If compliance is so important, bake it into the platform

Can we take that governance and work with the platform team to codify, to automate that which they were doing on a per application basis – that’s, quiet frankly slowing down the delivery of the software – can we take that governance and can we have them work with the platform team to codfiy, to actually automate on a per application basis, have them expose that as a service on the platform

Cornelia Davis on governance and cloud-native, “Who Does What? Mapping Cloud Foundry Activities and Entitlements to IT Roles,” August 2016

In other words: you should not only automate the audit three-ring binders of compliance, but enforce as much as possible in the platform.

The rest of the talk is good stuff on how think through re-arranging your organization to be all DevOps-y, with the help of Pivotal Cloud Platform to automate all the infrastructure and middleware stuff:

Pacing cloud-native transformation, and actually doing the work to increase productivity

I like to tell large organizations that compared to the break-neck pace of “the silicon valley mindset,” they can operate at a leisurely pace. That pace is usually fast for these enterprises, but their problem set and risk profile is a lot different than hats on cats. Abby has a nice, short write-up that hits on this topic among others:

By the end of his first year, Safford and his teams had built prototypes and market tests and finished 16 new software projects.

At Home Depot, they were at about 140 to 150 projects after a year or so. However, it’s common in the first year to do a lot of replatforming of “simple,” mostly cloud-native compatible apps in there. You can do these at a pretty fast clip, with the rule of thumb being 10 apps in 10 weeks. This is in addition to new applications, but explains high numbers like those at Home Depot. I suspect the Allstate numbers are mostly net-new apps, though.

Goals:

Safford’s eventual goal is to shift Allstate software development to 70 percent extreme agile programming and 30 percent traditional scrum and waterfall. Where developers used to spend only 20 percent of their time coding software, today up to 90 percent of their days are spent programming. Each of his CompoZed development labs around the world has the same startup look and feel, including scooters parked in the hallways. This is not your grandfather’s insurance company anymore.

What you hear over and over again from organizations going cloud-native is that developers were spending lots of time in meetings, checking email, and otherwise not coding (and, yes, by “coding” I don’t mean just recklessly LOC‘ing it up without design, and all that). Management had to spend much effort to get them back to coding.

As I fecklessly tell my seven year old when he’s struggling with homework: the only way to finish this quickly is to actually do the work.

(Also: nice write-up from Abby!)

Source: Don’t Forget People and Process in Your Digital Transformation

How JPMC is making IT more innovative with PaaS, public and private

wocintech (microsoft) - 154

A good, pretty long overview of JPMorgan Chase’s plans for doing cloud with a PaaS focus. Some highlights.

More than just private-IaaS and DIY-platforms:

Like most large U.S. banks, JPMorgan Chase has had some version of a private cloud for years, with virtualized servers, storage and networks that can be shared in a flexible way throughout the organization.

The bank is upgrading its private cloud to “platform as a service” — in other words, the cloud service will manage the infrastructure (servers, storage, and networks), so that developers don’t have to worry about that stuff.

On the multi-/hybrid-cloud thing:

By the second half of 2017, the bank plans to run proprietary applications on the public cloud. At the same time, it’s building a new, modern internal cloud, code-named Gaia.

While “hybrid-cloud” has been tedious vendor-marketing-drivel over the past ten years, pretty much all of the large organizations I work with at Pivotal have exactly this approach. Public, private, whatever: we want to do it all.

Shifting their emphasis innovation:

“We aren’t looking to decrease the amount of money the firm is spending on technology. We’re looking to change the mix between run-the-bank costs versus innovation investment,” he said. “We’ve got to continue to be really aggressive in reducing the run-the bank costs and do it in a very thoughtful way to maintain the existing technology base in the most efficient way possible.” …Dollars saved by using lower-cost cloud infrastructure and platforms will be reinvested in technology, he said.

On appreciating the scale of “large organizations” that drive their very real challenges with adopting new ways of running IT:

The bank has 43,000 employees in IT; almost 19,000 are developers.

Good luck having the “we have no process by design” process with that setup.

On security, there’s a nice, almost syllogistic re-framing of “cloud security here”:

For years, banks have worried about using the public cloud out of security concerns and fears of what their regulators will say. Ever since the 2013 Target data breach, in which hackers stole card information from 40 million customers by breaking into the computers of an air conditioning company Target used, regulators have strongly urged banks to carefully vet and monitor all third parties, with a specific focus on security.

“We’re spending a significant amount of time to ensure that any applications we choose to run on a public cloud will have the same level of security and controls as those run internally,” Deasy said.

Most notable corporate security breeches over the year have involved on-premises IT (like the HVAC example above). The point is not to make sure that “cloud is as secure as [all that on-prem IT that’s been the source of most security problems in the past], but to make sure that all IT has a rigorous approach to security. “Cloud” isn’t the security problem, doing a shitty job at security is the security problem.

Source: Unexpected Champion of Public Clouds: JPMorgan CIO Dana Deasy, Penny Crosman, American Banker

Automation at Goldman, The Computer takes out four people

Today, nearly 45 percent of trading is done electronically, according to Coalition, a U.K. firm that tracks the industry.

Pay:

Average compensation for staff in sales, trading, and research at the 12 largest global investment banks, of which Goldman is one, is $500,000 in salary and bonus, according to Coalition. Seventy-five percent of Wall Street compensation goes to these highly paid “front end” employees, says Amrit Shahani, head of research at Coalition… Investment bankers working on corporate mergers and acquisitions at large banks like Goldman make on average $700,000 a year, according to Coalition, and in a good year they can earn far more.

Automating those $700,000+ meat-sacks:

Goldman Sachs has already begun to automate currency trading, and has found consistently that four traders can be replaced by one computer engineer, Chavez said at the Harvard conference. Some 9,000 people, about one-third of Goldman’s staff, are computer engineers.

Finding the things to automate:

Though those “rainmakers” won’t be replaced entirely, Goldman has already mapped 146 distinct steps taken in any initial public offering of stock, and many are “begging to be automated,” he said.

To be all double-turns-out about the grim automation stuff, in theory, this could mean hiring more programmers and people who support those robots, bringing down those big chunks of cash from “rainmakers” and spreading it down to “lower” grade staff. Of, you know, the bank can just keep that money and trickle it up to execs and share-holders.

Source: As Goldman Embraces Automation, Even the Masters of the Universe Are Threatened

When to go private cloud

As represented with the star in the map above, according to CPI data, at labor efficiency of 1,000 VMs per engineer and 66% utilization, these enterprises are poised to beat public cloud on price regardless of whether they use a commercial orchestration software package, an OpenStack distribution or the OpenStack source.

And, on IaaS pricing:

But price still does matter: In a 451 Research custom study commissioned by Microsoft earlier this year, the biggest reason to change primary provider was price, cited by 34% of respondents. Consumers don’t necessarily want the cheapest cloud service, but they don’t want to feel ripped off. If there is a cheaper option elsewhere, it appears end users will take it into consideration.

Announcements on price cuts gather attention, and are a great publicity and discussion tool for service providers. We think cloud prices will continue to come down through 2017, and may spread beyond virtual machines into object storage, and perhaps even databases – virtual machines came down 7% globally in 2015, but the cost of our small application only came down 2.4%. The fact that margins are still healthy suggests providers aren’t sacrificing huge amounts of gross margin to give such cuts. If they are, it might be a few nickels and dimes here and there, but it’s more likely that they are reducing costs through better procurement and management. If we are in a cloud price war, we’ve yet to see it really get off the ground.

And, see more commentary on the topic of IaaS pricing.

Source: Cloud gross margins: The price war has yet to really kick off

Cloud Platform Adoption: Lessons Learned — Philip Glebow, Gap

Gap’s Philip Glebow goes over their use of Pivotal Cloud Foundry, including things that worked well and need improvement. His list of the supporting tools they use – like APM and data virtualization – is handy as well.

Some items:

  • (~2:30) Fast deploys: “We can deploy changes faster than people can really consume them.”
  • (~18:00) Developer morale: “We could really push something in five minutes… and developers love it, you click the commit button and there you go.”
  • (~19:40) [Poor transcription by me] On the danger of changing too fast: …generally we want to have a little bit of control into what goes into that production environment… but we don’t want to change so rapidly so that users are confused… There’s also a little bit of cultural change that we need to go through… ((too rapid of change is jarring)) …and as we bring that capability forward, we want to be sensitive to those concerns.
  • (~23:58) Overview of their pipeline and testing.
    (~26:29) [Poor transcription by me]  Typically we’ve organized out teams around sort of domain concepts – so we have a pricing team – then there’s several squads, then that squad is responsible for optimization – price, packing the stuff, etc. That’s how we’ve organized the teams, two pizza teams, we’ve tried to that. Also, distributed teams… sometimes that’s a little bit complicated.

Allianz now deploying to production in minutes

By changing its development practices and investing in a private cloud platform as a service, there have been clear benefits to the business. “Historically it would take two or three days for a deployment to go to production, with lots of manual production. Now with the apps in the garages we can do it on the basis of Cloud Foundry within minutes.”

Source: Allianz app deployment goes from ‘days to minutes’ with PaaS and agile practices

Making decisions quicker with failure

It’s okay to get things wrong and it’s okay to change our minds. If we’re strong enough to admit that we got it wrong, we can learn and adapt. If we accept that it’s okay to change our minds, we end up delivering something quicker as we made a decision based on the information at that time.

—Emma Hammond, Fidelity International

Source: Top 100 Quotes from the Cloud Foundry Summit Europe 2016, Altoros

Singapore’s DBS Bank selects Pivotal Cloud Foundry

According to the bank, the built-in automation of Pivotal’s cloud platform allows it to focus on delivering differentiated value, instead of being caught up with systems management and IT resource procurement. This means that DBS will be able to quickly deliver services, as well as build and update next-generation applications in order to deliver a better banking experience to users.

Another Pivotal Cloud Foundry customers. Banks seem to like it.

Source: CIO-Asia – DBS Bank leverages Pivotal to innovate at start-up speed