More Related Content
Similar to The Future of Enterprise IT - Lessons Learned (20)
More from Amazon Web Services (20)
The Future of Enterprise IT - Lessons Learned
- 1. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Jonathan Allen - AWS Enterprise Strategy
2018
The Future of Enterprise IT:
Lessons Learned
- 2. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Personal career timeline
System
Integrator
Energy
Sector
1996 1998 2000 2017
- 3. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Compelling reasons to move Cloud
Agility/dev
productivity
Digital
transformation
Data center
consolidation
Cost
Reduction
Large scale
compute intensive
workloads
Acquisitions
or divestitures
Colocation
or outsourcing
contract changes
Facility or
real-estate
decisions
- 4. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
and move faster
What if you could devote more resources to
the things that matter
while being more secure?
- 5. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Largest Number Of Enterprise Customers
- 6. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
People Challenge - Reskilling
Achieving organizational flow
Technology Hurdles – Account setup
What we’ll cover:
- 7. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Methods and Principles of
Modern Product Development
DevOps
Interface for getting stuff
built and released
Agile Teaming
The organizational glue
that keeps release cycle
moving continuously
Design Thinking
Interface to customer and
feedback loop
- 8. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Practical Principles: Agile
1. Rip the Band-Aid off, but have mercy
2. Keeping it real…and small
3. Show something every sprint
4. Trap: Agile by the book
Use release maps
Two pizza team model
Power of the demo
Find your agile center
- 9. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
ContinuousTesting
Always
Be
Testing
Concept
Hypothesis
A/B
MVP
Development
Functional
Acceptance
Performance
Security/Compliance
Deployment
Functional
Acceptance
Performance
Security/Compliance
Canary
Production
ProdTesting
Chaos Engineering
UserTesting Feedback
- 10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How Amazon Achieves Flow
Working
Backwards
From the customer
Two Pizza Teams
Run what you build
Microservices
Speed and agility
- 11. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Write the Press Release:Think big and focus on the
customer need
Write the FAQ: Customer and internal stakeholder
Define the user interaction and write the manual
Working backwards
from the customer
PR
- 12. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AmazonAchieves Speed andAgility withTwo-PizzaTeams
Small,
decentralized
teams are nimble
Own/run
what you
build
- 13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Developers MonolithicApplication Delivery Pipeline
Build Test Release
Monoliths: Slow and Rigid
- 14. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Microservices: Speed and Agility
Developers Microservices Delivery Pipelines
Build Test Release
Build Test Release
Build Test Release
- 15. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Microservices Principles
Single Purpose
API-based
Highly-decoupled
http://
- 16. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Quickly Scaling
Winning Ideas
Rapid Adoption of
New Capabilities
Reducing Cost
of Failure
Impact of Cloud on
Product Development
- 17. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
r
Products & Services
CTO/VP Applications
Digital Products, Brand
Websites, Mobile
Applications, Point of Sale
Systems, Commerce
E-mail, Productivity,
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
Desktop Support, Device
Management, Telephony,
IT Support
End User Computing
VP IT Support
Encryption, Key Management, Identity
Management, Firewalls, IDS, DDoS
Information Security
CISO
Traditional Enterprise IT
- 18. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
r
Products & Services
CTO/VP Applications
Digital Products, Brand
Websites, Mobile
Applications, Point of Sale
Systems, Commerce
E-mail, Productivity,
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
Desktop Support, Device
Management, Telephony,
IT Support
End User Computing
VP IT Support
Encryption, Key Management, Identity
Management, Firewalls, IDS, DDoS
Information Security
CISO
Traditional Enterprise IT
Infrastructure/Delivery
VP Infrastructure
- 19. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
r
Products & Services
CTO/VP Applications
Digital Products, Brand
Websites, Mobile
Applications, Point of Sale
Systems, Commerce
E-mail, Productivity,
Collaboration, HR,
Finance, ERP
Back Office Systems
CIO/VP Corp Systems
Desktop Support, Device
Management, Telephony,
IT Support
End User Computing
VP IT Support
Encryption, Key Management, Identity
Management, Firewalls, IDS, DDoS
Information Security
CISO
Traditional Enterprise IT
Infrastructure/Delivery
VP Infrastructure PMO Engineering Operations Design
- 20. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
r
Products & Services
CTO/VP Applications
Back Office Systems
CIO/VP Corp Systems
End User Computing
VP IT Support
Information Security
Future of Enterprise IT – Hybrid state
Infrastructure/Delivery
VP Infrastructure
Cloud CoE
- 21. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
“Declare a Bold Cloud Objective”
Single-threaded leader
- 22. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
2-pizza cloud business office
Procurement CISO CFO Head of
Infrastructure
Head of
Delivery
Engineering Risk Leader
Audit Leader
HRLegal
Single-Threaded Leader
!
- 23. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
i
!
- 24. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Questions parking lot
Create your questions parking lot
- 25. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon.com
Big Data & Analytics
Business Apps
Migration Acceleration Program
Compute Options
Contracts & Legal
Database Options
Container Options
Desktop & App Streaming
DevOps
Management Apps
Digital Transformation
Edge Services
Enterprise Strategy
General AWS Topics
Industry Specific Solutions
Internet of Things
Machine Learning
Mobile Options
AWS Executive Briefing Sessions
AWS Cloud Adoption Framework
AWS Well Architected Framework
AWS Migration Acceleration Program
- 26. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
“If you can't feed a team with two pizzas,
the team is too large.”
- Jeff Bezos
Step 1: Build a two-pizza Cloud Tiger Team
- 27. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Product Manager
Cloud Adoption Framework – People Perspective
Step 2: Staff your Cloud Tiger Team
- 28. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Lead Architect
Step 2: Staff your Cloud Tiger Team
- 29. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure Engineers
Leadership
Step 2: Staff your Cloud Tiger Team
- 30. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security Engineers
LeadershipInfrastructure
Step 2: Staff your Cloud Tiger Team
- 31. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Operations Engineers
LeadershipInfrastructure Security
Step 2: Staff your Cloud Tiger Team
- 32. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Application Engineers
LeadershipInfrastructure Security
Operations
Step 2: Staff your Cloud Tiger Team
- 33. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
LeadershipInfrastructure Security
Operations
Applications
Step 2: Staff your Cloud Tiger Team
- 34. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
On-Boarding
Finance
Enterprise
Architecture
Change Mgmt
Communications
Governance
LeadershipInfrastructure SecurityOperationsApplications
Engineering teams will specialize in an area, but will have a
common set of skills shared across all product teams
Operations
Engineering
Infrastructure
Engineering
Security
Engineering
Cloud Business Office
(Leader)
Cloud Engineering
(Leader)
Scale beyond the “two-pizza” team
- 35. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security
objectives
Availability
objectives
Cost
objectives
AGREEMENT
Get clear on your objectives
Feature & TTM
objectives
Compliance
objectives
- 36. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives Cost
21%
1%
2%
42%
26%
8%
Facility (lease/power/maint)
Facility Improvements
Connectivity
Hardware - Refresh/Growth
Hardware - Buildout
Software
84%
16%
Cloud
Software
On-Premise AWS
5-Year On-Premise vs. Cloud Costs = (GAAP) savings of 68.9%
- 37. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives Cost
“Declare a Bold Cloud Objective”
- 38. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Customer
AWS
AWS is responsible for
security of the cloud
Customer is responsible for
security in the cloud
Customer data
Platform, applications, identity, & access management
Operating system, network, & firewall configuration
Client-side data encryption &
data integrity authentication
Server-side encryption
(file system &/or data)
Network traffic protection
(encryption/integrity/identity)
Compute Storage Database Networking
Edge
locations
Regions
Availability Zones
AWS Global
Infrastructure
Get clear on your objectives Security
- 39. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
AWS has a deep set of security tooling
Virtual Private Cloud
Isolated cloud resources
Web Application Firewall
Filter malicious web traffic
Shield
DDoS protection
Certificate Manager
Provision, manage, and
deploy SSL/TSL certificates
Networking
Key Management Service
Manage creation
and control of
encryption keys
CloudHSM
Hardware-based
key storage
Server-Side Encryption
Flexible data
encryption options
Encryption
IAM
Manage user access
and encryption keys
SAML Federation
SAML 2.0 support
to allow on-premises
identity integration
Directory Service
Host and manage Microsoft
Active Directory
Organizations
Manage settings for
multiple accounts
Identity & management
Service Catalog
Create and use standardized
products
Config
Track resource inventory
and changes
CloudTrail
Track user activity and
API usage
CloudWatch
Monitor resources
and applications
Inspector
Analyze application security
Compliance
Macie
Discover, classify & protect data
Security
- 40. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Certifications & attestations Laws, regulations, and privacy Alignments & frameworks
Cloud Computing Compliance Controls
Catalogue (C5)
🇩🇪 ✔ CISPE 🇪🇺 ✔ CIS (Center for Internet Security) 🌐 ✔
Cyber Essentials Plus 🇬🇧 ✔ EU Model Clauses 🇪🇺 ✔ CJIS (US FBI) 🇺🇸 ✔
DoD SRG 🇺🇸 ✔ FERPA 🇺🇸 ✔ CSA (Cloud Security Alliance) 🌐 ✔
FedRAMP 🇺🇸 ✔ GLBA 🇺🇸 ✔ Esquema Nacional de Seguridad 🇪🇸 ✔
FIPS 🇺🇸 ✔ HIPAA 🇺🇸 ✔ EU-US Privacy Shield 🇪🇺 ✔
IRAP 🇦🇺 ✔ HITECH 🌐 ✔ FISC 🇯🇵 ✔
ISO 9001 🌐 ✔ IRS 1075 🇺🇸 ✔ FISMA 🇺🇸 ✔
ISO 27001 🌐 ✔ ITAR 🇺🇸 ✔ G-Cloud 🇬🇧 ✔
ISO 27017 🌐 ✔ My Number Act 🇯🇵 ✔ GxP (US FDA CFR 21 Part 11) 🇺🇸 ✔
ISO 27018 🌐 ✔ Data Protection Act–1988 🇬🇧 ✔ ICREA 🌐 ✔
MLPS Level 3 🇨🇳 ✔ VPAT/Section 508 🇺🇸 ✔ IT Grundschutz 🇩🇪 ✔
MTCS 🇸🇬 ✔ Data Protection Directive 🇪🇺 ✔ MITA 3.0 (US Medicaid) 🇺🇸 ✔
PCI DSS Level 1 💳 ✔ Privacy Act [Australia] 🇦🇺 ✔ MPAA 🇺🇸 ✔
SEC Rule 17-a-4(f) 🇺🇸 ✔ Privacy Act [New Zealand] 🇳🇿 ✔ NIST 🇺🇸 ✔
SOC 1, SOC 2, SOC 3 🌐 ✔ PDPA—2010 [Malaysia] 🇲🇾 ✔ Uptime Institute Tiers 🌐 ✔
PDPA—2012 [Singapore] 🇸🇬 ✔ Cloud Security Principles 🇬🇧 ✔
PIPEDA [Canada] 🇨🇦 ✔
🌐 = industry or global standard Agencia Española de Protección de Datos 🇪🇸 ✔
Get clear on your objectives Compliance
- 41. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Availability Downtime per year Categories
95% (1-nine) 18 days 6 hours
Batch processing, data extraction,
load jobs
99% (2-nines) 3 days 15 hours Internal tools, project tracking
99.9% (3-nines) 8 hours 45 minutes Online commerce
99.99% (4-nines) 52 minutes Video delivery, broadcast systems
99.999% (5-nines) 5 minutes Telecom industry (ATM Transactions)
Availability
- 42. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Part X Part Y
A = AX AY
Availability
- 43. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Component Availability Downtime
X 99% (2-nines) 3 days 15 hours
Y 99.99% (4-nines) 52 minutes
X and Y Combined 98.99% 3 days 16 hours 33 minutes
…availability in series
Availability
Part X Part Y
A = AX AY
- 44. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
A = 1 – (1 – AX)2
Part X
Part X
Availability
- 45. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Component Availability Downtime
X 99% (2-nines) 3 days 15 hours
Two X in parallel 99.99% (4-nines) 52 minutes
Three X in parallel 99.9999% (6-nines) 31 seconds
A = 1 – (1 – AX)2
Part X
Part X
Availability
- 46. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives8
“Component redundancy increases
availability significantly”
Availability
- 47. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
Availability Zone A Availability Zone B Availability Zone C
Availability
- 48. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Region
Availability Zone A Availability Zone B Availability Zone C
Availability
- 49. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Multi-AZ—well-architected
Availability Zone A Availability Zone B Availability Zone C
APPLICATION
Availability
- 50. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Get clear on your objectives
CORE SERVICES
Integrated Networking
Rules Engine
Device Shadows
Device SDKs
Device Gateway
Registry
Local Compute
Custom Model
Training & Hosting
Conversational Chatbots
Virtual Desktops
App Streaming
Schema Conversion
Image & Scene
Recognition Sharing & Collaboration
Exabyte-Scale
Data Migration
Text to Speech
Corporate Email Application Migration
Database Migration
Regions
Availability Zones
Points of Presence
Data Warehousing
Business Intelligence
Elasticsearch
Hadoop/Spark
Data Pipelines
Streaming Data
Collection
ETL
Streaming Data
Analysis
Interactive SQL
Queries
Queuing & Notifications
Workflow
Email
Transcoding
Deep Learning
(Apache MXNet,
TensorFlow, & others)
Server MigrationCommunications
MARKETPLACE
Business Apps Business Intelligence DevOps Tools Security Networking StorageDatabases
API Gateway
Single Integrated Console
Identity
Sync
Mobile Analytics
Mobile App Testing
Targeted Push
Notifications
One-click App
Deployment
DevOps Resource
Management
Application Lifecycle
Management
Containers
Triggers
Resource Templates
Build & Test
Analyze & Debug
Identity Management
Key Management
& Storage
Monitoring
& Logs
Configuration
Compliance
Web Application Firewall
Assessment
& Reporting
Resource & Usage
Auditing
Access Control
Account
Grouping
DDOS
Protection
TECHNICAL & BUSINESS SUPPORT
Support
Professional
Services
Optimization
Guidance
Partner
Ecosystem
Training & Certification Solutions Management Account Management Security & Billing Reports
Personalized
Dashboard
Monitoring
Manage
Resources
Data Integration
Integrated Identity &
Access
Integrated Resource &
Deployment Management
Integrated Devices
& Edge Systems
Resource Templates
Configuration
Tracking
Server
Management
Service
Catalogue
Search
MIGRATIONHYBRID ARCHITECTUREENTERPRISE APPSMACHINE LEARNINGIoTMOBILE SERVICESDEV OPSANALYTICS
APP SERVICES
INFRASTRUCTURE SECURITY & COMPLIANCE MANAGEMENT TOOLS
Compute
VMs, Auto-scaling, Load Balancing,
Containers, Virtual Private Servers,
Batch Computing, Cloud Functions,
Elastic GPUs, Edge Computing
Storage
Object, Blocks, File, Archivals,
Import/Export, Exabyte-scale data transfer
CDN
Databases
Relational, NoSQL, Caching,
Migration, PostgreSQL compatible
Networking
VPC, DX, DNS
Facial Recognition
& Analysis
Facial Search
Patching
Contact Center
100+ Services…
Feature
& TTM
- 51. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Trust
Trust, but verify
- 52. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Trust, but verify
Trust
Security
objectives
Availability
objectives
Cost
objectives
Feature & TTM
objectives
Compliance
objectives
- 53. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Trust, but verify
Verify
Cloud Custodian CloudTamer.io CloudTamer.io
- 54. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Enterprise Strategy
2018
Thank You!