The Future of Enterprise IT: Lessons Learned: Jonathan Allen - AWS Enterprise Strategy

The Future of Enterprise IT:
Lessons Learned
Jonathan Allen - AWS Enterprise Strategy

2018
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Personal career timeline
Energy System
Sector Integrator
1996 1998 2000 2017
Compelling reasons to move Cloud
Agility/dev Data center Digital Cost

productivity consolidation transformation Reduction
Acquisitions Large scale Facility or Colocation

or divestitures compute intensive real-estate or outsourcing
workloads decisions contract changes
What if you could devote more resources to
the things that matter
and move faster while being more secure?
Largest Number Of Enterprise Customers
Modern Product Development
What we’ll cover:

How Amazon achieves flow
How to transform your Enterprise IT
Methods and Principles of
Modern Product Development
Design Thinking Agile Teaming DevOps

Interface to customer The organizational glue Interface for getting
and feedback loop that keeps release cycle stuff built and released
moving continuously
Design Thinking is just…
User
Centered USER
Design
Practical Principles: Design Thinking
Bring the outside in 1. First gain empathy
Pinpoint the pain point 2. Then frame the problems
Radical ideas, real impact 3. Now you can ideate
Build to learn 4. Run simple, fast, frugal tests
Agile Teaming
Focus: respond quickly to feedback
SCRUM
Agile Principle Continuously groomed backlog
Learning over
No changes to work plan made during sprint
following a plan
Product increment: must be completed, integrated and tested
Each Agile framework has a way of bringing feedback into its workstream
Agile Teaming
KANBAN
Agile Principle Finish task and pull forward next work item
Learning over
Uses work-in-progress (WIP) limits and cycle-time to manage
following a plan flow of new development
Adapted from Toyota Production System
Agile Teaming
XP – Extreme Programming
Agile Principle Emphasizes technical excellence as a way to remain agile
Learning over
Pair programming and code reviews are common methods
following a plan
Frequent checkpoints - Allows for constant feedback on
customer requirements
Practical Principles: Agile
Use release maps 1. Rip the Band-Aid off, but have mercy
Two pizza team model 2. Keeping it real…and small
Power of the demo 3. Show something every sprint
Find your agile center 4. Trap: Agile by the book
DevOps
Focus: promote and enable fast feedback
DevOps Principles
Automate all things

All of these reduce cycle time and allow builders to focus
Eliminate handoffs
on product, quickly deploying and collecting feedback
Establish guardrails
Putting the Pieces Together:
Finding Organizational Flow
Design Thinking Agile Teaming DevOps
MVP
Minimum Viable Product: What is the smallest thing you can
test to prove the unproven parts of your idea
Start with value hypothesis and growth hypothesis

Run small experiments to see if there is both value and demand
Bias towards many small tests vs. larger, extended ones
Persevere or pivot early based on results
“One accurate measurement is worth more than a thousand expert opinions.”

-Admiral Grace Hopper
Typical Release Testing
Most Tests
Occur Late Concept Dev Deployment Production
Functional Monitor
In Process Acceptance Respond to
Performance Defects/Incidents
Security/
Compliance
Continuous Testing
Concept Development
Hypothesis Functional
A/B Acceptance
MVP Performance
Always Security/Compliance
Be
Testing Production Deployment
Prod Testing Functional
Chaos Engineering Acceptance
User Testing Feedback Performance
Security/Compliance
Canary
How Amazon Achieves Flow
Working Backwards Two Pizza Teams Microservices

From the customer Run what you build Speed and agility
PR Write the Press Release: Think big and focus on the
customer need
Working backwards
from the customer Write the FAQ: Customer and internal stakeholder
Define the user interaction and write the manual
Amazon Achieves Speed and Agility with Two-Pizza Teams
Small, Own/run
decentralized what you
teams are nimble build
Monoliths: Slow and Rigid
Developers Monolithic Application Delivery Pipeline
Build Test Release
Microservices: Speed and Agility
Developers Microservices Delivery Pipelines
Build Test Release
Build Test Release
Build Test Release
Microservices Principles
Single Purpose
API-based http://
Highly-decoupled
Impact of Cloud on
Product Development
Reducing Cost Rapid Adoption of Quickly Scaling

of Failure New Capabilities Winning Ideas
Traditional Enterprise IT
Information Security Encryption, Key Management,

Identity Management, Firewalls, IDS,
CISO DDoS
Products & Services Back Office Systems End User Computing

CTO/VP Applications CIO/VP Corp Systems VP IT Support
Digital Products, Brand
E-mail, Productivity, Desktop Support, Device
Websites, Mobile
Collaboration, HR, Management, Telephony,
Applications, Point of Sale
r Finance, ERP IT Support
Systems, Commerce

CISO DDoS

Websites, Mobile
Systems, Commerce
Infrastructure/Delivery
VP Infrastructure

CISO DDoS

Websites, Mobile
Systems, Commerce
VP Infrastructure PMO Engineering Operations Design
Future of Enterprise IT – Hybrid state
Information Security

Cloud CBO & CCoE
VP Infrastructure
Single-threaded leader
“Declare a Bold Cloud Objective”
2-pizza cloud business office
Single-Threaded Leader
Procurement Legal CISO CFO Head of Head of Engineering Risk Leader HR

Infrastructure Delivery Audit Leader
Step 1: Build a two-pizza Cloud Tiger Team
“If you can't feed a team with two pizzas,

the team is too large.”
- Jeff Bezos
Step 2: Staff your Cloud Tiger Team
Product Manager
Cloud Adoption Framework – People Perspective

Lead Architect
Infrastructure Engineers
Leadership
Security Engineers
Infrastructure Leadership
Operations Engineers
Infrastructure Leadership Security
Application Engineers
Operations
Applications
Operations
Get clear on your objectives
AGREEMENT
Cost Security Compliance Availability Feature & TTM

objectives objectives objectives objectives objectives
Get clear on your objectives Cost
On-Premise AWS
8%
21%
16%
Facility (lease/power/maint)
26%
Facility Improvements 1%
2% Cloud
Connectivity
Hardware - Refresh/Growth Software
Hardware - Buildout
Software
84%
42%
5-Year On-Premise vs. Cloud Costs = (GAAP) savings of 68.9%

Get clear on your objectives Security
Customer data
Platform, applications, identity, & access management
Operating system, network, & firewall configuration

Client-side data encryption & Server-side encryption Network traffic protection
data integrity authentication (file system &/or data) (encryption/integrity/identity)
Customer is responsible for

security in the cloud Compute Storage Database Networking
Regions
AWS Global Edge
locations
Customer
Infrastructure Availability Zones
AWS
AWS is responsible for
security of the cloud
Get clear on your objectives Security
AWS has a deep set of security tooling

Networking Encryption Identity & management Compliance
Virtual Private Cloud Key Management Service IAM Service Catalog
Isolated cloud resources Manage creation Manage user access Create and use standardized
and control of and encryption keys products
encryption keys
Web Application Firewall Config
Filter malicious web traffic SAML Federation Track resource inventory
CloudHSM SAML 2.0 support and changes
Hardware-based to allow on-premises
Shield identity integration
key storage CloudTrail
DDoS protection
Track user activity and
Directory Service API usage
Certificate Manager Server-Side Encryption
Flexible data Host and manage Microsoft
Provision, manage, and CloudWatch
encryption options Active Directory
deploy SSL/TSL certificates Monitor resources
and applications
Organizations
Manage settings for Inspector
multiple accounts Analyze application security
Macie
Discover, classify & protect data
Get clear on your objectives Compliance
Certifications & attestations Laws, regulations, and privacy Alignments & frameworks
Cloud Computing Compliance Controls
🇩🇪 ✔ Argentina Data Privacy ✔ CIS (Center for Internet Security) 🌐 ✔
Catalogue (C5)
Cyber Essentials Plus 🇬🇧 ✔ CISPE 🇪🇺 ✔ CJIS (US FBI) 🇺🇸 ✔
DoD SRG 🇺🇸 ✔ FERPA 🇺🇸 ✔ CSA (Cloud Security Alliance) 🌐 ✔
🇪🇸
ENS High GDPR 🇪🇺 ✔ EU-US Privacy Shield 🇪🇺 ✔
FedRAMP 🇺🇸 ✔ GLBA 🇺🇸 ✔ FFIEC ✔

FIPS 🇺🇸 ✔ HIPAA 🇺🇸 ✔ FISC 🇯🇵 ✔
IRAP 🇦🇺 ✔ HITECH 🌐 ✔ FISMA 🇺🇸 ✔
ISO 9001 🌐 ✔ IRS 1075 🇺🇸 ✔ G-Cloud 🇬🇧 ✔
ISO 27001 🌐 ✔ ITAR 🇺🇸 ✔ GxP (US FDA CFR 21 Part 11) 🇺🇸 ✔
ISO 27017 🌐 ✔ My Number Act 🇯🇵 ✔ ICREA 🌐 ✔
ISO 27018 🌐 ✔ Data Protection Act–1988 🇬🇧 ✔ IT Grundschutz 🇩🇪 ✔
K-ISMS (Korea) ✔ VPAT/Section 508 🇺🇸 ✔ MITA 3.0 (US Medicaid) 🇺🇸 ✔
MLPS Level 3 🇨🇳 ✔ Privacy Act [Australia] 🇦🇺 MPAA 🇺🇸 ✔

MTCS 🇸🇬 ✔ Privacy Act [New Zealand] 🇳🇿 ✔ NIST 🇺🇸 ✔
PCI DSS Level 1 💳 ✔ PDPA—2010 [Malaysia] 🇲🇾 ✔ Uptime Institute Tiers 🌐 ✔
SEC Rule 17-a-4(f) 🇺🇸 ✔ PDPA—2012 [Singapore] 🇸🇬 ✔ Cloud Security Principles 🇬🇧 ✔
SOC 1, SOC 2, SOC 3 🌐 PIPEDA [Canada] 🇨🇦 ✔
🌐 = industry or global standard Spanish DPA Authorization 🇪🇸 ✔ ✔
Get clear on your objectives Availability
Availability Downtime per year Categories
Batch processing, data extraction,

95% (1-nine) 18 days 6 hours
load jobs
99% (2-nines) 3 days 15 hours Internal tools, project tracking
99.9% (3-nines) 8 hours 45 minutes Online commerce
99.99% (4-nines) 52 minutes Video delivery, broadcast systems
99.999% (5-nines) 5 minutes Telecom industry (ATM Transactions)
Part X Part Y
A = AX AY
Part X Part Y
A = AX AY
Component Availability Downtime
X 99% (2-nines) 3 days 15 hours
Y 99.99% (4-nines) 52 minutes
X and Y Combined 98.99% 3 days 16 hours 33 minutes
…availability in series
Part X
Part X
A = 1 – (1 – AX)2
Part X
Part X
A = 1 – (1 – AX)2
Component Availability Downtime

X 99% (2-nines) 3 days 15 hours
Two X in parallel 99.99% (4-nines) 52 minutes
Three X in parallel 99.9999% (6-nines) 31 seconds
Availability Zone A Availability Zone B Availability Zone C
AWS Region Availability
Multi-AZ—well-architected Availability
AP P L I C AT I O N
Get clear on your objectives Feature
& TTM
TECHNICAL & BUSINESS SUPPORT

Professional Optimization Partner Personalized
Support Training & Certification Solutions Management Account Management Security & Billing Reports
Services Guidance Ecosystem Dashboard
MARKETPLACE
Business Apps Business Intelligence DevOps Tools Security Networking Databases Storage
ANALYTICS DEV OPS MOBILE SERVICES IoT MACHINE LEARNING ENTERPRISE APPS HYBRID ARCHITECTURE MIGRATION
One-click App Custom Model
Data Warehousing Elasticsearch API Gateway Rules Engine Virtual Desktops Data Integration Schema Conversion
Deployment Training & Hosting
Image & Scene Exabyte-Scale

Business Intelligence Data Pipelines Resource Templates Single Integrated Console Device Shadows Sharing & Collaboration Integrated Networking
Recognition Data Migration
Interactive SQL Facial Recognition Integrated Identity & Application Migration

Hadoop/Spark Build & Test Identity Device SDKs Corporate Email Access
Queries & Analysis
Streaming Data Application Lifecycle Integrated Resource & Database Migration

ETL Sync Device Gateway Facial Search App Streaming
Analysis Management Deployment Management
Streaming Data DevOps Resource Text to Speech Integrated Devices Server Migration
Mobile Analytics Registry Communications
Collection Management & Edge Systems
Triggers Local Compute Conversational Chatbots

Mobile App Testing Contact Center
APP SERVICES
Deep Learning
Queuing & Notifications Email Containers Targeted Push
(Apache MXNet,
Notifications
TensorFlow, & others)
Workflow Transcoding Analyze & Debug
Search Patching
INFRASTRUCTURE CORE SERVICES SECURITY & COMPLIANCE MANAGEMENT TOOLS

Compute Monitoring Assessment Manage Service Configuration
Regions Storage Databases Identity Management Access Control Web Application Firewall
VMs, Auto-scaling, Load Balancing, Object, Blocks, File, Archivals, Relational, NoSQL, Caching, & Logs & Reporting Resources Catalogue Tracking
Containers, Virtual Private Servers, Import/Export, Exabyte-scale data transfer Migration, PostgreSQL compatible
Batch Computing, Cloud Functions,
Elastic GPUs, Edge Computing
Availability Zones Server
Configuration Key Management Account Resource & Usage DDOS
Networking CDN Monitoring Management Resource Templates
VPC, DX, DNS Compliance & Storage Grouping Auditing Protection
Points of Presence
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 100+ Services…
Scale beyond the “two-pizza” team
Infrastructure Applications Leadership Operations Security
Cloud Engineering Cloud Business Office

(Leader) (Leader)
Infrastructure Operations Security Enterprise Change Mgmt

On-Boarding
Engineering Engineering Engineering Architecture Communications
Governance Finance
Engineering teams will specialize in an area, but will have a

common set of skills shared across all product teams
Trust, but verify
Trust
Trust, but verify
Trust
Cost Security Compliance Availability Feature & TTM

objectives objectives objectives objectives objectives
Trust, but verify
Verify
Capital One
Cloud Custodian
Thank You!
AWS Enterprise Strategy

@jonathanallen02
2018

The Future of Enterprise IT: Lessons Learned: Jonathan Allen - AWS Enterprise Strategy

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

The Future of Enterprise IT: Lessons Learned: Jonathan Allen - AWS Enterprise Strategy

Uploaded by

Copyright:

Available Formats

The Future of Enterprise IT:

Jonathan Allen - AWS Enterprise Strategy

1996 1998 2000 2017

Agility/dev Data center Digital Cost

Acquisitions Large scale Facility or Colocation

What we’ll cover:

How to transform your Enterprise IT

Design Thinking Agile Teaming DevOps

Bring the outside in 1. First gain empathy

Pinpoint the pain point 2. Then frame the problems

Radical ideas, real impact 3. Now you can ideate

Build to learn 4. Run simple, fast, frugal tests

Two pizza team model 2. Keeping it real…and small

Power of the demo 3. Show something every sprint

Find your agile center 4. Trap: Agile by the book

Automate all things

Design Thinking Agile Teaming DevOps

Start with value hypothesis and growth hypothesis

“One accurate measurement is worth more than a thousand expert opinions.”

Working Backwards Two Pizza Teams Microservices

Define the user interaction and write the manual

Build Test Release

Build Test Release

Build Test Release

Build Test Release

Reducing Cost Rapid Adoption of Quickly Scaling

Information Security Encryption, Key Management,

Products & Services Back Office Systems End User Computing

Information Security Encryption, Key Management,

Products & Services Back Office Systems End User Computing

Information Security Encryption, Key Management,

Products & Services Back Office Systems End User Computing

Products & Services Back Office Systems End User Computing

Cloud CBO & CCoE

“Declare a Bold Cloud Objective”

Procurement Legal CISO CFO Head of Head of Engineering Risk Leader HR

“If you can't feed a team with two pizzas,

Cloud Adoption Framework – People Perspective

Infrastructure Leadership Security

Infrastructure Leadership Security

Infrastructure Leadership Security

Cost Security Compliance Availability Feature & TTM

5-Year On-Premise vs. Cloud Costs = (GAAP) savings of 68.9%

Platform, applications, identity, & access management

Operating system, network, & firewall configuration

Customer is responsible for

AWS has a deep set of security tooling

FedRAMP 🇺🇸 ✔ GLBA 🇺🇸 ✔ FFIEC ✔

K-ISMS (Korea) ✔ VPAT/Section 508 🇺🇸 ✔ MITA 3.0 (US Medicaid) 🇺🇸 ✔

MLPS Level 3 🇨🇳 ✔ Privacy Act [Australia] 🇦🇺 MPAA 🇺🇸 ✔

Availability Downtime per year Categories

Batch processing, data extraction,

99% (2-nines) 3 days 15 hours Internal tools, project tracking

99.9% (3-nines) 8 hours 45 minutes Online commerce

99.99% (4-nines) 52 minutes Video delivery, broadcast systems

99.999% (5-nines) 5 minutes Telecom industry (ATM Transactions)

Component Availability Downtime

Three X in parallel 99.9999% (6-nines) 31 seconds

Availability Zone A Availability Zone B Availability Zone C

Availability Zone A Availability Zone B Availability Zone C

Availability Zone A Availability Zone B Availability Zone C

TECHNICAL & BUSINESS SUPPORT

Image & Scene Exabyte-Scale