Business Model Canvas (BMC)- A new venture concept
Cto 2021 summit
1. 1
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
CTO’s presentation:
Age of Implementation
Pini Cohen, CTO STKI
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
2. 2
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Agenda
Intro: CTO’s and Architects
Adaptive Architecture
Cloud CoE
DevOps CoE
Zero Trust
2
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
3. 3
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
What is happening with CTO’s and
Architects?
More technologies to deal with
Technology last short time
Customization of technology is less
viable
Dependencies in technologies is
increasing
3
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
4. 4
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Microservices
implications:
•You can do whatever you
want, use database,
programming language
etc., as long as you get the
job done and other
services can depend on
you.
4
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
5. 5
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
This is how core legacy architecture looks
likes
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
6. 6
Copyright@STKI_2020 Do not remove source or attribution from any slide, graph or portion of graph
Solution: The
new architect
6
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
7. 7
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
What is happening with
CTO’s & Architects ?
we are
having more
fun!!
7
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
8. 8
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Not everything is so shiny
Not everything is so shiny
8
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
9. 9
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The IT talent war*
*In the holly land
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
10. 10
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Massive move of personal from Enterprise IT to High-tech
10
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
11. 11
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
IT has little experience in Knowledge Transfer
11
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
12. 12
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
This will result
IT
Organization
•Downtime
•IT is a barrier for
the business
•Implement KM
platforms in IT
•Demand for Cloud
& SLA based
services
IT
Suppliers
•Sell products with
their operations
services
•High demand for
staffing services
(“gulglot”) but
hard (impossible?)
to fulfill
•Cloud & SLA
based services
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
13. 13
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Adaptive
Architecture
13
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
14. 14
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Adaptive Architecture
ADAPTIVE emerges as the top objective for the organization. Modern
architecture Integration is the core of being Adaptive
API’s are the most important indication of “what is happening” in modern
application
API’s and Event Driven will enable the use of Legacy system in modern
business processes
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
15. 15
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Adaptive Composable Organizational
Applications
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
16. 16
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
The evolution of integration patterns
16
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
17. 17
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
API gateway
The evolution of integration patterns
17
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
18. 18
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
API Gateway
• Protocol transformation
• Scheme validation (content filters like XSD, filed limits, field format, etc.)
• Authentication & security
• Basic logics
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
19. 19
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
API gateway
Cloud integration:
IPaaS
The evolution of integration patterns
19
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
20. 20
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
IPaaS –
Integration
Platform as a
Service
• For cloud connectivity
• Enable integration capabilities for ‘ad hoc’ or ‘citizen’ integrators”
• “I have more adaptors cloud SaaS”
• Selected products: Zapier, iConduct, Workato, Celigo, Snaplogic
20
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
21. 21
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
External (specific API)
API gateway
Cloud integration
IPaaSadvanced ESB
API management
The evolution of integration patterns
21
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
22. 22
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Business manager to CIO:
I want to sell
product X by
our systems
I want to sell
product Y by
our systems
I want to sell
product Z by
our systems
I want to sell
product A by
our systems
CIO CIO
CIO
CIO
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
23. 23
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Business manager to CIO:
I want to sell
product X by
our systems
CIO
• Place new products in my catalog –
dynamically
• Check stock variability in suppliers ERP
• Process payment (3rd party SW)
• Transfer money immediately to supplier
• Update delivery status and location (3rd
party)
• Update buyer when product was delivered
• Update “consumer club” in both our
systems and suppliers systems
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
24. 24
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
API Management
24
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
25. 25
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
BOI Open Banking Regulation
25
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
26. 26
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
API Management – the hottest project in market!
I’m Hot!
26
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
27. 27
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Will API management replace ESB?
It shouldn't – no oorchestration, no transformation, no adapters ( tech
and content), no messaging, no guarantee delivery, etc,
Still – green field organizations (enterprises and start-ups) are not
using ESB at all
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
28. 28
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
* Gradually when possible
API management tools are
replacing ESB*
28
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
29. 29
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
External (specific API)
API gateway
Cloud integration
IPaaSadvanced ESB
External partners
API management
developer portal
Industry API Standards
The evolution of integration patterns
29
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
30. 30
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Why API interoperability standards are critical for business agility?
“complete name” “full name” “full description” “Shem Male”
"The Hongkong and Shanghai Banking Corporation Limited“ is stored in field
Bank A Bank B Bank C Bank D
These banks can only manually co-ordinate.
This is not suitable for modern business!!
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
31. 31
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The solution: standard Open API –
"banks": [
{
"id": "hsbc",
"short_name": "HSBC",
"full_name": "The Hongkong and Shanghai Banking
Corporation Limited",
"logo": "url of internet standard image",
"website": "www.postbank.de"
}
]
}
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
32. 32
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Internal integration
ESB
External (specific API)
API gateway
Cloud integration
IPaaSadvanced ESB
External partners
API management
developer portal
Industry API Standards
The evolution of integration patterns
Microservices
ServiceMesh
32
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
33. 33
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Source: http://martinfowler.com/
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
34. 34
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI’s work Copyright@2016. Do not remove source or attribution from any slide, graph or portion of graph
34
API gateway /ESB
will not scale in
microservices
production
environment API
Gateway
34
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
35. 35
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
https://medium.com/microservices-in-practice/service-mesh-for-microservices-2953109a3c9a
service mesh pattern
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
36. 36
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Direct (unsupervised) API calls
36
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
37. 37
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Advanced Integration capabilities are the key to adaptive business
API centric development & operations are a key for availability, efficiency
(reuse) & security
Advanced Integration capabilities are the key to adaptive business
API centric development & operations are a key for availability, efficiency
(reuse) & security
37
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
38. 38
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Event Driven Architecture (EDA)
38
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Traditional programming: direct connection
By topic
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
39. 39
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Event driven - “If you love someone set him free”
• Traditional programming:
Make_Order {
…
…
Call Order_Fulfilment (id of
order).
Wait for response (ack)
• }
• EDA programming:
Make_Order {
…
…
Publish event:
Order_created(id of order)
//do not wait
• }
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
40. 40
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Event driven benefits & drawbacks
•Enables adaptive business processes
•Enables work of separate teams
•Fits microservices, self contained systems, DevOps,
serverless
•Basically for a-synchronous purpose
•Distributed transactions are difficult!!
•Needs to reskill architects & programmers
40
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
41. 41
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Low Code
“A low-code development
platform (LCDP) is a software that
provides a development environment
used to create application
software through graphical user
interfaces and configuration instead
of traditional hand-coded computer
programming.” Wikipedia
תפוקה הרבה
,
קוד פחות
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
42. 42
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The advantages
TTM
Fit for junior/legacy
developers
Low technical debt
Good for business
(application) experiments
(MVP)
42
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
43. 43
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The barriers
Prior experience- 4GL
Politics
Cost of entry
Lockdown
43
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
44. 44
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Lesson learned
from (Israeli) 4GL:
•Citizen developers should work
under IT guidance/supervision:
•Security, Central Identity,
Regulations, Monitoring
•Updates of infrastructure
•CAB – change advisory board
•Documentation and Architecture
guidance
44
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
44
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
45. 45
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI’s work Copyright@2016. Do not remove source or attribution from any slide, graph or portion of graph
Will 2022 be the "LowCode Year" in
Israel?
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
45
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
46. 46
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Literacy
API Economy principals
Standards
API standards, Identity
standards, Cyber
security standards
Architecture
Event Driven, API
management vs.
ServiceMesh , Rest vs.
GraphQL
Tools
API management tools
IPaaS tools
Governance
Regulations , apply
standards
Use Cases Identification
and Prioritization
Priorities in DevOps efforts and tooling
Skills
Architect upskill for
Event Driven
Processes
API first culture , API testing
automation
Architecture
Integration
CoE
Governance – be integral part of development process
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
47. 47
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud CoE
47
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
48. 48
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Reasons for
moving to cloud
• There is (almost) no option since new business applications are only cloud based. Applying modern business processes without using cloud software will be very difficult and unconventional.
New business applications
are only cloud based
Applying modern business
processes without using
cloud software will be very
difficult and unconventional
48
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
49. 49
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
More reasons for
moving to cloud:
• Cloud improve IT speed & agility and
hence business agility
• Cloud computing enables “fail fast”
(leanMVP) business culture
• Cloud drives technology innovation which
drives business innovation
• Cloud computing helps with compliance
• Cloud computing companies invest much
more on cyber security than traditional IT
• Cloud computing helps with IT-Business
alignment
49
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
50. 50
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Repatriation?
Cloud
50
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
51. 51
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Repatriation debate
51
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
52. 52
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Repatriation from cloud in Enterprise IT?
Cloud
Not Yet
52
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
53. 53
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud unexpected
complexity:
•Cloud budget planning
•Bill Shock
•Lack of flexibility in cloud
contracts
•Forgotten areas in cloud SaaS
deals
•In general - mistakes in the
cloud are more harmful
53
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
54. 54
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Reduce the
dominance of
Windows Server
and VMWARE
ESX
54
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
55. 55
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud technical
team is integral
part of the
general teams
55
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
56. 56
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Fact: most
resources are still
spent the on-
premise/traditional
infrastructure
Treat on premise
as cloud!!
56
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
57. 57
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Infrastructure as Code
•Central scriptcode repository (GIT) for
all infrasecurity
•Central workflow for all infrasecurity
57
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
58. 58
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Place infrastructure
as code KPI for all
infrasecurity
departments
58
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
59. 59
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Server is running unnecessarily in
traditional DC – not a big deal
Server is running unnecessarily in
Cloud – very big deal $$
“Pay by the minute” is new for IT* – FINOPS is the
answer
*what are “Spot Instances”?
59
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
60. 60
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Define and implement
mandatory tags for all
cloud resources in the
resource group level – DO
IT NOW
60
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
61. 61
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud cost optimization tools
Build in tools:
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
62. 62
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Literacy
Explaining cloud business and
technology implications
Standards
Example: tagging
(FINOPS) standards,
security standards.
Identity standards
Architecture
Microservices, Event
Driven, Serverless
Tools
Which cloud, Cloud cost
optimization tools ,
Cloud identity tools,
cloud integration tools
Governance
Cloud related
regulations
Use Cases Identification
and Prioritization
Priorities in cloud migration
Skills
Cloud development,
Infrastructure as code
education
Processes
FINOPS, cloud licensing
management, Cloud asset
management
Cloud
CoE
CoE is an enabler, not doer itself. “One DBA team!”
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
63. 63
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
DevOps CoE
63
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
64. 64
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Traditional deployment
• From dev to test to prod – takes ages..
64
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
65. 65
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
DevOps aims at:
• DevOps enables the benefits of Adaptive development to be felt at
the organizational level. DevOps does this by allowing for fast and
responsive, yet stable, operations that can be kept in sync with the
pace of innovation coming out of the development process.
Source:
http://dev2ops.org/blog/2010/2/22/what-is-DevOps.html
http://en.wikipedia.org/wiki/File:DevOps.png
65
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
66. 66
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Some perspective: DevOps at Amazon
Source: http://www.bogotobogo.com/DevOps/DevOps_Jenkins_Chef_Puppet_Graphite_Logstash.php
66
11.6 seconds : Mean time between
deployments (weekday)
Mean
1,079 : Max # of deployments in a single
hour
Max
10,000 : Mean # of hosts simultaneously
receiving a deployment
Mean
30,000 : Max # of hosts simultaneously
receiving a deployment
Max
66
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
67. 67
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
“Let there be DevOps”
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
68. 68
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
DevOps Tools
Monitoring/Observability/AIOPS
Collaboration
Configuration Automation
Testing
Issue Trekking/ITSM
Release Management
Security
Continues Integration
Artifacts/ Package Management
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
69. 69
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Legacy systems
must be part of
Value Stream
mapping &
DevOps
69
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
70. 70
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Measure until code
is in production and
not until value is
created
70
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
71. 71
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Value Stream
Mapping?
•Value stream enables you to
create a detailed visualization of
your workflows.
•This visualization represents
how your products and services
flow from supplier to customer
via your company.
•Value Stream tools should get
their input from ALM tools and
from manual inputs
71
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
72. 72
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
IMPROVING DATABASE PROVISIONING PROCESS TO
MEET BUSINESS DEMANDS
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
73. 73
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
IMPROVING DATABASE PROVISIONING PROCESS TO
MEET BUSINESS DEMANDS
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
74. 74
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Value stream mapping:
Source: https://www.scielo.br/j/jistm/a/wRTL87bgXHG6zZd8GGNNvxt/?format=pdf&lang=en
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
75. 75
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI: start
DevOps with
Value stream
mapping
75
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
76. 76
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Operations team (NOC) vs. ESM (monitoring) team
76
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
77. 77
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
SRE is what happens
when you ask a software
engineer to design an
operations team
•SRE – Site Reliability
Engineering
•Automation (code, tooling) in
operations, self healing
architecture
•MTTR instead of MTBF
•Error Budget
•Developers responsibility for
operations
77
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
78. 78
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Developers
are not
responsible
of operations
78
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
79. 79
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Observability:
the new
Monitoring
79
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
80. 80
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Expected correlation in
golden signals. What is
anomaly?
80
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Normal behavior: Traffic--> Saturation --> Latency --> Error
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
81. 81
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Literacy
Explain DevOps to business
Standards
Naming conventions for
infrastructure, testing
standards, Monitoring
(Observability)
standards
Architecture
Microservices, Monitoring
(Observability) health
API’s
Tools
DevOps orchestrator,
Integration to Source
Control, Ticketing tools,
DEVSECOPS tools
Governance
Which type of DevOps
and controls (testing)
for each application
type
Use Cases Identification
and Prioritization
Priorities in DevOps efforts and tooling
Skills
Cloud development,
Infrastructure as code
education
Processes
Let Developers part of the
operations responsibility,
Unify the development and
operations processes and
KPI’s
DevOps
CoE
Cooperation between Development and
InfraOps departments is crucial in the
success of DevOps CoE
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
82. 82
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI Webinar:
Coping with
Complex IT
Environment
27.10.21
CTO’s Architects,
Development, Infra &
Operations
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
83. 83
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Zero Trust CoE
83
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
84. 84
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Before:
Inside = safe
We are inside
Outside = not safe
84
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
85. 85
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Everything is outside !!
After:
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
86. 86
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Zero Trust :the organization has no perimeters
“Never trust – Always verify”*
Forrester-The Zero Trust eXtended (ZTX) Ecosystem
86
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
87. 87
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
What should we verify?
• The user’s identity (now)
• The device (now)
• The network (now)
• What is transferred (data, docs,
web) - now
• Role-based access control (process,
port, protocol) – preferably via
proxy – no network access
87
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
88. 88
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Who is the user in many clouds?
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
89. 89
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Cloud Identity Services principals
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
90. 90
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Possible
solution for
Zero Trust –
SASE – Secure
Access Service
Edge
90
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
91. 91
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
SASE capabilities
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
92. 92
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Close
“employees
WIFI” stay with
“guest WIFI”
92
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
93. 93
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Close the
internal
network
longer term
93
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
94. 94
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
Literacy
Explaining cloud business and
technology implications
Standards
Example: tagging
(FINOPS) standards,
security standards.
Identity standsrds
Architecture
Microservices, Event
Driven, Serverless
Tools
Which cloud, Cloud cost
optimization tools ,
Cloud identity tools,
cloud integration tools
Governance
Cloud related
regulations
Use Cases Identification
and Prioritization
Priorities in cloud migration
Skills
Cloud development,
Infrastructure as code
education
Processes
FINOPS, cloud licensing
management, Cloud asset
management
Cyber
CoE
CoE is an enabler, not a controller or a doer itself
Zero Trust is such a
big change for Cyber
Security – everybody
should take a big
breath
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL
95. 95
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
The End:
Implement
while
doing fun!!
Copyright@STKI_2021 Do not remove source or attribution from any slide, graph or portion of graph
STKI IT Knowledge Integrators
COMPANY CONFIDENTIAL