IT Modernization strategy

Service Oriented Architecture is here, Web services is become a leading technology choice to use for implementing SOA. We see web services is the most promising instantiation of service oriented architecture due to the use of open standards, asynchronous processing of decoupled systems, and of course a strong drive towards interoperability. The new trend of architecture style and computing model can be implemented very easily. But how we can get most out of the software and hardware assets that enterprises have invested thus far?  Many organizations are started new endeavor of modernizing their IT. I will try to explore the most challenging areas that enterprise needs to work on.  I think major challenge that enterprise will face:

1. Leveraging existing and use new talent.
2. Using existing codes in new ways and aligning them with the business rules.
3. Changing processes to accommodate new technology
4. Code modernization
5. Simple and complex Multilanguage source code analysis.
6. Architecture and design modernization.
7. Compiler & IDE strategy – Distributed application development.

In summary people process and technology modernization is the core of IT modernization. Therefore IT modernization should be undertaken as a strategic vision and where the new initiatives should adopt new technology.  IT Strategy and road map development need an agile approach and the biggest challenge is how to execute IT Modernization tasks most cost effective manner and without disturbing day-to-day businesses. I have created a detail white paper and a technique paper to help my clients to transform their IT into new paradigm. Please contact me for the white paper on this subject.   

Cloud computing model has created a greater challenge for IT Security professionals

Cloud computing model has created a greater challenge for IT Security professionals. In this article I am exploring various aspects of today’s security solution. When considering security solution we cannot separate IT Security from Business resiliency. How we can make IT environment secured resilient in cloud computing environment? Business resilience has moved us from the sense of reacting and then recovering from an event to becoming impervious to the event. Business continuity focus upon a defensive resilience posture, it consist of three building blocks – Recovery, Hardening and Redundancy – these are widely recognized as vital components  for successful business continuity plans. A defensive posture is useful in protecting the organization and its revenue streams but it does not directly help the bottom line.

An offensive resilience posture also consists of three building blocks, which are focused upon improving the organization’s competitive position – Accessibility, Diversification and Autonomic computing. In cloud computing environment these three components are become more critical, as we need to add security. In practice these building blocks can be used all together or in various combinations depending upon need. For example diversifying operations might allow hardening to be limited other than at sites where critical applications and data reside. Business resilience encompass business as well as IT Operations and it can be thought of as spanning six discrete layers: Strategy, Organization, Process, data/application, technology and facilities/security. We need to consider all six services layers.

Developing a security system model is the first step of architecting security solution. Common Criteria are considered to be the description of the complete function of the security system model. Common Criteria provide a taxonomy for evaluating security functionality through a set of functional and assurance requirements. The Common Criteria include 11 functional classes of requirements:

1.     Security audit

2.     Communication

3.     Cryptographic support

4.     User data protection

5.     Identification and authentication

6.     Management of security functions

7.     Privacy

8.     Protection of security functions

9.     Resource utilization

10.  Component access

11.  Trusted path or channel

These 11 functional classes are further divided into 66 families, each containing a number of component criteria. There are approximately 130 component criteria currently documented, with the recognition that designers may add additional component criteria to a specific design. There is a formal process for adopting component criteria through the Common Criteria administrative body, which can be found at: http://csrc.nist.gov/cc/

The Common Criteria functional criteria are re-aggregated by adopting multiple steps that include removing the class and family structures. An analysis of the 130 component-level requirements in relation to their function within an NIS solution suggests a partitioning into five operational categories or security sub system:

Security audit subsystem:

Solution Integrity Subsystem

Access control subsystem:

Information flow control subsystem:

Identity or credential subsystem

To design this complex security systems need a robust method and security and business continuity group need to work together to architect the secure solution that can sustain today’s cloud computing environment.

Taking infrastructure optimization and virtual world of computing to the next level.

Computing is no longer for the computers, more than half of the world Chips are used by the consumer electronics gear. Object-to-object connectivity has increased tremendously and will grow more.  Number of object and devices connected to internet will grow astronomically.  Primarily shrinking (nanotechnology), thinking (smart technology), tagging (Radio frequency), and feeling (sensors) will lead the IT World to the new world of innovation. The way we Manage information, work with the information, and delivering/capturing information is rapidly changing. We see financial sectors are transforming their information delivery model to a new dimension, competing to capture more customers by delivering superior quality customer satisfaction.  Enterprises are delivering information through multiple channels like Branch, Call center, Electronics, Self-service, and through multiple devices. Multichannel delivery solution module creating opportunity to transform existing architecture into SOA based Architecture and enjoying SOA’s benefit.

Enterprises are changing their work environment to become more productive, utilizing in-house skills and talents more effectively.  Delivery channel is now encompasses rich collaborative capabilities, flexible and open programmability platform, and integrated users’ experience. Most companies have at least 15 different collaborative capabilities. The scope of architecting delivery channel module has expanded and become more challenging. Responsibility of Enterprise Architect has increased they need to map delivery channel module appropriately with the TOGAF framework (assuming TOGAF as a standard frame work), need to enhance governance model, need to integrate multi channel delivery, need Information integration, and hardware/software solution evaluation and adoption.

Optimize delivery channel and delivering consistent information is the biggest challenge. Enterprise Information Integration and channel infrastructure integration will play a big role in optimization outside data center or infrastructure domain. If we take a look into capital market business model, they have typically sell side, buy side and trading exchange. We see primarily six patterns in all the three hubs. Access Integration, Application Integration, and Collaboration, so on and so forth. Optimizing each of these patterns can help to save tremendous amount of cost.  Contact me for detail about optimization and its implementation.  

Banking Industry - Channel integration is the answer to the high quality customers’ experience

World’s leading banks are competing to deliver top quality customer experiences. They are striving to deliver their products faster, low cost, and with higher quality of customer experiences. Cloud computing and SOA infrastructure are adding more value to the transformation of client experiences. New paradigm shift will have many positive impacts on channel infrastructure and delivery model design. Delivery channels in Banking industry have Self service, Branch, Electronics, and Call Center in one end and products like Deposits, withdraw, loan, etc on the product side. Of course there are multiple sub-channels under each major channel. Unfortunately lack of integration across channels is causing tremendous frustration and bad quality of experience to the customers.  Customers are experiencing many touch points with the Bank for a single business process thread that are creating lots of opportunity for integration. If we create a use case model of customer interaction we will see the amount of time, money both bank and customers are spending are significant. It will reveal un-integrated line of business creating fragmented customer interaction. Vendors are coming up with many products to improve customer satisfaction. We need products but products come after completing the required operational model. Multichannel Architecture, Transformation to SOA, and information Integration are the major challenges to the IT. For total solution with road map to accomplish target objectives and vision with new computing model and technology require for this transformation. For the techniques paper on this topic please contact me.

Five New Technologies That Will Change Enterprise Computing

Five New Technologies That Will Change Enterprise Computing

Enterprise Architecture - Delivering values and ROA

Enterprise Architecture should not be measured by ROI, rather be measured by Return on Assets (ROA). I think all of us will agree on the Gartner Analyst’s comment. Now the question is how will you measure the return on assets? We should not consider only hardware and software assets. We need to consider the information and intellectual Capitals too. How efficiently we are utilizing our server, storage, network, software, and communication engineering systems? How much the fusion of business and IT helping the enterprise to meet the ever changing demands and supporting growth? Is the IT department is flexible enough to support the business needs within a short time? Enterprise Architecture and its creators add values by delivering key work products like IT Strategy, Roadmap, enablers to achieve superior competitive capabilities, and creating solutions for those questions. These values are difficult to measure. To find out the value of ROA in a measureable unit, we need to adopt well defined value matrix for each EA work products.

Return on assets (ROA) can be measured by calculating values for the work products by allocating appropriate waightage to the each Architecture design work product, and asking the questions about purpose of each work product and if not available scenarios. Various sub-products come out from the primary work of EA effort like: impact analysis of the various components of the systems, these add to the overall value chain of EA. The decision of what architecture work products require will not be the same for all enterprises. Selecting right architecture work products is a key to the success of overall EA program and establishing its value chain.

Using right tools and right templates for creating Architecture design work is equally important. Industry standard tools like TOGAF Architecture Framework, Templates, and Architecture Development Method will help in creating right enterprise architecture that improve your ROA. The picture at the top of this article depicts a conceptual view of an EA framework and deliverables using TOGAF, COBIT, and ITIL. If you like to have a technique paper on Delivering EA values please contact me.

IT strategy to deliver cloud computing values

In my earlier article “IT Strategy to deliver cloud computing values” (http://nandiamit.blogspot.com/2009_04_01_archive.html), I mentioned I will discuss about approach of implementing cloud computing at enterprise level. Here I would like to discuss about potential stapes or approach to implement the cloud computing. According to IDC in 2010 about 14.4% of Enterprise’s IT budget allocated for private and/or public cloud computing. So enterprises are already started working on or planning to transform their IT infrastructure into cloud computing model. National Institute of Standards and Technology, Information Technology Laboratory has already defined Cloud computing as a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.

Business challenges and IT priorities are the two major factors that will set the direction of the cloud computing initiative for most enterprises. Mapping enterprise’s characteristics like competing on time to market and quality, with business challenges like must keep space with rapid change in market place, and with IT priorities like non functional requirements are the best place to start. Cloud computing from architecture perspective has five distinct layers: Infrastructure Services, Platform Services, Application Services, Business Services, and People Services or Standard Internet Services. Most enterprises do not have any distinct layer definition or supporting structure. Now the question is do we need to work on this area to adopt Cloud computing model. I will say you do not have to but keep the big picture in mind and create a tactical plan for immediate steps that will help cloud computing implementation.

Therefore, we should first complete the mapping of business challenges and IT priorities. Create all architecture documents as a next step. Challenge comes when you have to make decision about application migration to cloud computing model. Output of Analytic Hierarchy Process of all potential applications can help to make decision about application identification and migration strategy. Please contact me for how to develop IT Strategy, road map, and identifying projects for transforming your enterprise into cloud computing model.

Products selection comes after completing SOA design work

Choosing right SOA vendor/products is very challenging and difficult task. Implementing SOA products is not implementing SOA, because you cannot buy SOA. As we all know that SOA is an approach and style of architecture design. Enterprise needs to separate architecture design from the implementation. We need to remember architecture is product agnostic. Productivity, agility, responsiveness, software reuse, and easy to support business growth are among the benefits that an enterprise gains through successful adoption of SOA at enterprise level. Enterprises set its business objectives and technology objectives. SOA helps to achieve the objectives through its service orientation approach. As mentioned above the principles of the service oriented architecture design style or characteristics are modularity, loose coupling, separation of concerns, encapsulation, and single implementation. These characteristics make the IT Environment agile, increase responsiveness, and focused. Therefore, IT environment can sustain change and dynamic nature of today’s business world. The SOA style of design provides several benefits to an enterprise that include both IT and Business community.

Implementation of SOA at enterprise level should be done in small steps. Implementing at single LOB at a time may be easy and less complication. Think about big picture and execute at smallest level.

Primarily SOA should be implemented in an organization adopting an approach that most appropriate for the organization. This can be achieved by creating an Enterprise Architecture framework using TOGAF, FEA, FSAM, and existing EA or any other framework. Creating Governance module upfront can make the process easy. Using COBIT, ITIL, and existing Governance module may be the right approach for most organization to create a new Governance module that support SOA.

Selection of the right software, and hardware should be done after creating a operational module. Selecting products or using existing products are the real challenge in this step. Most vendors try to sell their SOA supported products in very early stage of Architecture Design Cycle. Enterprise needs to go through product selection process carefully and select the right one for their enterprise as specified in the Architecture document. At this step they need to map the products with their physical operational model.

In summary do not select the products before designing the architecture. You design a SOA and then map products to the operational model. If you have any questions please call me.

EAI and CEO Study - an Architect's perspective

Two keywords “Complexity” and “Sustainability” came out from two different 2010 CEO study one by UN Global Compact-Accenture and other one by IBM. CIO/CTO can address these two issues from multiple areas. I think Application Integration is one of the hottest areas which are very complex and most enterprises are spending lot of money and time in business applications support. Cloud computing model can encapsulate the operation complexity, but sustainability and cost containment can only be achieved by addressing the vexing issues. I am exploring EAI in this article.

In most organization applications are running in silos or partially integrated, they are yet to achieve fully integrated systems. Therefore, they are missing numerous opportunities to help their business growth. IT is trying to come out of silo scenario in their IT operation environment for some time through optimization, virtualization, systems integration, etc. programs. Unfortunately even today, most of the IT department facing the challenge of making their IT operating environment simple, and how to support their business to sustain rapid changes and dynamic business environment? This article will give an overview of EAI which is one of the topics of my white papers series that address the pain points of those areas relate to the keywords “Complexity” and “Sustainability”. .

Enterprise Application Integration is a subsystem. It is not a core business function but enable the interaction between multiple business applications that can be one or more integrated business systems, components, external business partners systems, and other business unit systems to provide one or more business systems. EAI architecture defines a framework to:
• Facilitate interaction between endpoints
• Enable distributed operation of business components
• Insulated end points
• Provide an infrastructure that is scalable and extensible
• Explore to use the existing infrastructure services
• Enable reuse of end points
• Enable phased approach to implementation
• Enable easy maintainability

In almost every case, an EAI subsystem will be implemented using packaged integration applications. As a result, product selection plays a central role in the specification of an EAI architecture. This paper focuses on the preparation of the conceptual EAI Component Model. Architecture design should be carried out within the scope of total system development, and with respect to the related EAI techniques.
Prior to initiating product selection the component model need to be elaborated to a specification level. Both product selection and component model specification need to be well documented. The only EAI unique aspect to specification of the component model is the use of the EAI Attributes Blueprint as the consolidated source of parameters for the model.

The EAI Conceptual Architecture should be expressed through a number of work products like Architecture Decision and Architecture Model in the context of enterprise’s EA blueprint, and its Component Model diagram. To develop the EAI architecture five basic steps need to be followed:

1. Make initial architecture decision
2. Identify EAI services
3. Create multiple nodes or partition the systems
4. Identify EAI categories
5. Apply the architecture pattern

In this white paper I have provided an approach to the creation of a conceptual level system component model specific to EAI and other sub products require to implement EAI in a complex IT Environment of an enterprise. Please contact me for the white paper.

The Value of Pattern Analysis in IT Architecture design work.

Christopher Alexander, an architect noted for his theories about design, and for more than 200 building projects around the world. Once he said - “Each pattern describes a problem which occurs over and over again in our environment, and then describes the core of the solution to that problem, in such a way that you can use this solution a million times over, without ever doing it the same way twice.” Of course, he said this about building and towns. But this is true for any design work that includes IT. We see this quote in many IT architecture articles and books. It is true for our everyday life, in music, in creating mold, so on and so forth. In architecture design methodology the value of pattern analysis is tremendous. In designing IT Architecture from scratch or to redesign an existing system the pattern analysis can save tremendous amount of time and money. In service oriented architecture design work we often decompose business process to its coarse grain level to identify a service. When identifying and naming each business process service we are following design pattern concept. Most of the time we do not call it a pattern analysis, but we do pattern analysis. Making pattern analysis as a separate step like use case design modeling or component design modeling, etc., we can get enormous benefit. True value of creating once and use multiple times can be optimized through Pattern Analysis. It gives a structural approach to create right number of services for your architecture design work. Implementing pattern analysis while doing architecture work and how to get maximum value from this work is one of our unique capability. For detail information please contact me.

Virtualization is incomplete if you do not do provisioning, because they are complement to each other.

Workload management, virtualization, and provisioning work together and enterprise can be benefitted by considering provisioning and workload management services at the same time when undertaking a virtualization effort. An architect must include provisioning and workload management services when they are architecting virtualization. Most company focused only on server virtualization as their virtualization endeavor. But the enterprises cannot get the maximum value of optimization through only virtualization, that too only server.
Virtualization improves the utilization of IT resources, information, people assets because it allows you to treat resources as abstract entities, accessing and managing those resources across your organization more efficiently, by effect and need rather than physical location. Virtualization provides ways to abstract physical resources so they can be accessed as a pool of logical resources. Enterprise Architect needs to provision Server, Storage, Network, and Web Services virtualization when undertaking any virtualization effort. Focusing on a single component can be expensive; implementation can be done in various stages but overall architecture design need to be considered taking a holistic view while designing Enterprise Architecture.
As I mentioned earlier virtualization provides ways to abstract physical resources, but if you do not optimize your resources real value of virtualization cannot be realized. Policy-based orchestration is about providing an end-to-end IT service that is dynamically linked to business policies, allowing the ability to adapt to changing business conditions. Having each individual element of an IT system respond to change is a great start, but in the end, to truly be an on demand business requires orchestration of the automation of multiple elements of the systems so that the entire IT infrastructure is responding as it should to changes in business policies or conditions. For example, if a customer’s order entry application suddenly experiences a surge in load, just allocating more CPU may not be enough; it may also need additional storage, more network capacity, and even additional servers and new users to handle the increased activity. All of these changes must be orchestrated so that the dynamic allocation of multiple resource elements occurs seamlessly.

Orchestration enables data centers to move from just-in-case provisioning (providing enough resources to fulfill peaks in IT infrastructure demand, which typically results in low resource utilization) to just-in-time provisioning: automating the infrastructure and executing configuration changes in a repeatable manner, eliminating human execution errors. A typical example of a data center running three applications, in which one application needs additional resources to attend to user demand, while the other two have enough or even extra resources allocated to them. Traditional, manual provisioning practices do not make it practical to move resources from one application to another to meet short-term peaks in demand. Instead, we engage in what we call the just-in-case provisioning cycle: If you look carefully, virtualization and provisioning are complement to each other.

Benefit of virtualization and provisioning flows ultimately to Workload Manager. workload Manager and system provisioning work together. System Provisioning monitors workload across a set of provisioned devices. Enterprise Workload Management (eWLM) is one example of a monitoring technology that provides a basic infrastructure for monitoring and managing a collection of heterogeneous distributed servers.
Workload Management refers to any subsystem that provides functionality to distribute workload across resources within a system or across systems within a network. Within a system, these are usually provided by operating system services, and manage processor, I/O and memory resources according to task priority, resources requested, available resources and other scheduling rules. Higher level OS facilities (e.g. LPARs, Process Resource Managers) may also be available to limit and/or dedicate specific resources to specific tasks or task environments.

A successful EA design should encompasses Workload Management, Provisioning and Virtualization.

Business Resiliency in today's IT World

Business resilience has moved us from the sense of reacting and then recovering from an event to becoming impervious to the event. Business continuity focus upon a defensive resilience posture, it consist of three components – Recovery, Hardening and Redundancy – these are widely recognized as vital ingredient for successful business continuity plans. A defensive posture is useful in protecting the organization and its revenue streams but it does not directly help the bottom line.
An offensive resilience posture also consists of three components, which are focused upon improving the organization’s competitive position – Accessibility, Diversification and Autonomic computing. In practice these components can be used all together or in various combinations depending upon need. For example diversifying operations might allow hardening to be limited other than at sites where critical applications and data reside.
Business resilience encompass business as well as IT Operations and it can be thought of as spanning six discrete layers: Strategy, Organization, Process, data/application, technology and facilities/security. Please contact me for more information.

Right delivery channel strategy that includes HW/Devices, SW, Architecture, and Technology can help to reduce enterprise IT cost.

Software license fees are going up every year, managing assets is also getting expensive. Most enterprises are not looking into their cost of delivery channel. I would like to focus here on delivery channel. For large enterprises, this is a substantial cost and need attention. Enterprises need to have a right client strategy to optimize and control cost. Client is a part of the delivery channel of an Enterprise Architecture. It encompasses, the Software, the Hardware and the delivery devices like desktop to notepad, PDAs, smart phone, near field communication devices, and many other hand held devices that are used to support end users day to day work. Creating enterprise client strategy needs major work and it is time consuming, as we are having so many options. We have so many software, and hardware to be selected from substantially large array of products and also from multiple vendors like Google, Microsoft, IBM Lotus, and open source products just a name a few. We need to create a client strategy, as well as road map that will support immediate need of the enterprise, as well as be able to accommodate future need. Enterprises need to serve multiple channels/users. Policy and governance model for each channel are different. Today’s enterprises typically support Business to Business, Business to Customers, Business to Employees, and Business to Agents channels. Selection of right platform with right software need to be designed based on use case definition for each channel along with the other modules that an EA design needs. Finding out the pattern and common functions for each LOB is very critical. Implementing collaboration functionality among and within the channels is becoming challenging, as one has to select right products set. Carefully architecting and developing right strategy will help to keep the cost down (License fees, TCO, asset management, etc.). I see this as a major architecture endeavor for any organization. Initial investment can help cost savings in down the road. Implementation of control and policy may be a nightmare. Right strategy, right policy will definitely reduce cost, will increase productivity, and boost innovation. Now the question is how to determine what amount of budget need to be allocated for this initiative?