Digitization accelerates economic growth and facilitates job creation; therefore the IT plays a huge role in this.Digitization positively affects productivity across sectors, itencompasses the transformation of business, enterprises and governments using technology, so as to make experiences better, communication effective and work simpler. We are focusing on how organizations are achieving their digital transformation goals, by understanding their IT Capabolities.
ThoughtWorks is a privately-owned, global technology company with 43 offices in 14 countries. It provides software design and delivery, and tools and consulting services. The company is closely associated with the movement for agile software development, and has contributed to a content of open source products.
Here, Saptorsi Hore, Chief Operating Officer, who also plays the CIO, tells us more. Excerpts from an interview:
DQ: How are you developing IT capabilities for clients? And, what are the challenges in this effort?
Saptorsi Hore: We build the organizational and technical capabilities needed to transform our clients into a modern digital business. We prioritize growing their experimentation and delivery muscle which ensures clients are ready for any disruption that comes their way.
We do this by applying design thinking, business strategy and tech to solve our client’s most pressing problems. Our approach involves delivering software incrementally, with cutting edge and relevant practices and tools.
This allows clients to market-test early and pivot, if needed thus, constantly improving customer experiences. In our partnerships, we consistently help clients build software excellence into their organizations by leveraging a lean and agile culture. This ensures technology’s always at the core of the client’s business and stays an enabler.
The challenges that we usually face, when working on digital transformation journeys, include a lack of visibility into digitization goals. This is because there continues to be resistance to enterprise-wide buy-ins on the digital front. A characteristic of this challenge is a leadership team with disconnected perceptions of transformational solutions.
Additionally, apart from leadership, it’s also important for mid-level managers or function heads to be digitally aware, if not suave.
Another challenge, especially in the case of large scale and global enterprises, is keeping track of geo-specific data restriction policies, anti-trust concerns, cyber-security threats given their adoption of data-centric platforms. One of the more practical and common hurdles of digital transformation partnerships are overly complex and rigid legacy IT systems that sometimes run the risk of becoming roadblocks when implementing enterprise wide transformation initiatives.
Given that technology is in a state of constant evolution, the other task at hand is building capabilities that involves analyzing the future requirements, and establishing efficient hiring and talent retention strategies.
DQ: What kind of IT products and solutions do you usually work with?
SH: The nature of our work often entails creating and executing strategies to transform clients into modern digital businesses. This necessitates the creation of adaptable technology platforms that stay in sync with the client’s business strategy.
We accomplish this by adopting design and product thinking, engineering rigour and a mindset of delivering value steadily and incrementally. A key aspect of what we bring to the table is improving the client’s responsiveness to change.
We focus on intelligence-driven decision making by leveraging data assets from the underlying technology platform. We derive insights and influence business strategy which unlocks new sources of value when (the insights) are incorporated into new products or features for end customers.
Whether we have evolved a strategy that implements the IT capabilities and infrastructure that we would like to install/implement.
With recent events amplifying the rate of transformation, the digital divide between organizations has never been clearer. We are working closely with our clients to evolve them into Modern Digital Businesses (MDB) that have the capacity to anticipate and embrace change, rather than adapt to it post-facto.
ThoughtWorks has identified these five building blocks of modern digital businesses -- frictionless operating model, platform strategy, experience design and product capability, intelligence-driven decision making, engineering culture, delivery mindset, etc.
DQ: What are your thoughts on digital transformation, in the context of the new normal and changing client priorities in the almost completed 2020?
SH: The current pandemic has exposed cracks in the digital infrastructure for most enterprises and has forced a relook at existing approaches to digital transformation. As more enterprises embrace the new normal and migrate to the multi-cloud environment, there is a need to adopt a strategy that works in the context of the enterprise and its applications.
While it is infeasible to re-engineer every application to operate in a cloud environment, there is a need to arrive at the optimal level of re-engineering to improve reliability and maintainability. Cloud architecture is an area that needs investment and adoption of best practices.
Simultaneously, data enables leading enterprises to gain the insights needed to outpace their rivals. The key priorities are to help enterprises simplify data architectures in conjunction with a robust cloud migration strategy, achieve a level of maturity around tools and techniques for machine learning, embrace innovations in the natural language processing (NLP) space and adopt constructs like ‘data mesh’ to serve, and use analytical data at scale in distributed systems.
Finally, in the realm of cybersecurity, consumer awareness of data and privacy issues is on the rise and governments are creating legislation to better protect data. ThoughtWorksadvocates an approach to ‘build security in’ for software products, rather than give into the temptation of treating it as an option.
DQ: How are you moving towards being more agile in future?
SH: Effective business agility involves, not just the organization’s delivery or operations teams, but supporting functions like marketing, legal, HR, infrastructure and security. Simply put, business agility is the organization’s ability to reorganize, like a set of gears, to keep moving in ever changing business environments.
Our response to the call for greater agility will focus on these three areas:
Customer centricity is Disruptive and successful business model, transformation initiatives and business strategies are usually centered on customers. Today, it’s crucial for agile businesses to be able to quickly pivot to create relevant products and services for their customers.
Business continuity is as unprecedented as the Covid-19 crisis, throws conventional BCP plans out the window. Business models driven by innovation exhibit resilience and continue to provide services in uncertain and demanding market conditions.
Employee engagement refers to how Employee-centric organizations are driven by empathy. They focus not only on skill development but physical and mental well-being as well. This plays a crucial role in nurturing and maintaining a workforce that consistently aligns to dynamic business goals.
DQ: What are the new technologies that we need to focus on, in future?
SH: The below list forms our main focus areas:
Continuous delivery for machine learning (CD4ML) is a software engineering approach in which cross-functional teams produce machine learning applications based on code, data, and models in small and safe increments. These applications can be reproduced and reliably released in short adaptation cycles.
Data mesh claims that for big data to fuel innovation, its ownership must be federated among domain data owners who are accountable for providing their data as products. Data mesh also requires a new form of federated governance through automation to enable interoperability of domain-oriented data products. Decentralization, along with interoperability and focus on the experience of data consumers, are key to the democratization of innovation using data.
In the Extended Reality (XR) space, hand-tracking allows a user's hands to make the leap into virtual reality. An example is Stratos, Ultraleap's underlying haptics, sensors and software platform, and it can use targeted ultrasound to create haptic feedback in mid-air. A use case is responding to a driver's hand gesture to change the air conditioning in the car and providing haptic feedback as part of the interface. We're excited to see this technology and what creative technologists might do to incorporate it into their use cases.
Till date there's still no single blockchain that could achieve ‘Internet-level’ throughput. As various blockchain platforms develop, we're seeing new data and value silos. Cross-chain technology is a key topic in the blockchain community. The future of blockchain may be a network of independent parallel blockchains.
An example is Cosmos, which, through Tendermint and CosmosSDK, lets developers customize independent blockchains. These parallel blockchains could exchange value through the Inter-Blockchain Communication (IBC) protocol and Peg-Zones. ThougthWorks teams have had great experiences with CosmosSDK, and the IBC protocol is maturing. This architecture could solve blockchain interoperability and scalability issues.
We see a shift from accidental hybrid or whole-of-estate cloud migration plans to intentional and sophisticated hybrid, poly or portable cloud strategies, where organizations apply multidimensional principles to establish and execute their cloud strategy - where to host their various data and functional assets based on risk, ability to control and performance profiles.
How to utilize their on-premise infrastructure investments,while reducing cost of operations? And, how to take advantage of multiple cloud providers and their unique differentiated services without creating complexity and friction for users building and operating applications?
In a decentralized identity system, entities — discrete identifiable units such as people, organizations and things — are free to use any shared root of trust. In contrast, conventional identity management systems are based on centralized authorities and registries such as corporate directory services, certificate authorities or domain name registries.
The development of decentralized identifiers — globally unique, persistent and self-sovereign identifiers that are cryptographically verifiable — is a major enabling standard. Although scaled implementations of decentralized identifiers in the wild are still rare, we're excited by the premise of this movement and have started using the concept in our architecture.
The technology landscape of organizations today is increasingly more complex with assets — data, functions, infrastructure and users — spread across security boundaries, such as local hosts, multiple cloud providers and a variety of SaaS vendors. This demands a paradigm shift in enterprise security planning and systems architecture. The move is from static and slow-changing security policy management, based on trust zones and network configurations to dynamic, fine-grained security policy enforcement based on temporal access privileges.
Zero trust architecture (ZTA) is an organization's strategy and journey to implement zero-trust security principles for all of their assets — such as devices, infrastructure, services, data and users — and includes implementing practices such as securing all access and communications regardless of the network location, enforcing policies as code based on the least privilege and as granular as possible, and continuous monitoring and automated mitigation of threats.
Security policies are rules and procedures that protect our systems from threats and disruption. For example, access control policies define and enforce who can access which services and resources under what circumstances. Network security policies can dynamically limit the traffic rate to a particular service. The complexity of the technology landscape today demands treating security policy as code: define and keep policies under version control, automatically validate them, automatically deploy them and monitor their performance.