Digital Business Transformation requires Value-Chain thinking, and Value-Chain platforms

Data Consolidation is now a #1 requirement, not rewriting and consolidating all the functionality of the apps

I have one client that is a County Government Entity facing the following data consolidation issues:

• 808 SaaS services and providers used across the Government Enterprise.
• Over 650 home grown Access and Excel databases being used for mission critical decision support.
• Zero data synchronization of empirical data as simple as contact names, resulting in 100's of versions of the same person, place or thing spread around these systems.
• No ability to meet information compliance requirements, or cyber security requirements.
• The problem is insurmountable by existing management/staff.

The Opportunity herein lies to consolidate data, make it extremely secure and compliant.

For this problem I have defined something called "XDC" pronounced "Ecstasy" that provides an empirical data store accessible by all SaaS, Access, and Excel systems.  Depending on "Need-to-Know" security requirements, this store can do several things:

• It can ingest raw data from all sources through common XML, JSON, ODBC, CSV, or API connections.
• It version controls each record, and can provide de-duplication.
• It can provide a Token instead of the real data
• It can validate local system information

With the XDC system being in the cloud it is accessible to all stakeholders in the Value-Chain.

Now you can start consolidating Apps and functionalities.

Compliance is the New Cyber-Risk

There is a common thread that ties together the Business Team and the IT Team, it is called Compliance.

Compliance today is the number one risk in front of a cyber-security breach, being non-compliant when it is required can put you out of business, with or without a breach.

Last year I developed a compendium of Compliance Jurisdictions, and all of their policies, laws, and statutes.  What I found is the following:

• Anyone doing business globally falls under 7,600+ authorities, not including small cities, counties, or administrative and contract authorities.
• The good news is that many of the articles are similar and can be grouped into families regarding business risk, financial risk, and mitigation risk.

This common thread requires that you do a full 360 analysis on data, how it is handled, the programs, vendors, and personnel, all have to be analyzed.

Governments today have figured out that compliance is a great way to raise revenue, as seen with the GDPR act in the EU.

Today, any system I design has built in compliance flags, and data classifications, yes this takes many extra fields of data, but it also gives you a bullet-proof way of defending your systems from both the bad and good predators.

Cyber Security is rapidly changing for the better.  I help companies re-engineer how they look at their information systems posture, I help them move from defensive to offensive posture, gaining 100% control of the data and access.

As the cloud has evolved, it allows us now to push any and all possible intruders into a very difficult position.

I am currently working on Edge routing systems that respond within 5-20 Msecs upon a request.  These system make a determination whether the incoming request is known, if so it can progress into authentication, and permissions and finally routing to the appropriate app.  This happens so fast that a user does not even know.

The best part is that this approach removes 99% of the possible threats, eliminates penetration testing, and is very cost effective.

If you are interested in the technology it can be licensed, it is named VX for Virtual Edge-Point Router.

The new paradigm is CyberSafety and is an Offensive play fully integrated into data protection and compliance fabrics.

In the last few years there has been a sea-change in cloud computing.

We have moved from Servers, to VMs, to Containers, to Micro-Services, and now to Serverless with Functions.

The last year I have been focused on Serverless Architectures, they provide a very interesting set of architectural opportunities, for lazy IT developers it will be problematic, because you cannot rely on the old server always being there....lol

A few highlights:

• Very straight-forward vertical scaling, you can make a 100% object defined stack from Client to Archival covering all aspects of the system.
• You put everything in a Database(s) Code, Includes, Scripts, Process, Data, assets and state.
• You can horizontally scale globally instantly from 1 to millions of simultaneous instances running.
• You can use the edge as a compute, firewall, CDN, and ADN (App Delivery Network).
• Cost can be 70-90% less
• Speed can be 200-600x faster
• Security is 1000% better, there is zero attack target

New-Style Clouds (Internet, AWS, Google, Azure)

• Since the early 2000's the Internet has exponentially increased in throughput, availability, reliability, and is now a proven commercial commodity.
• It was not until 2006 did Amazon the first of the three large cloud providers start offering services.
• Amazon along with Google, and Microsoft are the three largest cloud providers today.  Providing hundreds of various services in different consumption models.
• I started using cloud computing services in 2011 from AWS, and have utilized thousands of instances from all three providers.
• As we all know this is a rapidly changing arena.  And I am know focused on the last column of the chart below:

Ref TLV:

The Mother of all Monster Private Clouds

In late 1998 I formed a Government Division in my company.  I led a small capture team of 6-7 multi-disciplined individuals to go out and capture the largest IT contract ever let in the world.

In 1999 I met with various members of the DOD, Navy, Marine Corps, and Pentagon CTOs, and CIOs to introduce the items we had built in the commercial world for the media industry, who had a similar security requirements set.

It was recommended we find a teaming partner for which we teamed with EDS - Electronic Data Systems in early 1999 to go after the procurement.

I was the Chief Technical Architect, Network Architect, and Security Executive on NMCI.

In Brief:  WE WON!  A contract that crossed the $20B revenue mark a couple of years ago.

NMCI consolidated roughly 6,000 networks—some of which could not e-mail, let alone collaborate with each other—into a single integrated and secure IT environment. We updated more than 200,000 desktop and laptop PCs. The program also consolidated an ad hoc network of more than 8,000 applications to 500 in four years and 15,003 logistics and readiness systems to 2,759 over a two-year period.

We built over 1,000,000 100BaseT wall jacks and everything needed in between on a 7 layer network, carrying all classes of information.

As of March 2008, NMCI included more than 363,000 computers, serving more than 707,000 Sailors, Marines and civilians in 620 locations in the continental United States, Hawaii, and Japan, making it the largest internal computer network in the world.

NMCI established an interoperable command and control network that provides the IT platform necessary for transitioning to a net-centric environment. Acting Department of Defense (DoD) CIO Terry Halvorsen described NMCI as a "forcing function within the DON to attend to our legacy infrastructure of applications, servers and networks.”

"NMCI has been a hugely successful program for the Navy," Weller said during a press briefing with reporters [14 October 2010]. "It has been a cost-effective way to deliver unprecedented level of service. We learned a lot about how to do it and how not to do it."

"Anytime you transition from where you have a high degree of localized control to a high degree of centralized control, there will be some disgruntled folks," Weller said. "I think since we already are in that world, about 70 percent of the Navy's IT infrastructure, we are in a world where the Navy has complete control and authority over how we operate the network. That has allowed us to maintain extremely high degree of security, which is frankly our number one issue. The only way that we are aware of you can do that is to have tight configuration management and tight central control. So that is where a lot of the complaints came from. To that note, what have we done to lessen blow in future? I think the answer is we don't need to because we are already there."

All of the As-A-Service Acronyms are a short departure to where the leading edge is today in Serverless.

I have built and lived through the IaaS era, there is zero justification today to try and build that yourself, you cannot even compete on price, let alone all the other requirements.

The PaaS is pretty much dead for the hardware/os form of it, PaaS for enterprises, applications, and SaaS support is alive and well.

I am now seeing FaaS or Function as a Service showing up selling serverless functions, we will see which fancy acronym the analysts assign to this new and exciting future.

Old-Style Clouds (Extranets, Intranets, ETC...)

• In the mid 80's I created the 1st Wide-Area-Network for CAD/CAM/CAE graphics workstations. We were sending complex 3-D geometry around the country.  I took this company public when I was 25 through an IPO.
• Starting in 1994, I co-founded a company that's prime mission was to convert several industry-wide value-chain processes to digital.  This included data transport (Tapes were being sent via Fedex/UPS). Media Assets were just starting to be scanned, MP3's yet to be popular. 
• Digital Media Storage was accomplished in our central data centers with a 6PB archive in 1996.
• We utilized over 12,000 SGI servers and they provided Content Delivery to our clients and was the 1st CDN in the world.
• Those same 12,000 SGIs delivered many Hollywood movies through our render-farm software we developed to utilize spare CPU cycles.
• Within 3 years we built a global private network, with servers at every edge, central storage, and all based on a OPEX utility pay as you use model.
• $860,000,000 was gainfully deployed in CAPEX, Software Development, Network costs to build this cloud.
• This Company was the first private industry cloud serving 65,000 companies worldwide, allowing 25,000,000 workstations global digital workflows.
• It carried and managed 85% of the print, newspaper, advertising, video, music media worldwide.

Old-Style Hybrid Clouds (Internet-to-Private)

• 2000-Today: The Internet was used as an extension to the private clouds. I successfully built several DMZ protected Internet Gateways providing high-security data between protected and unprotected zones.

I am a partner in a company called Nouvant, it represents thousands of researchers Intellectual Property and markets and sells these innovation globally.

Having come from a design background, I now get to see 300-500 new innovations per month, I have access to a database of thousands of ideas.

Feel free to go to https://www.nouvant.com