Greg Nokes, a Master Technical Architect with Heroku, interviews two members of Yobota, a banking systems provider: Ammar Akhtar, its CEO and co-founder, and James Maidment, the head of Technical Operations. The financial industry is heavily regulated. As it stands, it was only until about 2016 that the UK (where Yobota is based) gave favorable guidance for vendors to operate in the cloud. As a service provider, the banks that use Yobota are audited by the Financial Conduct Authority. As part of that audit, every single deployment performed over a year is examined. Regulators select a random set of them, and Yobota has to demonstrate that they know who was involved in the release, and precisely which services were affected. Thus, their entire shipping process is revolved around meeting this regulation goals. They're an integral part of the company, just as data security and uptime availability are.
The platform is designed in such a way to both evolve quickly and quickly perform safe deployments that are observable. Unlike other startups, Yobota has decided to invest in a sysadmin team, in order to split the organization between people who develop features and people who manage their compliance. For example, as the company grows, they've found that active hands-on management of permissions has been a valuable investment. Different groups need access to staging environments versus production environments; and, with over 300 apps on multiple dynos, access to resources needs to be carefully configured.
This is seemingly slow shipping process is advantageous for two reasons. First, meeting compliance is the law, and flirting around that has tremendous consequences. But second, and more importantly, Yobota also provides fake environments for their engineers to develop around. They're able to give developers the ability to experiment with their platform in a safe way; should they choose to advance a feature into a production environment, a different team is able to address what needs to be done to meet the needs of that regulated environment. James suggests to other companies working in these sorts of industries to consider compliance integral to the way their systems operates, and to think about concerns upfront, in advance of working on any feature.
Links from this episode118. Why Writing Matters for Engineers
117. Open Source with Jim Jagielski
116. Success From Anywhere
115. Demystifying the User Experience with Performance Monitoring
114. Beyond Root Cause Analysis in Complex Systems
113. Principles of Pragmatic Engineering
112. Managing Public Key Infrastructure within an Enterprise
111. Gift Cards for Small Businesses
110. Scaling a Bernie Meme
109. Meditation for the Curious Skeptic
108. Building Community with the Wicked CoolKit
I Was There: Stories of Production Incidents II
107. How to Write Seriously Good Software
106. Growing a Self-Funded Company
105. Event Sourcing and CQRS
104. The Evolution of Service Meshes
103. Chaos Engineering
102. Whether or Not to Repeat Yourself: DRY, DAMP, or WET
101. Cloud Native Applications
100. Math for Programmers
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
Black Wolf Feed (Chapo Premium Feed Bootleg)
Bannon`s War Room