• Chevron Left

• Chevron Left

• Chevron Left

Most companies use the cloud in some form. But in many cases, they use business data silos to solve IT problems instead of taking a more holistic approach, which would provide the greatest possible impact to the business.What I can doI develop holistic cloud strategies and roadmaps that put technology at the heart of the business. In this way, the cloud conversation becomes far more than an IT decision: traditional ways of doing things are transformed, business performance is enhanced and enterprise-scale companies can move with the speed and agility of a startup. This can involve one or more of the following:
- Analysis of existing business and IT infrastructure landscape (project life-cycle processes, application and infrastructure portfolio, application servers, databases etc.)
- Identification of the company vision, goals and objectives
- Creation of a high-level technical design
- Evaluation of the current risks and challenges to business
- Current and future TCO analysis
- Development and execution of a resource plan to deliver on the agreed strategyWithin the Cloud, there are two exciting and important movements occurring:** Serverless**We are currently going through the third cloud transformation period with serverless architectures. The term 'serverless' is an oxymoron; you still deploy applications onto physical servers in a data centre, but now your engineering team are a number of layers removed from those servers and in ways that will transform the launch speed of applications. This will then lessen the time to iterate improvements and dramatically decrease the cost to manage everything.I have designed a number of applications that leverage this transformative technology. It’s exciting and cutting edge, but one of my jobs as CTO is to look beyond what gets me and other technologists excited and make sure that we are recommending technology that solves problems in a quick and cost-effective manner. Bright and shiny is not always the best. It’s important (even more so with serverless technology) to look at TCO.I recently wrote an article going into more detail on the pros and cons of Serverless here.Hybrid CloudUntil a few years ago, AWS (Amazon Web Services) was the only game in town. Now, both Google Cloud Platform (GCP) and Azure can provide realistic options, even though AWS is still the market leader. With other providers offering viable options (and some key product differences) that allow data to move seamlessly between on-premise or co-located servers and public clouds, Hybrid Cloud is the opportunity to mix and match capabilities.
This provides:
- Safety from vendor lock-in - there are products and services (especially the serverless ones) that have vendor-specific tooling and deployment
- Additional redundancy - all the big cloud providers have various levels of redundancy and geographical disbursement. However, a hybrid solution can allow an even greater level of risk mitigation
- Reduced disruption to customers/staff with a mixed deployment
- Better alignment with data security or regulatory requirements - organisations that maintain or process personal data, such as medical records, have found using hybrid models allows them to keep full control over sensitive data - keeping it on premises and readily accessible - while relegating less-sensitive data and work in the cloud

• Chevron Left

• Chevron Left

A great CTO acts as a bridge between business and technical worlds, communicating complex technical concepts to a non-technical audience, such as the c-suite and board, while ensuring that business and product requirements are delivered quickly, efficiently, cost-effectively and with the best underlying technology. This involves (but is not limited too):

• Chevron Left

• Chevron Left

Tech stories that interest me around development, Cloud or security issues. I publish longer form articles on Medium and I publish a bi-weekly podcast called TechCaptains with Ron Danenberg.

- Just in case your company thinks you can't afford take security seriously or that pen testing is too expensive or that experienced CISO who wants £150k/yr is too pricey? Article #cybersecurity #malware #crime

- Could the whole Encrochat hack have been a police sting all along? Well done if it was. Article #cybersecurity #malware #crime

- What would anyone post screenshots from their Zoom calls on social media, are people that daft? Article #privacy #security #zoom

- Well this is interesting, but doesn't change the fact that so many companies especially #techcompanies simply don't understand they need a complete review of how they hire to get more diversity. Women for instance read job adverts quite differently to men, so if you don't get that right you will fall at the very first hurdle and to be honest its not that hard to do right. Article #hiring #humanresources #womenintech

- One big problem with Lambdas on #AWS is connection overloading, they are short-lived and can scale fast. Some of this can be mitigated with object caching and the use of connection pools but a better solution has now gone into production with RDS proxy. Article #serverless

- Credit card skimmer code embedded in an image and delivered through a very popular #wordpressplugin, amazing. Article #malware #cybersecurity

- Lots of countries have Stingrays, and this is why if you live in a shall we say "less democratic" country, using a cellphone could be a death sentence. #cybersecurity #malware #mobilesecurity Article

- Pretty shocking that 83% of Global 2000 enterprises have not adopted basic security practices. Article

- Back to the future here, fast server side rendering courtesy of #websockets and #erlang .This is a pretty impressive demo it must be said. Watch here

- Prisma sounds very interesting and I think the author is completely wrong in stating that a large subset of devs dont want the database abstracted away, my experience of most is the complete opposite! Article #database #nosql #rdbms

- There have been warnings for years around the potentially huge problem of millions of comprised #iotdevices well it is now upon us. This will be far worse than Mirai I suspect for DDOS attacks. Article #security #cybersecurity

- Treat source code like gold. As this post points out its not just about IP. But the other point to make here is don't store credentials in your repo, ever! Cannot emphasise how important this is and can't believe it still happens at companies that should know better. In #awscloud it's made easy and you can encrypt things like stage variables using KMS. Less experienced engineers can be excused but if you have team leads or senior devs who allow this to pass code review they are probably in the wrong role. Article #security #git

- Homomorphic encryption sounds like something that shouldn't be possible, processing encrypted data without decrypting it first. The maths behind it is over 10 years old & now IBM have released a toolkit for developers to use homomorphic #encryption in their applications. Article #datasecurity

- Here we go again with #russia, I must admit I had no idea Exim and Postfix were 91% of the mail server market that is astounding. Article #security #cybersecurity #unix

- Modelling a hierarchical relational structure in a single #nosql table, in this case #aws #dynamodb . Skip to minute 46 if like me initially you can't get your head around it. Article

- Nothing like discussing languages with devs to get flame wars going. PHP seems to be equally loved and hated, VBA should be killed with fire (I have my own horror story of that from many years ago, still scarred). Building something new today? Bias towards Typescript and Node would be my advice for many reasons. Article #programming

- All governments are the same, they want to tell voters they have simple solutions to their problems but putting backdoors in #encryption to catch bad guys is still a terrible and self-defeating idea that is the zombie of bad ideas. Instead put more money and training into good old fashioned police work, I know its not as sexy. Article #privacy #security

- Two fascinating takeaways. First, 93% of companies looking at hybrid solutions and second top initiative is reducing costs (amazing how many companies rush to build without properly planning or understanding cost implications). Article #cloudcomputing #hybridcloud

• Chevron Left

• Chevron Left

I'm happy to discuss your needs and whether I can help. If I can't, I will know someone who can. I always try to respond the same day.I will never add you to an email list, spam you or share your email.