© 2022 ECSA.WORLD
Website Design

Architecture in different market verticals

Well, the end of the year is coming up and, with it, comes change. Change of the calendar, change of lifestyles for those that have New Year’s resolutions and, for me personally, a change of contracts.

But more importantly, the change in contracts reflects a change in industries that I’ll be working in. Since August 2011, I’ve been working in the Utility market and have grown to truly understand that business model and the specific types of technology that make up that industry. But as my current contract with SaskPower winds down, an old High School classmate that is now the CISO for a family products company gave me a call and asked if I’d be interested in a contract as an Enterprise Security Architect with them. 

Now, if you were to look at my resume, you’d see that I’ve been supporting multiple industries for a long time. I was the Security Architect for the Vancouver Olympics. I designed systems for PCI compliance for Best Buy Canada. I’ve designed Identity and Access Management systems for major Chartered Banks. And I’ve done work (God, so much work) for various levels of Government. So the opportunity to work with this company isn’t that big of a leap. For me.

But it got me thinking about a possible change of mindsets and/or approaches that I need to deal with. And that got me thinking about what types of changes you have to think about when changing industries. And THAT got me writing this morning.

What’s Different?

So what’s different about this market, you may ask? At the end of 2014, I had a number of people ask me if I had ever seen a Reference Enterprise Architecture that they could use. They had asked, because they had seen my Reference Security Architecture (something that I created years ago) and wanted to see something like it, but for the Enterprise. Not being able to find one, I created one in early 2015.

What I discovered as I was creating that Reference Enterprise Architecture was that there are a number of common areas that are similar regardless of the  various markets. Every Enterprise has an HR group, a Marketing group, a Supply Chain Management / Procurement group. What’s different between Enterprises is the core business itself.

When you look at a Business, you need to understand on what the core is to that particular business and ensure that you have a good understanding of those Lines of Business’. If I just go in and just focus on the technologies, I’m going to do a disservice to them. They want an Enterprise Architect focusing on Security. They don’t want a techie. So I have to understand what motivates them.

Let’s be clear here. At this moment, I don’t know a whole lot about this company because I’m not completely immersed in it. When I go to their website, I see some very clear messaging, though. Their branding is talking about Family and Integrity. So, right off the bat, I know that their reputation is going to be important to them. That and, if they truly buy into their branding, they want their customers to feel like family. 

So, if you look at them from a Reference Enterprise Architecture point of view, you’ll see that they have very common aspects with every other Enterprise, their core business is tied to manufacturing, and their differentiator is tied to Family and Integrity. 

This section is titled “What’s Different?” so, for me, it means moving from the Utilities space to a Manufacturing space. How is that different and how does that reflect in my approach to this contract?

When I look at those differences, I like to look at it from the environmental variables point of view – things that I can’t control but need to take into consideration. And remember, I haven’t started work with this particular company so I can’t say for sure what it will be like. But I can hazard a guess.

The Utility space is one where there isn’t any competition. Not really. Each Utility is focused on one specific area and very seldom do you find a cross over. The focus is the delivery of power to the consumer and, without that power, it is very possible that the risks will be severe in nature. A hospital without power means people can die. You withhold electricity to a region long enough and you will start to see anarchy. The entire nature of a Utility is to ensure the safety and security of the region they serve. 

A manufacturer, on the other hand, is focused on profit. Completely different motive. There is going to be lots of competition so that means that the branding is really important and there has to be a real ROI on everything that is done. A Utility focused on ROI? Seriously doubt that happens due to the monopolistic nature of Utilities.

What about the personalities of Utilities versus a manufacturer? The Utility market space is very conservative because the technology that is going to be in place will be in place for a very long time (eg. think how long a dam is going to be in place) and the need or demand to change is very low. The people that focus on the core infrastructure of a Utility are typically people closing in on retirement right now. The approach to solutioning is going to be very similar to the way Engineers develop solutions. Methodical and systematic. All the T’s are crossed and the I’s are dotted.

A manufacturer? I would suspect, based on my previous experiences, that they want to ensure that they can get to market quickly and that means needing to ensure a low overhead to their processes. They are probably looking at how they can leverage different technologies (eg. The Cloud) to increase profit margins, speed delivery of projects to speed delivery of products and add another way of differentiating themselves to the customers. Their supply chain is going to be important to them so that they can lower the costs of the component parts/ingredients, which probably means integrating with their suppliers for things like Just In Time delivery. Same with integration with distributors.

Two completely different approaches which will mean a completely different approach to Architecture.

Architecture Approaches

So I have two different approaches; one is very conservative and ensure nothing is done wrong since a mistake could, potentially, kill. The other, speed with an eye on the integrity branding and a focus on ROI. Very different. So what will that most likely mean for delivery of service from their newest Contract Architect?

Well, there’s the obvious first. They’ll have their own templates that they use as part of their Architecture practice (assuming they have standardized templates – which really does help speed things up if everyone knows what is expected of them) and those templates are probably going to be light weight. They’ll have their processes that will have an eye on speed of project delivery. And, because speed is a core aspect of project delivery, I expect existing documentation won’t be that great because speed tends to be a very tactical motive and good documentation is not a tactical imperative.

Because of the age of the company (>100 years), I expect that the environment is going to rather haphazard. The focus on speed, having created a very tactical approach, will have meant that strategy (at least from a technical point of view) may not have been a top focus. If this is true, then the organization could probably benefit from learning that a strategic approach will actually pay off in the long run simply because of efficiencies as they go along. And that means guiding them towards a standardized set of processes starting at the strategy level and delivering to the projects.

I would suspect that the organization will understand Program Management simply because they will understand Product Management. Product Management tends to focus on the marketplace and building in features or dealing with branding. Program Management is similar in that manner. So leveraging those experiences will probably be useful.

From a security architecture perspective, my experience has been that Security people tend to overdo things and make statements like “you can’t do that”. So I’m going to expect that security is viewed as an opponent rather than a partner. In the Utility space, on the other hand, Security is on the top of mind of everyone because, again, of the focus on safety.

My approach is going to have to be one akin to providing Quality Assurance to the delivery of solutions rather than a gated stop/go approach. This will allow for security to be built in through all the various Architecture elements and it becomes a component of the solution itself rather than something that is external to the solution. Something that is added on, so to speak.

Summary

Remember, when you change from one market space to another, you are going to run into differences in terms of company personalities as well as what the focus is on. But don’t ignore the lessons that you learned from other markets – 80% of all Enterprises are the same so there’s no reason why you can’t take lessons learned in a different market vertical into your new one.

Neil