!!! info "GCP is now in General Availability, and we recommend everyone to deploy new apps there." We've also made a migration guide, for moving old apps from SBS and FSS to GCP!
Head over to the Slack channel [\#nais-i-sky](https://nav-it.slack.com/archives/C0190SV7KSN) if you have any questions.
NAIS is NAV's Application Infrastructure Service, an open source application platform that aims to provide our developers with the best possible tools needed to develop and run their applications.
If you are just starting out developing applications and wish to deploy them to NAIS, it is highly recommended to read through the Getting started section!
When you have a large development organisation, providing the developers with turnkey solutions (Wikipedia turnkey article, turnkey solution explained) for their most common needs can be a good investment.
This includes (but not limited to) logging, metrics, alerts, deployment and a runtime environment.
Within each of these aspects, we leverage open source projects best suited for our needs and provide them with usable abstractions, sane defaults and the required security hardening.
GitOps is a way of implementing Continuous Deployment for cloud native applications. It focuses on a developer-centric experience when operating infrastructure, by using tools developers are already familiar with, including Git and Continuous Deployment tools.
Read more over at gitops.tech.
GitOps: versioned CI/CD on top of declarative infrastructure. Stop scripting and start shipping.
For services from NAIS, a security assessment (ROS) has already been carried out. Teams who wish to use the service are responsible for assessing whether the security is sufficient for their use. Most safety assessments are documented in the PowerApps application TryggNok. Contact the NAIS team if you can´t find a relevant security assessment.
In NAV, we conduct Privacy Impact Assessments (PVK) to document that we operate in accordance with GDPR. Each team must have a PVK for the processing of personal data that they do. When a team adopts new technology, it may trigger a change in the privacy impact. If so, the team should update the PVK. ROS will often include information security, and can provide support in the completion of the PVK.
When a team wants to process personal data in a whole new way, the existing PVK might not cover this purpose. In this case, a new PVK is required in order to document the purpose and legal basis for the treatment. A legal coach from "juridisk seksjon" can assist with such an assessment.
The team can be found on Slack.
Also, follow us on Twitter @nais_io!