What kind of an enterprise architecture do you want? By asking yourself these types of questions early on, you’ll be able to establish a tenet (or tenets) to build from.
Cloud is King. Enterprises around the globe are practically sprinting to trade in their existing legacy technology architecture in favour of service-based cloud deployments or hybrid models.
It’s simple really. As enterprise decision makers continue to grow their understanding of the cloud, the seemingly endless scale of benefits that the cloud can offer is becoming impossible to ignore.
Swapping out your legacy infrastructure in favours of cloud-based deployments is by no means a small step to take – you will likely encounter a slew of technical hurdles along the way. But as consultants who have been on the forefront of the cloud movement for years, we can tell you without equivocation that the destination is worth the journey.
There are plenty of resources in place to help you build an efficient, cost-effective and scalable technology infrastructure using the cloud. The first of which are the cloud providers themselves, who will provide a wide range of services to help you to build an enterprise architecture which is perfectly aligned with your business needs.
Before you get to that level of specific services though, it is important to decide on your overall priorities – such as, what kind of an enterprise architecture do you want? By asking yourself these types of questions early on, you’ll be able to establish a tenet (or tenets) to build from.
But what are tenets, exactly? Read on and find out!
Tenets are guiding principles which help ensure that your enterprise architecture is properly aligned with your business priorities. All five factors listed below will need to be balanced, however establishing a hierarchy of tenets is key: this will enable your business to prioritise correctly when any conflicts arise, helping you overcome any analysis paralysis that may set in.
For example, if availability is your number one tenet, you will likely benefit from an AWS Direct Connect, a highly-redundant connection from either your on-prem or colocation centre directly into AWS.
This is the tenet will likely resonate most with your CFO, as it ensures that all architectural decisions are fully cost-aware. It also has the capability to essentially guarantee cost effectiveness. Keep in mind that both capital and operational expenditures (CAPEX & OPEX) will need to be carefully determined for every workload so that your business will see the most profit for the least amount of expense.
Prioritising a cost-centric metric helps to keep businesses competitive because they can pass savings down to their clients. It will, however, result in slower, more conservative developments, with some potential improvements forced to the shelves if cost implications are unknown.
If business availability is your highest priority, you should focus on the geographical and technological aspects of your deployment. Public cloud service providers address this need by offering the option to set up your network in different countries and regions. This will result in multiple redundant connections and route optimisation. The result? High availability, low latency and high throughput.
If you’re in a highly competitive and consumer-centric businesses, then agile development and flexible deployments may be your first priority.
For businesses sold on the cost-saving, availability and agility benefits of cloud deployments, a ‘cloud first’ tenet can accelerate movement away from costly legacy architecture. Following a cloud-first tenet will ensure that new business applications won’t be deployed within a non-approved cloud architecture.
Due to the risks and implications of cybercrime and data breaches, many businesses are opting for a security-first tenet – and rightly so. The emphasis will be making sure that data is as secure as possible, both while in transit and during storage. In addition, all workloads may need to be authorised by the security team prior to deployment.
Some companies operate on a zero-trust basis with their cloud service provider, retaining control of all encryption keys (e.g. managing key rotation, storing keys on an HSM, etc.). Others operate on a total trust basis, relying on the cloud provider’s own enterprise-grade security processes to keep data secure. Whichever level of trust you employ depends on a variety of factors, such as your security approach and your familiarity with the cloud provider you’re using.
The importance of prioritising tenets cannot be understated. If done correctly, they will help you to frame your policies, procedures and standards, building an enduring foundation for your enterprise architecture.
When facing a massive undertaking such as building your enterprise architecture, it’s often much easier to approach individual components separately rather than to attack the whole. Same goes for mapping cloud services to your architecture.
Almost any enterprise architecture can be split into four domains: business architecture, application architecture, data architecture and technology architecture.
Business architecture comprises your organisational structure, which is the individuals, organisations and systems which work together to deliver your services. It’s the What and the Who of your business.
Application architecture includes all of your business applications, their interactions and their relationship to your core business. It’s the How of your business.
Data architecture includes all of your data assets, both virtual and physical. As well as being a component in and of itself, data – in the form of analytics – is utilised to evolve the business architecture.
Finally, your technology architecture is the hardware and software through which the other domains are manifested. It includes all physical and virtual hardware and software.
In addition to these domains, there is the spatial aspect of each of these components, (i.e. the Where of your business). Together, these form your application landscape. This landscape evolves through a twin process of auditing and maintenance.
Once you’ve segmented this architectural model into the 4 parts listed above, it will be much easier to map cloud services onto the different domains.
Choosing a public cloud provider to essentially marry your entire business to can be a stressful process, but it’s a decision that will be paid back in spades if done correctly. With so much to consider in such a saturated marketplace, don’t be afraid to look into cloud consulting services for help. Top tier consultants will be well-versed in every facet of the cloud as well as the strengths and weakness of every public cloud vendor, and you’ll end up saving a ton of time and money in the long run by avoiding costly mistakes.
All right, let’s get into some examples, shall we? As we mentioned, the public cloud space features a large number of different vendors, but the big players are Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP). For the purpose of this article, we’ll focus on AWS, the current market leader in public cloud services
AWS Organisations allows you to arrange your AWS accounts into Organisational Units (OUs), which will help you align specific cloud services with your business architecture. By using OUs, you’ll be able to combine central governance with autonomy for individual teams or business units.
AWS IAM aligns with the individuals, organisations and systems identified in your business architecture domain – the Who of your business. IAM is used to set up users and roles, which can be managed at OU level (via Secure Copy Protocol) and at individual level for granular access management.
AWS Service Catalog maps onto your application architecture, providing a central place for managing your business application and service portfolio. Centralisation simplifies standardisation and compliance
Use AWS tags and resource groups to organise your projects both in a geographical and logical sense. This relates to the Where of your enterprise architecture.
AWS CloudTrail enables account-wide auditing of business activity. This service can reveal every API call and every action taken by users, whether through the AWS Management Console, SDKs or CLIs.
AWS CloudWatch monitors your application landscape and can be configured to react to changes in your AWS resources. It can also track metrics. Together with AWS CloudTrail, this service simplifies governance and compliance in the cloud.
During your cloud migration and evolution, you’ll need to monitor how any changes affect the performance, security and compliance of your enterprise architecture. AWS Config continuously monitors and records your AWS configurations and compares them with target configurations.
We just threw a lot of information at you, but don’t be intimidated. Just by reading this, you’ve already taken an important first step in taking your enterprise architecture into the future via the cloud.
Just remember this process and you’ll be rocking and rolling in the cloud in no time:
Author: Paul Cooney