Security, legal considerations, internal controls and tracking for monitoring.
See, corporate means usually financial services. Money laundering is a thing here and there are deliberately checks and controls implemented as well as boundaries which don't allow for "deploy to PROD instantly" processes since they pose a red flag.
For example, PEN testing is mandatory as well as token handling to connect to the right backend.
Legal, as a hint, has a show stopping word in here. Every text, that surfaces, needs to be approved first, and also documented. "How inflexibel and anti-business" you might think, but here is the kicker: the wrong words as well as wording gets you into trouble faster than you can imagine.
Here is one example out of many dangerous mistakes, that cost you dearly besides a noticeable shitstorm:
We (one of the largest banks operating globally) were 2017 (!) already closely monitored which means, every change would not be undetected. And we are not talking about days later, but instantly, seconds later.
We have to follow certain obligations in certain countries to conform to legislation. So we are also obliged to incorporate changes, but these had to follow strictly the letters of the law. So if you deploy this change 5 minutes too early or too late for a specific day, you could be hit by a lawsuit. Ridiculous you might say and I somehow have to agree but my opinion does not play a relevant role here or better: won't change because I follow law while keeping my opinion.
And this is also something that disallows for the "vibe code to PROD" myth: Usually many teams and departments are involved.
I am glad I worked in corporate, because my understanding went from the cocky and totally arrogant "One team from us would beat you all easily. You are totally outdated." line to the "Well, now I understand that it is a difference to be under scrutiny globally and have to define responsibility as well as accountability depending on the context. And god forgive me, that I had no insights into a huge regulated machine, that has serious redundancy, however it works and rebels do more harm than good."
Security, legal considerations, internal controls and tracking for monitoring.
See, corporate means usually financial services. Money laundering is a thing here and there are deliberately checks and controls implemented as well as boundaries which don't allow for "deploy to PROD instantly" processes since they pose a red flag.
For example, PEN testing is mandatory as well as token handling to connect to the right backend.
Legal, as a hint, has a show stopping word in here. Every text, that surfaces, needs to be approved first, and also documented. "How inflexibel and anti-business" you might think, but here is the kicker: the wrong words as well as wording gets you into trouble faster than you can imagine.
Here is one example out of many dangerous mistakes, that cost you dearly besides a noticeable shitstorm:
We (one of the largest banks operating globally) were 2017 (!) already closely monitored which means, every change would not be undetected. And we are not talking about days later, but instantly, seconds later.
We have to follow certain obligations in certain countries to conform to legislation. So we are also obliged to incorporate changes, but these had to follow strictly the letters of the law. So if you deploy this change 5 minutes too early or too late for a specific day, you could be hit by a lawsuit. Ridiculous you might say and I somehow have to agree but my opinion does not play a relevant role here or better: won't change because I follow law while keeping my opinion.
And this is also something that disallows for the "vibe code to PROD" myth: Usually many teams and departments are involved.
I am glad I worked in corporate, because my understanding went from the cocky and totally arrogant "One team from us would beat you all easily. You are totally outdated." line to the "Well, now I understand that it is a difference to be under scrutiny globally and have to define responsibility as well as accountability depending on the context. And god forgive me, that I had no insights into a huge regulated machine, that has serious redundancy, however it works and rebels do more harm than good."