Telecommunications Giant Sets the Stage for Scalable, Resilient, and Secure Software Development with JFrog

Company Overview

According to TechReport, global revenue for the telecommunications industry is estimated to reach $1.58 trillion by 2028. With global 5G subscriptions forecasted to increase by 330 percent in the next 6 years, such steeply rising demand requires outsized efficiency, flexibility, and scalability of software development organizations within this sector.

This top international telecom company, with over $120 billion in revenue and 20,000 developers, serves 300 million customers worldwide. In response to the executive order tightening software security requirements and rapidly growing demand for telecom services, this and other telecom companies are pressed to improve shift-left security practices while sustaining or improving developer efficiency and productivity.

To accomplish these mission-critical objectives, telecom businesses are embracing essential trends, including security tool consolidation, cloud migration, and leveraging AI solutions. These strategic moves aim to boost productivity, ensure high uptime, improve user experience, and mitigate the risk of security breaches arising from software vulnerabilities.

Before the events laid out in this story, the company had already been using the JFrog Software Supply Chain Platform. The emergence of the challenges discussed below and team recommendations, led this organization to expand its usage of the JFrog Platform.

Challenges

The company’s software development organization was running on one huge monolithic repository on Sonatype Nexus, with 80% of their developers reliant on this single repository. When the service went down, everything went down. Frequent system outages directly affected their delivery and development productivity.

In an initial attempt to resolve these issues, the organization split its artifact repository instances into two; with one self-hosted and created another backup repository on Azure that they kept refreshing from time to time. They also dedicated an entire team to handling the effects of frequent outages. They also used overlapping security tools for vetting third-party code and open-source packages to prevent vulnerabilities from entering into their software supply chain. But, despite all of these solutions, they didn’t have an effective way of enforcing secure development practices and staying ahead of zero-day vulnerabilities.

With Sonatype unable to provide a scalable, flexible, and unified enterprise solution, the DevOps team realized they needed to make a more committed shift to the cloud with a new Software Supply Chain Platform that offered these key capabilities:

• High availability for improved developer and end-user experience
• Federated repositories for automatic multi-site replication
• Integrated security scanning and contextual analysis for scalable shift-left security
• Unified platform for greater developer efficiency and accountability

In addition to automating replication and syncing developer permissions across instances, the platform also needed to provide high traceability and auditability to maintain airtight compliance as required by the telecom industry. Further, transitioning to a SaaS solution would solve the challenges listed above. The urgent need for all of these features led to conversations around expanding their use of the JFrog Platform.

Solution

Before discussing individual features, the JFrog Platform’s support for 99.9% uptime guarantee was the first major differentiator. Rather than dealing with outages every 2 weeks with their previous solution, the company was finally able to achieve true High Availability.

Moving to the JFrog Platform also gave this telecom company a modernized repository structure with federated local repositories for automatic synchronization, enabling an integrated developer experience with greater visibility and measurement. It also greatly improved the ease of repository maintenance and organization. This allowed for a much-improved developer experience, streamlining the software development process.

A central requirement was architecting a solution, by the JFrog team, that enables a seamless migration experience for both the business and the developers.

With JFrog Security, the company is finally able to consolidate its security efforts. Their long-term goals include supporting AI rollout with risk control and achieving end-to-end software supply chain security.

• High Availability: The downstream results of sustaining 99.9% uptime with JFrog SaaS not only greatly improve developer experience, but preserve customer trust as well.
• Scalability & Resilience: Moving to JFrog also allowed for synchronization across instances, enabling a single source of truth for greater scalability, traceability, and auditability.
• Streamlined Security: Migrating to JFrog made security a much more automated and scalable process with efficient detection and remediation of vulnerabilities.

In addition, among other integrations, JFrog’s unique partnership with GitHub allowed this company to meet all their software development needs where their previous solutions fell short.

JFrog SaaS architecture for telecom company

Results

In essence, the JFrog Platform enabled:

• Developer efficiency – The platform provides developers with tools to easily manage software components and streamline their workflows.
• Tool consolidation – The platform eliminates the need for multiple disjointed tools and simplifies the development process for improved productivity.
• Process standardization – A single source of truth helps improve collaboration, maintain process integrity, and enforce best practices across teams.
• Security – The platform integrates security into the SDLC with capabilities like vulnerability scanning, license compliance, access control, and proactive risk mitigation.

Not only did The JFrog Platform provide a technical solution for consolidated development, operational, and security practices, but it also contributed to these crucial commercial achievements:

• Reduced downtime
• Streamlined operations
• Ability to further scale

Software outages have negative impacts on business operations and customer trust. Implementing a strategy that replicates all artifacts and permissions across instances ensures that the company’s internal and external customers remain unaffected. It also increases confidence in their capability to deliver secure and high-quality applications, consistently, on schedule, and within budget.

With JFrog’s advanced automation, developers now experience a more user-friendly process for storing, securing, and retrieving source code, binaries, libraries, and dependencies. Having a single source of truth for all software artifacts simplifies operations and facilitates faster incident response. Streamlining these tasks enhances efficiency and promotes a seamless experience from code to production. This enables greater scalability and increased compliance – crucial in telecoms.

Migrating to JFrog SaaS successfully resolved the company’s challenges, yielding high availability, scalability, full traceability and auditability, increased shift-left security, and improved developer productivity. This transition enabled them to streamline processes across development, operations, and security for more efficient, secure delivery of applications while saving time and resources.

We invite DevOps professionals from the telecommunications industry to start a free trial and see how the JFrog Platform transforms enterprise software development.

Products
The JFrog Platform, JFrog Artifactory, JFrog Advanced Security

Partners & Integrations
GitHub, Microsoft Azure

JFrog Services
Professional Services, Platinum Support

Additional Resources
White Paper:       Cloud Migration 101
Solution Sheet:   Get Ready for High Availability
White Paper:       Artifact Management: Best Practices for Scalability and Growth