, "you own it end to end" becomes "you own everything and we gave you nothing to help."
The tools are not the transformation. Kubernetes, GitLab CI, Terraform, Prometheus — these are excellent tools. They are also frequently adopted as a substitute for the harder organisational work. A company can run a fully automated GitOps pipeline and still have a culture where deployments are feared, incidents trigger blame, and the development team throws tickets over a wall to a Platform team that gates production access. The tools enable the philosophy. They do not replace it.
Conclusion
The "throw it over the wall" model was a product of its time — a reasonable response to the constraints of quarterly releases, physical data centres, and specialised teams that rarely needed to communicate. Those constraints no longer exist for most software organisations, but the wall often remains, long after the conditions that created it have changed.
DevOps is not a technology trend or a passing methodology. It is a recognition that the organisations best positioned to deliver value through software are the ones where the people who build it and the people who run it are working toward the same goal, with the same information, in the same feedback loop. In practice, that means Platform teams building golden paths, SRE teams setting reliability standards, development teams owning their services end to end — all within a culture that treats incidents as learning opportunities and deployment as a routine, not an event.
The wall was never a feature. Replacing it with intentional, automated interfaces between teams is not easy, and it is never fully done. But the organisations that commit to it — honestly, including the friction, the on-call burden, and the change management work — consistently outperform the ones that do not, on every metric that matters to the business.
Want to experiment with local AI responsibly?
We help teams and companies design local, private and governable AI environments, balancing technical freedom, security, policy and operational control.
Start the conversation