Software development teams following an agile process to incrementally develop, build, deploy and release enterprise applications quickly find that keeping track of all of the components and inter-dependencies becomes unmanageable. Spreadsheets become laborious to maintain and do not track the process and keep a record of who did what.
Release Coordination solutions such as UrbanCode Release help control and track incremental releases of complex enterprise applications.
Continuous Integration and other modern code development practices seek to manage scale and complexity, and increase speed and quality, by introducing automation across the software development life cycle (SDLC). This is especially true of areas that occur frequently and contain many repetitive steps such as the deployment and release processes.
Development teams tend to build and deploy the code for one or more components to a development test server frequently as part of an agile development process in order to find code integration problems early and make sure they have a clear understanding of the status of a project. However, this can be a laborious and tedious process, screaming for automation.
Additionally, the complexity of releasing enterprise applications to production requires that the release process be well-tested beforehand, and increasingly development teams are finding that the best time to start this testing is during development and early testing efforts. This requires that the development team use the same process and tools during development that the operations team will use in production.
Application Deployment Automation solutions, such as Urban Code Deploy, facilitate the process of deploying components to servers and releasing them into production. Urban Code Deploy controls the process, versions deployment artifacts, keeps a record of who deployed what to where, and facilitates incremental deployments.
Mobile adoption is important to the banks that I have been speaking with. With the investment that goes into the deployment of a mobile banking or mobile payments solution, reputations are on the line. The importance of trust in the entire value chain is amazing to me.
Ground zero for where trust affects everything is the trust that individual consumers have in mobile applications–especially with regard to security.
As I contemplate adoption, my own security concerns come to mind. I use mobile banking when I am in the USA. As I travel around the world I frequently decide not to access mobile banking because of my lack of confidence in the security of the system. I wait until I can get my laptop connected, fire up my VPN, type in my one-time-password (OTP) — and only then access online banking.
It is not enough to make mobile systems trustworthy. We need to be able to explain how they work to users in a way that inspires their confidence. For me, this is a necessary prerequisite to adoption.
Deeply understanding the concept of trust is important to both of these objectives. So that is what I am thinking and reading about nowadays.
The PCI Security Standards Council provides the PCI Data Security Standard (PCI DSS). Certain organizations including financial services providers need to be compliant with this standard as evidence that they protect payment card holder data (CHD).
The first step to applying the standard is to determine the portion of the IT environment where the standard is applicable (scope). The PCI/DSS scope is called the Cardholder Data Environment (CDE) and includes “people, processes and technologies that store, process, or transmit cardholder data or sensitive authentication data.” Network segmentation is the recommended means to reduce the scope as much as possible.
pcisecuritystandards.org breaks the standard down into 6 categories and 12 requirements:
—– UK Travels
27 Jul 2014 10 Aug 2014 Business S
29 Jan 2008 31 Jan 2014 Business 9
19 Feb 2008 25 Feb 2008 Business 9
25 Aug 2009 27 Aug 2009 Business F
—– Other Travels (Date/Country/Reason/PpPage) —–
28 Apr 2008 SINGAPORE Business 8
06 Mar 2008 BELGIUM Business 8
23 Apr 2008 MALAYSIA Business 8
15 Apr 2010 BRAZIL Business 9
14 May 2008 TAIWAN Business 10
24 May 2008 SINGAPORE Business 10
31 May 2008 TAIWAN Business 10
28 Apr 2008 SOUTH KOREA Business 11
10 Sep 2007 AUSTRALIA Business 12
22 May 2008 MALAYSIA Business 12
26 Feb 2008 IRELAND Business 13
26 Apr 2009 TURKEY Business 14
16 May 2008 CHINA Business 14
26 May 2008 MALAYSIA Business 16
07 Jul 2008 BELGIUM Business 16
09 Sep 2008 BELGIUM Business 17
27 Jul 2008 SINGAPORE Business 17
13 Sep 2008 SPAIN Business 18
02 Mar 2009 MALAYSIA Business 18
21 Feb 2009 SINGAPORE Business 18
03 Mar 2009 SINGAPORE Business 19
08 Mar 2009 SINGAPORE Business 19
04 Mar 2009 INDONESIA Business 19
10 Jun 2009 SINGAPORE Business 21
07 Jun 2009 PHILIPPINES Business 21
15 Jun 2009 MALAYSIA Business 21
28 Oct 2009 FRANCE Transit A
14 Nov 2009 SINGAPORE Business C
24 Oct 2010 FRANCE Transit C
17 Jun 2009 INDONESIA Business C
12 Jan 2010 SINGAPORE Business C
20 Jun 2009 CHINA Business D
31 May 2010 CHINA Business D
12 Jun 2010 CHINA Business D
08 Nov 2009 NEW ZEALAND Business F
29 Jul 2009 FRANCE Business F
22 Sep 2010 SPAIN Business G
17 Jun 2010 BRAZIL Business G
17 Jul 2010 JAPAN Business G
21 Oct 2010 SINGAPORE Business H
03 Oct 2009 CANADA Business H
18 Jul 2010 INDONESIA Business H
06 Sep 2011 MALAYSIA Business C
27 Nov 2011 MALAYSIA Business C
26 Jan 2012 SINGAPORE Business C
28 Jan 2012 MALAYSIA Business F
19 May 2012 MALAYSIA Business F
18 Feb 2013 MALAYSIA Business F*
21 Dec 2012 KUWAIT TRANSIT F
29 Jun 2012 SINGAPORE Business F
22 Jul 2012 INDONESIA Business G
01 Jul 2012 MALAYSIA Business G
25 Jul 2012 MALAYSIA Business H
03 Jan 2013 MALAYSIA Business H
17 Jan 2013 HONG KONG Business J
24 Jan 2013 MALAYSIA Business J*
01 Feb 2013 MALAYSIA Business J*
31 Jan 2013 INDONESIA Business K*
17 Feb 2013 INDONESIA Business K*
08 Mar 2013 THAILAND TOURISM L*
11 Mar 2013 MALAYSIA BUSINESS L*
11 May 2013 THAILAND BUSINESS L*
16 May 2013 MALAYSIA BUSINESS M*
28 May 2013 MALAYSIA BUSINESS M*
10 Jan 2014 MALAYSIA BUSINESS M*
27 May 2013 INDONESIA TOURISM N*
05 Mar 2014 MALAYSIA BUSINESS Q*
07 May 2014 SINGAPORE BUSINESS Q*
04 Mar 2014 INDONESIA BUSINESS R*
07 May 2014 MALAYSIA BUSINESS R*
25 May 2014 MALAYSIA BUSINESS S*
24 May 2014 SINGAPORE BUSINESS S*
10 Jul 2014 MALAYSIA BUSINESS V*
21 Aug 2011 BRAZIL BUSINESS W
02 Nov 2010 MALAYSIA Business K
29 Sep 2009 AUSTRIA/SLOVAKIA Business L
17 Jan 2010 CANADA Business L
09 Jun 2010 MACAU Business M
09 Jun 2010 HONG KONG Transit M
18 Mar 2010 BRAZIL Business N
11 Jun 2010 HONG KONG Transit N
18 Aug 2010 BRAZIL Business P
12 Nov 2010 BRAZIL Business Q
30 Mar 2011 BRAZIL Business Q
20 Jan 2011 BRAZIL Business R
11 Aug 2014 BRAZIL VISIT S*
02 Feb 2011 MOROCCO Business X
06 Apr 2011 PERU Business X
14 Aug 2011 CZECH REPUBLIC Business 23
The IT group is usually tasked with designing new applications. I am not sure I advocate that but that is what I have seen in practice at banks. Therefore, I categorize User Centered Design as an IT Capability.
The following diagram lifted from Modern Web Development with IBM WebSphere gives a feel for what User Centered Design involves:
What I will say about User Centered Design is that it should not be the first step. You must have some process that answers the question: “User Centered Design of what?”. You need innovation processes operating at both the strategy and organization design levels.
I feel a little crazy listing JavaScript as a strategic technology — Even more crazy enumerating the related frameworks and libraries, which seem to replace each other far too frequently to be considered “strategic”. But I want to make the point that how you build Web applications (including mobile Web and hybrid apps) can have a material impact on the competitive advantage of even the largest banks, and that makes it a strategic topic.
Never has any programming language been adopted as widely as JavaScript. The power and flexibility of the language as well as the extensive support by open source frameworks and libraries makes it very likely that JavaScript will continue to be the basis for most of the Web applications of the coming years.
Generally, I consider a library to be any set of related functions packaged up to be included in an application. Some libraries are built by the app developer and some are external.
I consider two types of frameworks:
Two of the most important JavaScript libraries, in my view, are Dojo and jQuery. These foundational frameworks build on Ajax to build Web 2.0 user interfaces. A key early decision point for an enterprise architecture team would be which one of these two frameworks (or more likely a deft mix of the two) to get behind.
Note: The classic Web application architecture, where you build Web pages and “screen flows” on the server side with frameworks like Struts, JavaServer Pages (JSP) or JavaServer Faces (JSF) is nearing end-of-life (i.e. not strategic). This architecture has been replaced by the Web 2.0 rich internet application (RIA), where apps use only a single page or a few pages to provide a page-oriented user interface (POUI). The pages are built and updated by client-side JavaScript or similar client-side scripting language or mechanism. Besides being more functional and attractive, RIA’s are more scalable because they move most of the user interface (UI) processing and information that the app stores about the state of the UI to the client, freeing the server memory and CPU to handle more clients. For more on this please see Modern Web Development with IBM WebSphere.
RIAs are generally divided into client side and server side components which communicate with each other via an application programming interface (API). The trend is for this API to be made up of REST interfaces which transmit data in JSON format. Invoking API interfaces and handling the results within the client is the core function of Ajax.
On the client side (again from Modern Web Development with IBM WebSphere):
JavaScript-based client architectures are standard for Web RIAs, mobile Web RIAs, and hybrid mobile apps. There are a number of proven architecture stacks for doing this. Two of the most popular are jQuery-Toolkit-based and Dojo-Toolkit-based.
A configuration of JavaScript frameworks being used in mobile Web and hybrid apps (especially in conjunction with IBM Worklight) are:
When you start out to create a cloud-based app it helps to understand the environment that it will run including the components that are external to it as well as the framework and runtime components that are integral to it.
An app runs both on the device (client) and in the cloud (server) and invokes services on both platforms.
Much of the logic that you build into an app is in the form of JavaScript. On the server this might be application logic in the form of JavaScript running in the node.js runtime.
On the client side the JavaScript might be Dynamic HTML client-side scripting running in a browser or a mobile app.
JavaScript developers typically use standardized JavaScript code written by other developers in the form of libraries such as jQuery (on the client).
I dream of having time on my hands. Ah, what would I do to occupy myself if I was a high-school kid dreaming to get a start in software development?
Knowing what I know now about how complicated developing software can get, I would try to do something very simple. In fact, I would want to make it as simple as possible.
First, I would avoid one of the least productive and most complicated parts of software development — setting up my development and test environments. I would look at developing in the cloud using a Platform as a Service (PaaS) such as IBM’s Bluemix.
Secondly, I would do it for free as much as possible. In luck…IBM provides a free DevOps and PaaS services!
Sign up for free IBM DevOps Services and free trial for Bluemix.
Create a DevOps project. I created a Git repository (https://hub.jazz.net/git/alanstreet/)
Copy the sample project as described here, fork it, and build & deploy it as instructed. Run a test!