Been a while.. and 2013 plans

I realised it has been getting on for three months since my last blog post.. Getting back into writing posts has been on my mind for a few weeks, but things in life have been extremely hectic recently!  Briefly life has involved getting engaged, planning a rather cool wedding and honeymoon, redecorating an entire house, and not to mention starting a new job.

Work wise I am now a Senior Security Architect for WorldPay which is pretty much exactly the role I have been aiming to get for some time.  As with most roles the first few weeks have been a hectic time of getting to know the company, policies and processes, people as well as rapidly picking up constructive work.

I thought I’d start this years blogs with an overview of some of my plans relating to work and learning for 2013.  Obviously as it’s now nearly the end of February I am using ‘start’ or the year fairly loosely!

So looking ahead for the year, what are my plans / projects for 2013?

1. Complete my Masters project;  Due to everything that has been happening I requested as have been granted an extension until May of this year to complete my project.  I have completed and passed the rest of my Masters, so this is the final piece between me and being awarded the post graduate degree.  With continuing to get to grips with my new role and everything else that is going on, this will be a challenge, but something I need to complete.

2. Improve my knowledge of secure, always available multi-site data centre networking; Network security is one of my key focus areas, and this links nicely with the environment I am currently tasked with ensuring the security of.

3. Continue to lead and contribute to the Cloud Security Alliance Security as a Service working group.  This has become a major project for me that I have been leading for nearly a couple of years now.  This is another one that also ties in nicely with my WorldPay role as I will also be covering cloud security and strategy as one of my responsibilities.

4. Various smaller / side tasks including getting round to taking my TOGAF exam, attending various useful industry conferences such as RSA and Infosec (work budgets permitting of course), along with being successful in my new role and progressing at WorldPay.  This may of course lead to further projects this year depending on the tasks I need to achieve as part of my role, I’ll obviously keep you posted around any of these I can publicly discuss.

I’ll keep you all posted with my progress around these projects / tasks, along with other interesting things that happen during the year.  Hears to a productive and interesting 2013.


Service Technology Symposium Day 2..

Today was the second day of the Service Technology Symposium.  As with yesterday I’ll use this post to review the keynote speeches and provide an overview of that day.  Where relevant further posts will follow, providing more details on some of the days talks.

As with the first day, the day started well with three interesting keynote speeches.

The first keynote was from the US FAA (Federal Aviation Administration) and was titled ‘SOA, Cloud and Services in the FAA airspace system’.  The talk covered the program that is under-way to simplify the very complex National Airspace System (NAS).  This is the ‘system of systems’ that manages all flights in the US and ensures the control and safety of all the planes and passengers.

The existing system is typical of many legacy systems.  It is complex, all point to point connections, hard to maintain, and even minor changes require large regression testing.

Thus a simplification program has been created to deliver SOA, web centric decoupled architecture.  To give an idea of the scale, this program is in two phases with phase one already largely delivered yet the program is scheduled to run through 2025!

as mentioned, the program is split into two segments to deliver capabilities and get buy in from the wider FAA.

–          Segment 1- implemented set of federated services, some messaging and SOA concepts, but no common infrastructure.

–          Segment 2 – common infrastructure – more agile, project effectively creating a message bus for the whole system.

The project team was aided by the creation of a Wiki, and COTS (commercial off the shelf) software repository.

They have also been asked to assess the cloud – there is a presidential directive to ‘do’ cloud computing.  They are performing a benefits analysis from operational to strategic.

Key considerations are that cloud must not compromise NAS,  and that security is paramount.

The cloud strategy is defined, and they are in the process of developing recommendations.  It is likely that the first systems to move to the cloud will be supporting and administrative systems, not key command and control systems.

The second keynote was about cloud interoperability and came from the Open Group.  Much of this was taken up with who the Open Group are and what they do.  Have a look at their website if you want to know more;

Outside of this, the main message of the talk was the need for improved interoperability between different cloud providers.  This would make it easier to host systems across vendors and also the ability of customers to change providers.

As a result improved interoperability would also aid wider cloud adoption – Interoperability is one of the keys to the success of the cloud!

The third keynote was titled ‘The API economy is here: Facebook, Twitter, Netflix and YOUR IT enterprise’.

API refers to Application Programming Interface, and a good description of what this refers to can be found on Wikipedia here;

The focus of this keynote was that making APIs public and by making use of public APIs businesses can help drive innovation.

Web 2.0 – lots of technical innovation led to web 2.0, this then led to and enabled human innovation, via the game changer that is OPEN API.  Reusable components that can be used / accessed / built on by anyone.  Then add the massive, always on user base of smartphone users into the mix with more power in your pocket than needed to put Apollo on the moon.  The opportunity to capitalise on open APIs is huge.  As an example, there are currently over 1.1 million distinct apps across the various app stores!

Questions for you to consider;

1. How do you unlock human innovation in your business ecosystem?

–          Unlock the innovation of your employees – How can they innovate and be motivated?  How can they engage with the human API?

–          Unlock the potential of your business partner or channel sales community; e.g. Amazon web services – merchants produce, provide and fulfil goods orders, amazon provides the framework to enable this.

–          Unlock the potential of your customers; e.g. IFTTT  (If This Then That) who have put workflow in front of many of the available APIs on the internet.

2. How to expand and enhance your business ecosystem?

–          Control syndication of brand – e.g. facebook ‘like’ button – everyone knows what this is, every user has to use the same standard like button.

–          Expand breadth of system – e.g. Netflix  used to just be website video on demand, now available on many platforms – consoles, mobile, tablet, smart TV, PC etc.

–          Standardise experience – e.g. kindle or Netflix – can watch or read on one device, stop and pick up from the same place on another device.

–          Use APIs to create ‘gravity’ to attract customers to your service by integrating with services they already use – e.g. travel aggregation sites.

This one was a great talk with some useful thought points on how you can enhance your business through the use of open APIs.

On this day I fitted in 6 talks and one no show.

These were;

Talk 1 – Cloud computing’s impact on future enterprise architectures.  Some interesting points, but a bit stuck in the past with a lot of focus on ‘your data could be anywhere’ when most vendors now provide consumers the ability to ensure their data remains in a specific geographical region.  I wont be prioritising writing this one up so it may or may not appear in a future post.

Talk 2 – Using the cloud in the Enterprise Architecture.  This one should have been titled the Open Group and TOGAF with 5 minutes of cloud related comment at the end.  Another one that likely does not warrant a full write up.

Talk 3 – SOA environments are a big data problem.  This was a brief talk but with some interesting points around managing log files, using Splunk and ‘big data.  There will be a small write up on this one.

Talk 4 – Industry orientated cloud architecture (IOCA).  This talk covered the work Fulcrum have done with universities to standardise on their architectures and messaging systems to improve inter university communication and collaboration.  This was mostly marketing for the Fulcrum work and there wasn’t a lot of detail, this is unlikely to be written up further.

Talk 5  – Time for delivery: Developing successful business plans for cloud computing projects.  This was a great talk with a lot of useful content.  It was given by a Cap Gemini director so I expected it to be good.  There will definitely be a write up of this one.

Talk 6 – Big data and its impact on SOA.  This was another good, but fairly brief one, will get a short write up, possibly combined with Talk 3.

And there you have it that is the overview of day two of the conference.  Looks like I have several posts to write covering the more interesting talks from the two days!

As a conclusion, would I recommend this conference?  Its a definite maybe.  Some of the content was very good, some either too thin, or completely focussed on advertising a business or organisation.  The organisation was also terrible with 3 talks I planned to attend not happening and the audience totally left hanging rather than being informed the speaker hadn’t arrived.

So a mixed bag, which is a shame as there were some very good parts, and I managed to get 2 free books as well!

Stay tuned for some more detailed write ups.


TOGAF 9.1 course with Architecting-the-enterprise

Last week I spent four days on the TOGAF 9.1 (The Open Group Architecture Framework) training course  presented by ‘Architecting the   Enterprise’ so thought I’d provide a brief review here.

I have been thinking about becoming TOGAF certified for a while as it seems to be becoming a bit of a de-facto standard and requirement for many architecture roles.  Initially I tried to reading the somewhat large and horrifically written TOGAF 9 book.  My advice, don’t..

So I approached the course with some trepidation knowing how dry the material was.  However I was pleasantly surprised!  The course was well presented, and made the material considerably more palatable than I expected based on how the book is written.

The course was split into the same basic sections as the book, covering some enterprise architectural history and overview material, the TOGAF process, the ADM (Architecture Development Method), ADM Guidelines and techniques, the Architecture Content Framework, the Enterprise Continuum and tools (star trek fans much??), TOGAF reference models, and the TOGAF capability framework.

Overall a lot of content was covered, which included everything you need to know in order to understand and utilise the TOGAF principles at work.  All the slides presented were provided on CD, along with a revision / crib book.  As far as I can tell this should be enough to pass the exam – I’ll let you know as soon as I get round to sitting it.

As with most courses of this type, one of the key side benefits is meeting a group of people from different businesses with various views of project and architectural processes.

Regarding TOGAF, the main value for me is an overview of the process and getting to grips with the terminology; using TOGAF as a point of reference ensures architects from various backgrounds and disciplines and all have a frame of reference and common language.

Regarding the course, I’d definitely recommend Architecting the Enterprise and this TOGAF course.  Even if becoming an enterprise architect is not your aim / ambition, you will find parts of TOGAF useful in most enterprises and to most architecture specialisations from business through data to technology.

I’ll provide an update on how the exam goes, likely in a few weeks..



ISEB Enterprise and Solutions Architecture – update

Following from my previous post I can confirm that the exam was pretty easy having got a pretty reasonable passing mark after completing the exam in ~25 minutes.

I have yet to see many job specs that require this certification so I don’t know how CV enhancing it really is.  However many job specs want knowledge of or familiarity with architecture frameworks such as TOGAF and Zachman, if you are not already fairly familiar with these then this course does provide a good overview and comparison of some frameworks.

Overall my assessment of the course / exam is as before – I think well worth while from the point of view of getting an overview of various architecture frameworks and the terminologies used, as well as meeting people from a variety of business backgrounds.  This should assist with any requirement for knowledge of architecture frameworks / methodologies your current or future roles have.  The caveat in terms of career value is that the certification itself seems to be in very low demand.


BCS / ISEB Certificate in Enterprise and Solution Architecture

This week I attended the BCS (British Computer Society, that refers to itself as ‘The Chartered Institute for IT’) ISEB (Information Systems Exam Board) ‘Certificate in Enterprise and Solution Architecture – Intermediate’ four day course and exam.  I’ll share my thoughts and impressions of the course and exam.

One the first day my hopes of the week being useful were actually low, as with many of these courses the main purpose was clearly about learning by wrote the facts required to pass the exam.  While this did indeed turn out to be true, the course turned out to be a lot more useful than expected.

This was due to a combination of factors;

– the instructor / tutor we had was actually very knowledgeable around the various architecture frameworks / ontologies such as TOGAF and Zachman.

– interaction with peers from a variety of industries and backgrounds.  As with any course / conference this is one of the key benefits as it gives you the opportunity to gain a wider viewpoint and see how developers and business analysts etc from different industries view architectures / business issues and what their concerns are.

– As the exams itself is largely about architect roles, frameworks and how they link together the course provides a good insight and overview of some of the most common frameworks and how there different terminologies used relate to each other.

If you want to know more about the course and topics covered, or just gain a greater insight into enterprise and solution architecture terminology then the web sight maintained by our tutor is is a great starting point;

Which also gives a clue as to his name.  If you do want to do the course and are UK / London based I’d recommend choosing a course with him instructing if you can, as he has many years experience in IT and the course material.  Graham also has some strong ideas and opinions which made for some great classroom debates.

I’d recommend this course to anyone wanting to improve their knowledge of enterprise / solution architecture frameworks, tools and terminology whether this is to aid a career in architecture, or just to better understand the concerns and considerations of the architects you work with.  Don’t get me wrong, the overall material is pretty dry as is the case with many courses around frameworks and terminology etc. but overall this course was well worthwhile.

Onto the exam – there is not a lot to say here, it is a one hour, forty question multiple choice affair.  If you have paid attention in the class and have a reasonable understanding of the reference model (pdf can be freely downloaded from the BCS web site or use the slides coving it from Graham’s site) , you should find the exam pretty easy, he says not having yet received confirmation of passing it!