The Future of Enterprise IT - Lessons Learned

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Jonathan Allen - AWS Enterprise Strategy
2018
The Future of Enterprise IT:
Lessons Learned

Personal career timeline
System
Integrator
Energy
Sector
1996 1998 2000 2017

Compelling reasons to move Cloud
Agility/dev
productivity
Digital
transformation
Data center
consolidation
Cost
Reduction
Large scale
compute intensive
workloads
Acquisitions
or divestitures
Colocation
or outsourcing
contract changes
Facility or
real-estate
decisions

and move faster
What if you could devote more resources to
the things that matter
while being more secure?

Largest Number Of Enterprise Customers

People Challenge - Reskilling
Achieving organizational flow
Technology Hurdles – Account setup
What we’ll cover:

Methods and Principles of
Modern Product Development
DevOps
Interface for getting stuff
built and released
Agile Teaming
The organizational glue
that keeps release cycle
moving continuously
Design Thinking
Interface to customer and
feedback loop

Practical Principles: Agile
1. Rip the Band-Aid off, but have mercy
2. Keeping it real…and small
3. Show something every sprint
4. Trap: Agile by the book
Use release maps
Two pizza team model
Power of the demo
Find your agile center

ContinuousTesting
Always
Be
Testing
Concept
Hypothesis
A/B
MVP
Development
Functional
Acceptance
Performance
Security/Compliance
Deployment
Functional
Acceptance
Performance
Security/Compliance
Canary
Production
ProdTesting
Chaos Engineering
UserTesting Feedback

How Amazon Achieves Flow
Working
Backwards
From the customer
Two Pizza Teams
Run what you build
Microservices
Speed and agility

Write the Press Release:Think big and focus on the
customer need
Write the FAQ: Customer and internal stakeholder
Define the user interaction and write the manual
Working backwards
from the customer
PR

AmazonAchieves Speed andAgility withTwo-PizzaTeams
Small,
decentralized
teams are nimble
Own/run
what you
build

Developers MonolithicApplication Delivery Pipeline
Build Test Release
Monoliths: Slow and Rigid

Microservices: Speed and Agility
Developers Microservices Delivery Pipelines
Build Test Release
Build Test Release
Build Test Release

Microservices Principles
Single Purpose
API-based
Highly-decoupled
http://

Quickly Scaling
Winning Ideas
Rapid Adoption of
New Capabilities
Reducing Cost
of Failure
Impact of Cloud on
Product Development

r
Products & Services
CTO/VP Applications
Digital Products, Brand
Websites, Mobile
Applications, Point of Sale
Systems, Commerce
E-mail, Productivity,
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
Desktop Support, Device
Management, Telephony,
IT Support
End User Computing
VP IT Support
Encryption, Key Management, Identity
Management, Firewalls, IDS, DDoS
Information Security
CISO
Traditional Enterprise IT

r
Products & Services
CTO/VP Applications
Websites, Mobile
Systems, Commerce
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
IT Support
End User Computing
VP IT Support
CISO
Infrastructure/Delivery
VP Infrastructure

r
Products & Services
CTO/VP Applications
Websites, Mobile
Systems, Commerce
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
IT Support
End User Computing
VP IT Support
CISO
VP Infrastructure PMO Engineering Operations Design

r
Products & Services
CTO/VP Applications
Back Office Systems
CIO/VP Corp Systems
End User Computing
VP IT Support
Future of Enterprise IT – Hybrid state
VP Infrastructure
Cloud CoE

“Declare a Bold Cloud Objective”
Single-threaded leader

2-pizza cloud business office
Procurement CISO CFO Head of
Infrastructure
Head of
Delivery
Engineering Risk Leader
Audit Leader
HRLegal
Single-Threaded Leader
!

i
!

Questions parking lot
Create your questions parking lot

Amazon.com
Big Data & Analytics
Business Apps
Migration Acceleration Program
Compute Options
Contracts & Legal
Database Options
Container Options
Desktop & App Streaming
DevOps
Management Apps
Digital Transformation
Edge Services
Enterprise Strategy
General AWS Topics
Industry Specific Solutions
Internet of Things
Machine Learning
Mobile Options
AWS Executive Briefing Sessions
AWS Cloud Adoption Framework
AWS Well Architected Framework
AWS Migration Acceleration Program

“If you can't feed a team with two pizzas,
the team is too large.”
- Jeff Bezos
Step 1: Build a two-pizza Cloud Tiger Team

Product Manager
Cloud Adoption Framework – People Perspective
Step 2: Staff your Cloud Tiger Team

Lead Architect

Infrastructure Engineers
Leadership

Security Engineers
LeadershipInfrastructure

Operations Engineers
LeadershipInfrastructure Security

Application Engineers
Operations

Operations
Applications

On-Boarding
Finance
Enterprise
Architecture
Change Mgmt
Communications
Governance
LeadershipInfrastructure SecurityOperationsApplications
Engineering teams will specialize in an area, but will have a
common set of skills shared across all product teams
Operations
Engineering
Infrastructure
Engineering
Security
Engineering
Cloud Business Office
(Leader)
Cloud Engineering
(Leader)
Scale beyond the “two-pizza” team

Security
objectives
Availability
objectives
Cost
objectives
AGREEMENT
Get clear on your objectives
Feature & TTM
objectives
Compliance
objectives

Get clear on your objectives Cost
21%
1%
2%
42%
26%
8%
Facility (lease/power/maint)
Facility Improvements
Connectivity
Hardware - Refresh/Growth
Hardware - Buildout
Software
84%
16%
Cloud
Software
On-Premise AWS
5-Year On-Premise vs. Cloud Costs = (GAAP) savings of 68.9%

Get clear on your objectives Cost
“Declare a Bold Cloud Objective”

Customer
AWS
AWS is responsible for
security of the cloud
Customer is responsible for
security in the cloud
Customer data
Platform, applications, identity, & access management
Operating system, network, & firewall configuration
Client-side data encryption &
data integrity authentication
Server-side encryption
(file system &/or data)
Network traffic protection
(encryption/integrity/identity)
Compute Storage Database Networking
Edge
locations
Regions
Availability Zones
AWS Global
Infrastructure
Get clear on your objectives Security

AWS has a deep set of security tooling
Virtual Private Cloud
Isolated cloud resources
Web Application Firewall
Filter malicious web traffic
Shield
DDoS protection
Certificate Manager
Provision, manage, and
deploy SSL/TSL certificates
Networking
Key Management Service
Manage creation
and control of
encryption keys
CloudHSM
Hardware-based
key storage
Server-Side Encryption
Flexible data
encryption options
Encryption
IAM
Manage user access
and encryption keys
SAML Federation
SAML 2.0 support
to allow on-premises
identity integration
Directory Service
Host and manage Microsoft
Active Directory
Organizations
Manage settings for
multiple accounts
Identity & management
Service Catalog
Create and use standardized
products
Config
Track resource inventory
and changes
CloudTrail
Track user activity and
API usage
CloudWatch
Monitor resources
and applications
Inspector
Analyze application security
Compliance
Macie
Discover, classify & protect data
Security

Certifications & attestations Laws, regulations, and privacy Alignments & frameworks
Cloud Computing Compliance Controls
Catalogue (C5)
🇩🇪 ✔ CISPE 🇪🇺 ✔ CIS (Center for Internet Security) 🌐 ✔
Cyber Essentials Plus 🇬🇧 ✔ EU Model Clauses 🇪🇺 ✔ CJIS (US FBI) 🇺🇸 ✔
DoD SRG 🇺🇸 ✔ FERPA 🇺🇸 ✔ CSA (Cloud Security Alliance) 🌐 ✔
FedRAMP 🇺🇸 ✔ GLBA 🇺🇸 ✔ Esquema Nacional de Seguridad 🇪🇸 ✔
FIPS 🇺🇸 ✔ HIPAA 🇺🇸 ✔ EU-US Privacy Shield 🇪🇺 ✔
IRAP 🇦🇺 ✔ HITECH 🌐 ✔ FISC 🇯🇵 ✔
ISO 9001 🌐 ✔ IRS 1075 🇺🇸 ✔ FISMA 🇺🇸 ✔
ISO 27001 🌐 ✔ ITAR 🇺🇸 ✔ G-Cloud 🇬🇧 ✔
ISO 27017 🌐 ✔ My Number Act 🇯🇵 ✔ GxP (US FDA CFR 21 Part 11) 🇺🇸 ✔
ISO 27018 🌐 ✔ Data Protection Act–1988 🇬🇧 ✔ ICREA 🌐 ✔
MLPS Level 3 🇨🇳 ✔ VPAT/Section 508 🇺🇸 ✔ IT Grundschutz 🇩🇪 ✔
MTCS 🇸🇬 ✔ Data Protection Directive 🇪🇺 ✔ MITA 3.0 (US Medicaid) 🇺🇸 ✔
PCI DSS Level 1 💳 ✔ Privacy Act [Australia] 🇦🇺 ✔ MPAA 🇺🇸 ✔
SEC Rule 17-a-4(f) 🇺🇸 ✔ Privacy Act [New Zealand] 🇳🇿 ✔ NIST 🇺🇸 ✔
SOC 1, SOC 2, SOC 3 🌐 ✔ PDPA—2010 [Malaysia] 🇲🇾 ✔ Uptime Institute Tiers 🌐 ✔
PDPA—2012 [Singapore] 🇸🇬 ✔ Cloud Security Principles 🇬🇧 ✔
PIPEDA [Canada] 🇨🇦 ✔
🌐 = industry or global standard Agencia Española de Protección de Datos 🇪🇸 ✔
Get clear on your objectives Compliance

Availability Downtime per year Categories
95% (1-nine) 18 days 6 hours
Batch processing, data extraction,
load jobs
99% (2-nines) 3 days 15 hours Internal tools, project tracking
99.9% (3-nines) 8 hours 45 minutes Online commerce
99.99% (4-nines) 52 minutes Video delivery, broadcast systems
99.999% (5-nines) 5 minutes Telecom industry (ATM Transactions)
Availability

Part X Part Y
A = AX AY
Availability

Component Availability Downtime
X 99% (2-nines) 3 days 15 hours
Y 99.99% (4-nines) 52 minutes
X and Y Combined 98.99% 3 days 16 hours 33 minutes
…availability in series
Availability
Part X Part Y
A = AX AY

A = 1 – (1 – AX)2
Part X
Part X
Availability

Component Availability Downtime
X 99% (2-nines) 3 days 15 hours
Two X in parallel 99.99% (4-nines) 52 minutes
Three X in parallel 99.9999% (6-nines) 31 seconds
A = 1 – (1 – AX)2
Part X
Part X
Availability

Get clear on your objectives8
“Component redundancy increases
availability significantly”
Availability

Availability Zone A Availability Zone B Availability Zone C
Availability

AWS Region
Availability

Multi-AZ—well-architected
APPLICATION
Availability

CORE SERVICES
Integrated Networking
Rules Engine
Device Shadows
Device SDKs
Device Gateway
Registry
Local Compute
Custom Model
Training & Hosting
Conversational Chatbots
Virtual Desktops
App Streaming
Schema Conversion
Image & Scene
Recognition Sharing & Collaboration
Exabyte-Scale
Data Migration
Text to Speech
Corporate Email Application Migration
Database Migration
Regions
Availability Zones
Points of Presence
Data Warehousing
Business Intelligence
Elasticsearch
Hadoop/Spark
Data Pipelines
Streaming Data
Collection
ETL
Streaming Data
Analysis
Interactive SQL
Queries
Queuing & Notifications
Workflow
Email
Transcoding
Deep Learning
(Apache MXNet,
TensorFlow, & others)
Server MigrationCommunications
MARKETPLACE
Business Apps Business Intelligence DevOps Tools Security Networking StorageDatabases
API Gateway
Single Integrated Console
Identity
Sync
Mobile Analytics
Mobile App Testing
Targeted Push
Notifications
One-click App
Deployment
DevOps Resource
Management
Application Lifecycle
Management
Containers
Triggers
Resource Templates
Build & Test
Analyze & Debug
Identity Management
Key Management
& Storage
Monitoring
& Logs
Configuration
Compliance
Web Application Firewall
Assessment
& Reporting
Resource & Usage
Auditing
Access Control
Account
Grouping
DDOS
Protection
TECHNICAL & BUSINESS SUPPORT
Support
Professional
Services
Optimization
Guidance
Partner
Ecosystem
Training & Certification Solutions Management Account Management Security & Billing Reports
Personalized
Dashboard
Monitoring
Manage
Resources
Data Integration
Integrated Identity &
Access
Integrated Resource &
Deployment Management
Integrated Devices
& Edge Systems
Resource Templates
Configuration
Tracking
Server
Management
Service
Catalogue
Search
MIGRATIONHYBRID ARCHITECTUREENTERPRISE APPSMACHINE LEARNINGIoTMOBILE SERVICESDEV OPSANALYTICS
APP SERVICES
INFRASTRUCTURE SECURITY & COMPLIANCE MANAGEMENT TOOLS
Compute
VMs, Auto-scaling, Load Balancing,
Containers, Virtual Private Servers,
Batch Computing, Cloud Functions,
Elastic GPUs, Edge Computing
Storage
Object, Blocks, File, Archivals,
Import/Export, Exabyte-scale data transfer
CDN
Databases
Relational, NoSQL, Caching,
Migration, PostgreSQL compatible
Networking
VPC, DX, DNS
Facial Recognition
& Analysis
Facial Search
Patching
Contact Center
100+ Services…
Feature
& TTM

Trust
Trust, but verify

Trust, but verify
Trust
Security
objectives
Availability
objectives
Cost
objectives
Feature & TTM
objectives
Compliance
objectives

Trust, but verify
Verify
Cloud Custodian CloudTamer.io CloudTamer.io

AWS Enterprise Strategy
2018
Thank You!

The Future of Enterprise IT - Lessons Learned

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to The Future of Enterprise IT - Lessons Learned

Similar to The Future of Enterprise IT - Lessons Learned (20)

More from Amazon Web Services

More from Amazon Web Services (20)

The Future of Enterprise IT - Lessons Learned