|By Sanjeev Khurana||
|February 7, 2013 12:00 PM EST||
Managing complexity is difficult in any growing business. As companies innovate, add new business lines, expand their global reach, cater to increased volume, or adopt new regulatory rules, processes proliferate and the discipline surrounding them goes out of the window. Moreover, the IT that supports these processes becomes more entangled as aging legacy applications jostle with new applications to support the needs of the business. Over time the technology that support this business unravels, causing the environment to suffer from instability and poor performance and become difficult to change and maintain. In short, it lowers business efficiency and effectiveness.
A sound Enterprise Architecture (EA) approach is required to ensure that both the business and technology are well aligned and will help restore order to this landscape. An Enterprise Architecture is a description of the goals of a company, how these goals are realized by business processes, and how these business processes can be better served through technology. EA is about finding opportunities to use technology to add business value.
The primary purpose of an EA is to inform, guide, and constrain the decisions for the enterprise, especially those related to IT investments. The true challenge of EA is to maintain the architecture as a primary authoritative resource for enterprise IT planning. This goal is not met via enforced policy, but by the value and utility of the information provided by the EA.
Why Have an EA Approach:
- Provides a basic framework for major change initiatives
- Divides and conquers technical and organizational complexities
- Supports business and IT budget prioritization
- Improves the ability to share and efficiently process information
- Provides the ability to respond faster to changes in technology and business needs
- Reduces costs due to economies of scale and resource sharing
- Enhances productivity, flexibility and maintainability
- Serves as a construction blueprint and ensures consistency across systems
- Supports decision making
More specific benefits include:
- Simplified application development
- Location transparency
- Horizontal scaling
An EA is a blueprint that is developed, implemented, maintained, and used to explain and guide how an organization's applications landscape works together to efficiently accomplish the mission of the organization. An EA addresses the following views:
- Business activities and processes
- Data sets and information flows
- Applications and software
The Four Pillars of Enterprise Architecture:
1. Business Architecture
Business Architecture realizes the business strategy. It describes how we organize our business processing to meet the strategic needs of the business. It should allow us to maximize the flexibility of the business to respond to changing business environments, reduce the complexity of our environment by simplifying business processing and reduce the effort required for application implementation and maintenance. It provides a view of the business and describes where we can improve business functions.
- Create processing utilities for common functions within the back office area that support cross products such as confirmations, cash settlement, security settlement, and collateral management
- Create a single common analytics versus an individual analytics library used for pricing products. Common analytics can be used for all front office trading desks, for different functions such as front office and risk
2. Data Architecture
The data architecture describes the way data will be processed, stored and used by the organization. It lays out the criteria on processing operations including the whole flow of the system. It should increase the accuracy and timeliness of business data used by applications.
An example of patterns used is Master Data Management (MDM) - its objective is to provide processes for collecting, aggregating, quality-assuring, persisting and distributing such data throughout an organization to ensure consistency and control in the on-going maintenance and application of this information. Moving to a model of a single golden data source will eliminate duplication and inefficiency, e.g., single bond static data sourced from multiple data vendors and publishing it to multiple systems (e-trading, trading, risk and PL, and settlement systems.)
Implement a firm-wide description of common data objects, e.g., fpML (open standard XML standard for electronic dealing and OTC derivatives processing). This will reduce the risk of the data being misunderstood and provide a higher quality of data flowing through the organization thereby increasing efficiency and effectiveness.
3. Applications architecture
Applications architecture describes the structure and behavior of applications used in a business, focusing on how they interact with each other and with users. It's focused on the data consumed and produced by applications rather than their internal structure.
- Enforcing the use of a golden source of data, e.g., instrument static, counterparty static, market data, etc.
- Standardizing on an application platform and interfacing approach
- Implementing a standard application monitoring framework for all applications to report the business status
4. Technical Architecture
This describes the common technology components that will be used to build our applications. This includes standards for vendor packages, third-party products and application components, e.g., servers, networks, desktops, middleware, security, storage, and virtualization. This will describe the current and target state.
- SSO should be a standard mechanism for user authentication for all enterprise applications
- Implement a server virtualization strategy to help reduce costs and increase flexibility
- All critical applications should have a recovery time of less than an hour
- Have a technology menu of strategic products that development teams can use for projects
Building an EA for Your Organization
It is important to understand the business strategy of the organization and this drives everything. This vision and strategy will drive where the organization's IT environment and capabilities should be in the next three years.
The next step in this process is to characterize the current status and snapshot the existing IT capabilities. The word "characterize" is used because it isn't usually necessary to identify and analyze everything IT or information related in the organization. You just need enough data to understand the basic situation you are in and the problems that exist, and to develop an idea of where you want to go. You need to understand where the inefficiencies and duplications exist. The question is whether IT is being used in the most effective way to accomplish the organization's program goals.
What Work Is Performed?
You must have a clear understanding of what work the organization performs and where it is performed (anywhere from one location to multiple locations throughout the world).
What Information Is Needed and by Whom?
You need to understand the basic flow of information, not just within your organization but also to and from your organization, and what the information consists of and how that information is organized.
What Applications Are Used to Process that Information?
What software is used to process, analyze, etc., the needed information? What types of data structures and protocols are used?
What Technology Is Used to Perform the Work?
What IT hardware infrastructure is currently used?
Having formed an understanding of where you currently stand, you now need to try to figure out where you need to be in the future. There are two main drivers for this:
- Business drivers tell you that you need to do business differently. Customers may be demanding better or different services.
- Technology drivers tell you that technology is providing you with options for doing things better
The target architecture is the heart of the process. The four components (business architecture, data architecture [e.g., data sets and information flows], application architecture and technical architecture) of the EA need to be modeled separately. Security considerations should be addressed throughout. The process consists of defining each set of architectural components and its key attributes. The result is an organized set of definitions and models to reflect the different views of the architecture. Again, the relative complexity of the situation will determine how detailed and extensive this effort and documentation needs to be. The four components are then synthesized into a comprehensive target architecture.
Due to the rapid pace of technology advancement, the goal should be to produce an "evolvable" architecture that can accommodate change easily. Some rules to help to produce this are - keep things modular and loosely coupled, have well-defined boundaries between systems and components, reusable logic should be divided into services, use industry-standard interfaces, use open-systems standards, and use common mechanisms whenever possible. Planning for loosely coupled, modular systems with clear boundaries allows you to change portions of the IT architecture without having to revise other aspects in the architecture, and also helps you see how changes in one part of the architecture may affect other elements.
At this point, you are in a position to determine the gaps between your current and target architectures. What are the differences between your baseline and the architecture you want to achieve?
For architecture to succeed within an organization, it is essential to have the support and commitment of senior management. This major initiative needs sponsorship by the CIO, and senior management need to be supportive and fully involved in ensuring it is a success. The governance process needs to ensure that:
- People planning and developing IT systems do so in a way consistent with the target architecture
- Procurements are consistent with the target architecture
- Determine if exceptions or changes to the Enterprise Architecture are needed for a specific system or procurement
- Track the implementation of the architecture migration plan and the benefits/flaws of the Enterprise Architecture
- Keep the EA up-to-date, thereby reflecting changes in the business, new technology, etc.
There needs to be integration with the program planning and the budget processes.
Technology is changing rapidly and business needs and processes change over time. Therefore, the target architecture, whether fully implemented or not, that addresses how IT and information will serve business needs must be periodically reviewed and updated to reflect these changes.
It is important that EA is not used as a mechanism that attempts to slow down delivery unnecessarily; it needs to add value to the business by producing superior solutions and not add unnecessary bureaucracy. A pragmatic approach to architecture is needed that balances the needs for agility and innovation yet delivers the efficiency and effectiveness in the technology solution provided by EA.
Architecture principles define the fundamental assumptions and rules of conduct for the IT organization to create and maintain IT capability. It provides a compass to guide it to its target architecture. A well-defined architecture principle consists of a name, definition, motivation and implications. Table 1 shows the Architecture Principles on the Reuse, Buy, Build Principle.
Table 1: Reuse, Buy, Build Principle
We prefer to reuse existing assets over buying, and buying over building
We are not a software company
Our company has many IT assets that are underleveraged because we have previously favored building rather than reusing or buying
We have many redundant applications and reducing this through reuse will reduce maintenance costs and improve system stability
Architecture Governance will ensure projects adhere to this principle.
Our company will develop an understanding of functional and technical assets available for reuse. This will be kept up to date.
We will strive for fewer and deeper software vendor relationships and need to influence their roadmaps to mesh with our needs
To add a new tool to our portfolio, we will also plan and fund replacement of the installed base of the former tool
Architecture principles become a core shared assumption for all initiatives in the enterprise. This radically simplifies decision making. It ensures that all projects align with and are moving toward the target state
Other enterprise architecture principles an organization might consider include:
- Don't Automate Bad Business Complexity Principle
- Avoid Package Customization Principle
- Prefer Service Orientation over Application Orientation Principle
- Don't Over / Under Engineer Principle
An example of the Banking Specific Architecture Principle:
- Only a master source of data can create business events
- All processing should be STP with manual interventions only for exceptions
- Combine multiple analytics libraries into a single common library (depends on trading desk size and product complexity!)
EA is important and without it organizations will be unable to deliver technology in an efficient and effective manner. If a project team works anyway they want to, and use any technology they want to, chaos will result. Functionality and information will be duplicated and reuse will occur sporadically, if at all. There will be conflict between systems that cause each other to fail. Individual projects may be deemed successful, but as a portfolio there may be serious challenges. Systems don't exist in vacuum, but rather co-exist with several and sometimes hundreds of other systems. For example, building a Bloomberg interface to store bond static and prices built by the rates front office IT group may be viewed as a success in isolation, but such functionality are required by many systems within the organization, e.g., e-trading, pricing analytics, risk, settlement systems, and other front office trading applications, e.g., credit derivatives and repo. If each area builds such functionality, costs skyrocket (e.g., multiple Bloomberg licenses, duplication of interfaces, data, hardware), and it increases complexity and operational risk within the organization. EA plays a fundamental role in preventing such scenarios from occurring.
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. Migration to cloud shifts computing resources from your data center, which can yield significant advantages provided that the cloud vendor an offer enterprise-grade quality for your application.
Oct. 8, 2015 04:00 PM EDT Reads: 216
Secure Cloud through Automated Compliance | @CloudExpo @CloudRaxak #Cloud #BigData #DevOps #Microservices
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across private and public clouds. Manual security compliance is slow, prone to human error, and represents over 50% of the cost of managing cloud applications. Determining how to automate cloud security compliance is critical...
Oct. 8, 2015 04:00 PM EDT Reads: 294
Manufacturing has widely adopted standardized and automated processes to create designs, build them, and maintain them through their life cycle. However, many modern manufacturing systems go beyond mechanized workflows to introduce empowered workers, flexible collaboration, and rapid iteration. Such behaviors also characterize open source software development and are at the heart of DevOps culture, processes, and tooling.
Oct. 8, 2015 04:00 PM EDT Reads: 1,060
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult - let alone tracking network connections or malicious activity. In his session at DevOps Summit, Gianluca Borello, Sr. Software Engineer at Sysdig, will cover the current state of the art for container monitoring and visibility, including pros / cons and li...
Oct. 8, 2015 04:00 PM EDT Reads: 160
SYS-CON Events announced today that VividCortex, the monitoring solution for the modern data system, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The database is the heart of most applications, but it’s also the part that’s hardest to scale, monitor, and optimize even as it’s growing 50% year over year. VividCortex is the first unified suite of database monitoring tools specifically desi...
Oct. 8, 2015 04:00 PM EDT Reads: 458
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
Oct. 8, 2015 03:30 PM EDT Reads: 209
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data...
Oct. 8, 2015 03:30 PM EDT Reads: 127
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at @DevOpsSummit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
Oct. 8, 2015 03:15 PM EDT Reads: 175
Saviynt Inc. has announced the availability of the next release of Saviynt for AWS. The comprehensive security and compliance solution provides a Command-and-Control center to gain visibility into risks in AWS, enforce real-time protection of critical workloads as well as data and automate access life-cycle governance. The solution enables AWS customers to meet their compliance mandates such as ITAR, SOX, PCI, etc. by including an extensive risk and controls library to detect known threats and b...
Oct. 8, 2015 03:00 PM EDT Reads: 196
As-a-service models offer huge opportunities, but also complicate security. It may seem that the easiest way to migrate to a new architectural model is to let others, experts in their field, do the work. This has given rise to many as-a-service models throughout the industry and across the entire technology stack, from software to infrastructure. While this has unlocked huge opportunities to accelerate the deployment of new capabilities or increase economic efficiencies within an organization, i...
Oct. 8, 2015 03:00 PM EDT Reads: 215
You have your devices and your data, but what about the rest of your Internet of Things story? Two popular classes of technologies that nicely handle the Big Data analytics for Internet of Things are Apache Hadoop and NoSQL. Hadoop is designed for parallelizing analytical work across many servers and is ideal for the massive data volumes you create with IoT devices. NoSQL databases such as Apache HBase are ideal for storing and retrieving IoT data as “time series data.”
Oct. 8, 2015 02:45 PM EDT Reads: 489
Clearly the way forward is to move to cloud be it bare metal, VMs or containers. One aspect of the current public clouds that is slowing this cloud migration is cloud lock-in. Every cloud vendor is trying to make it very difficult to move out once a customer has chosen their cloud. In his session at 17th Cloud Expo, Naveen Nimmu, CEO of Clouber, Inc., will advocate that making the inter-cloud migration as simple as changing airlines would help the entire industry to quickly adopt the cloud wit...
Oct. 8, 2015 02:30 PM EDT Reads: 641
There are so many tools and techniques for data analytics that even for a data scientist the choices, possible systems, and even the types of data can be daunting. In his session at @ThingsExpo, Chris Harrold, Global CTO for Big Data Solutions for EMC Corporation, will show how to perform a simple, but meaningful analysis of social sentiment data using freely available tools that take only minutes to download and install. Participants will get the download information, scripts, and complete en...
Oct. 8, 2015 02:15 PM EDT Reads: 219
IT data is typically silo'd by the various tools in place. Unifying all the log, metric and event data in one analytics platform stops finger pointing and provides the end-to-end correlation. Logs, metrics and custom event data can be joined to tell the holistic story of your software and operations. For example, users can correlate code deploys to system performance to application error codes.
Oct. 8, 2015 02:15 PM EDT Reads: 184
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
Oct. 8, 2015 02:00 PM EDT Reads: 145
Between the compelling mockups and specs produced by analysts, and resulting applications built by developers, there exists a gulf where projects fail, costs spiral, and applications disappoint. Methodologies like Agile attempt to address this with intensified communication, with partial success but many limitations. In his session at DevOps Summit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, will present a revolutionary model enabled by new technologies. Learn how busine...
Oct. 8, 2015 01:45 PM EDT Reads: 229
NHK, Japan Broadcasting, will feature the upcoming @ThingsExpo Silicon Valley in a special 'Internet of Things' and smart technology documentary that will be filmed on the expo floor between November 3 to 5, 2015, in Santa Clara. NHK is the sole public TV network in Japan equivalent to the BBC in the UK and the largest in Asia with many award-winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology and will be covering @ThingsExpo Silicon Val...
Oct. 8, 2015 01:00 PM EDT Reads: 251
Organizations already struggle with the simple collection of data resulting from the proliferation of IoT, lacking the right infrastructure to manage it. They can't only rely on the cloud to collect and utilize this data because many applications still require dedicated infrastructure for security, redundancy, performance, etc. In his session at 17th Cloud Expo, Emil Sayegh, CEO of Codero Hosting, will discuss how in order to resolve the inherent issues, companies need to combine dedicated a...
Oct. 8, 2015 01:00 PM EDT Reads: 469
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ProfitBricks boasts flexible cloud servers and networking, an integrated Data Center Designer tool for visual control over the...
Oct. 8, 2015 01:00 PM EDT Reads: 756
The web app is agile. The REST API is agile. The testing and planning are agile. But alas, data infrastructures certainly are not. Once an application matures, changing the shape or indexing scheme of data often forces at best a top down planning exercise and at worst includes schema changes that force downtime. The time has come for a new approach that fundamentally advances the agility of distributed data infrastructures. Come learn about a new solution to the problems faced by software organ...
Oct. 8, 2015 01:00 PM EDT Reads: 771