This is the first in a multi-part interview series with Capital One’s VP of cloud strategy Bernard Golden as he engages with the most important topics in cloud computing. For this inaugural piece, Golden sheds insight on the challenges to create efficiency across the entire application value chain and the advantage of the traditional systems development life cycle (SDLC) concept in enterprises. As different industries start thinking and operating like software companies, Golden discusses how and why the SDLC approach has reemerged to build and deliver software applications.
There was a time when systems development life cycle (SDLC) was the in-favor methodology for building new software. The framework coordinates the individual tasks performed when planning, building, and maintaining applications. The overall aim was to ensure the quality and accuracy of the products built, and to ensure they would meet customer expectations.
But software development has moved on since the SDLC days. Over the past decade, newer practices such as agile development have supplanted individual tasks within the traditional SDLC, disrupting the traditional application lifecycle. As a result, the term SDLC has faded from our day-to-day conversations.
Now SDLC is back. It’s resurfacing as an important topic as software development planning has become more detailed and complicated. There’s now a stronger need for a system to manage and control it effectively. Here, Bernard Golden, vice president of cloud strategy at Capital One, tells us why SDLC is returning to the mainstream.
Q. Why did SDLC go out of favor, and why is it returning?
SDLC was conceived at a time when applications changed far less frequently and the designs were far more monolithic. As alternatives came forward, such as agile development, it was clear they were better and faster than the individual parts of the traditional SDLC.
While SDLC had a slow-moving, very deliberate approach, processes like agile were designed to iterate very quickly around development and reduce the amount of time between the conception of a feature and actually seeing it come to fruition, allowing for better business decisions. These processes started to replace portions of the overall software development lifecycle and gained a lot of attention because they were so much faster and better.
Monolithic application designs impose slowness on a process because everybody has to put their code changes into one large executable file. And then they have to make sure they are all integrated properly. I've seen instances where the integration process can take a whole month. Everybody checks in with their code and then they spend a month just sorting out how it all works together.
Now we have moved to a world where there is one set of tools to help track the agile development process and another set of tools that the operations people use for DevOps. And there’s also architecture that's decomposed.
The challenge now is to coordinate all of these different moving parts to create efficiency across the entire application value chain. People are finding they have bottlenecks in their phase transitions, and that’s why we have seen the reemergence of the SDLC concept. People are asking how they can treat the entire process as an integrated operational construct. I've noticed these discussions becoming more frequent among my peers over the past 18 months or so.
Q. Will this new approach work?
We are increasingly moving toward a new way that software applications are built and delivered, and so you need a new approach to things.
Now everybody needs to manage applications. It’s no longer just cloud-native companies doing this; it’s really coming to all enterprises now. Applications have to be always on, and they have to be supportable and frequently updated. They also have to be decomposed into microservices so that you can update individual parts at their own rate, and so you don't have to go through a lengthy integration cycle.
Every company — as they do increasing amounts of business online, and as customer preferences move toward the digital realm — has to get really good at running applications. They need to optimize the processes they use to manage them.
Q. Could you give a concrete example of how one would manage an application like this under the SDLC approach?
Take, for example, Capital One’s mobile banking app; it’s really elegant and easy to use. In fact, J.D. Power again this year ranked our mobile app highest in customer satisfaction among mobile banking apps.
The behind-the-scenes work is what makes the app work so sophisticatedly. Each of the components that allow you to sign in, deposit checks, or transfer funds, can be updated individually and without disturbing the other functions in the same environment. And each function has to coordinate seamlessly with all the others so that the user has a flawless experience when using the app.
To achieve this, each function has its own SDLC, and we follow agile development practices that allow for frequent updates. We have good DevOps practices to roll back those updates if necessary. So by following this sort of next-gen SDLC model, and by decomposing the process, we can get away from the old monolithic model of application development.
Q. Why is a SDLC approach so important now for enterprises?
It’s a bit cliché, but it’s true that every company now has to think of itself as a software company. You have to start thinking and operating like a digital company, regardless of the industry, because the common capabilities of cloud-native companies like Lyft, Netflix, or Capital One are what the customer expects and demands. The customer now wants services to be convenient to use and available anytime they want.
For example, a bank app has a set of capabilities with a whole set of services behind it. This includes checking balances, making transactions, or fraudulent activity alerts. Every one of those capabilities is a service and every one of those services has to have its own SDLC so that any additional functionality can be conceived and developed.
Some app services aren't quite so critical, but you always want to be able to check your balance or make a payment. You need to think about those “always-on” services the same way any cloud-native company would: a company wouldn’t take an app offline for half a Saturday afternoon to update its capabilities. They have developed very sophisticated lifecycles to manage their apps as they are running.
Q. How can companies take advantage of the SDLC approach?
Warren Buffet famously said you only know who’s naked when the tide goes out. What he meant by this is it's only when adverse conditions come along that you realize there's some vulnerability or shortcoming somewhere.
Something analogous has happened in cloud computing. The cloud has vastly reduced the time required to provision infrastructure, and that exposes the inefficiencies in the software development lifecycle. Once it takes minutes to provision compute services, the obvious question becomes, “Why does it still take weeks or months to roll out application updates?”
So if you want to get the full value from the cloud, you will have to optimize your software development lifecycle. You need very sophisticated monitoring and problem tracking, and good “day two” capabilities. You need to streamline your SDLC, incorporating newer processes such as agile development, DevOps, and infrastructure deployment.
In other words, you have to adopt what might be referred to as “SDLC 2.0” — an integrated, streamlined application lifecycle that reduces friction to deploying a code change into a production environment, and then monitor and manage that change on an ongoing basis.
Q. What will drive enterprises to engage in SDLC again?
Companies that are smart about developing, delivering, and managing their software are going to stand out in the marketplace. According to a DevOps Research and Assessment (DORA) report, software teams using DevOps well can achieve competitive advantage over their peers, improving customer satisfaction and grabbing market share.
Every company now has to recognize the importance of a SDLC approach in figuring out how they're going to optimize across their entire IT development process because customer expectations are now being set by the most advanced marketplace offerings. You have to meet that demand now because your customers expect those capabilities and convenience. And of course it all ties back to how you manage your software.