Up to this point, we have introduced the fundamental ideas of a functional IT organization. In Chapter 6, we established the critical importance of identity and access control. However, in the real world, people access systems from a vast array of different operating systems, devices, and platforms. A core challenge of modern computing is to deliver a consistent, secure experience regardless of where a user or system is connecting from.
Furthermore, our work doesn't exist in a vacuum. Sometimes we perform processing in the cloud using a Platform as a Service (PaaS), but other times we must download data to our own devices to work locally. When we work in teams, sharing code and data across multiple computers introduces the classic and deeply frustrating problem: "but it works on my machine."
Finally, this all happens in an environment of constant change. The cloud platforms, programming languages, and databases we rely on are continuously being updated. Security patches are released to fix vulnerabilities, sometimes in response to major, publicly known zero-day exploits like Log4Shell or Heartbleed, which require urgent fixes across systems globally. How does a development team ensure their existing applications don’t break with these updates?
These issues are at the core of what we'll call the modern software factory. Like any factory, it isn't just about the hardware and machinery (the infrastructure). It's about the people, tasks, and automated processes that create value—keeping systems updated, running securely, supporting growing numbers of users, and adding new capabilities like AI.
To understand how organizations navigate these challenges, let's introduce a few personas, each representing a different strategy for building their software factory. Their journey will map directly to the levels of our Cloud Architecture Evolution diamond, which serves as the blueprint for this chapter.
In the past, Buy-It Inc. would still have needed to purchase servers and hire engineers to keep their licensed software running. The cloud changed this. Now, Buy-It Inc. can subscribe to a Software as a Service (SaaS) offering and pay a fee per user. By doing so, they have pushed the responsibility for maintaining the hardware and software to the SaaS provider. But let's not be blind: that SaaS company still operates a factory just like Build-It Corp, even if it runs in the cloud. They have simply mastered the art of building and scaling their factory efficiently to serve many customers at once.
Let's now follow the evolutionary journey of companies as they decide how to build and operate their own factory.
Build-It Corp starts with a traditional on-premises datacenter. They quickly realize they can make their IT spending go further with virtualization. For instance, rather than issuing expensive 1TB laptops to every employee, they can provide more modest 256GB laptops and purchase a central 100TB storage server. From this central server, they can give each employee a "virtual" 500GB drive. Since most employees won't use all their allocated space, the shared resource is utilized much more efficiently.
Virtualization also allows them to solve the "it works on my machine" problem. Because a virtual machine (VM) is like running an entire operating system inside another one (e.g., running Windows on a Mac), they can create standardized VM "images" for their developers, ensuring everyone has the exact same versions of all necessary software.
Eventually, Build-It Corp may get tired of managing its own virtualization hardware. They can then go full Infrastructure as a Service (IaaS). With a few clicks in a web console or a single line of code in a cloud shell, they can launch a cloud-based computing instance. This instance is called a virtual machine because the cloud provider is using the exact same virtualization technology to deliver the service, but now they are handling the underlying hardware.
Now let's meet a new company: Blend-It Corp. They realize that completely depending on a SaaS vendor is too restrictive, but they don't want to deal with managing virtual machines, operating systems, and configurations like Build-It Corp does. They want a happy middle ground.
Their solution is Platform as a Service (PaaS). This model abstracts away the operating system and software environment—the very things virtualization provides—and allows developers to focus purely on writing their application code. This frees them from the restrictions of a SaaS vendor while saving them from the operational burden of IaaS. The PaaS provider is responsible for ensuring their infrastructure is up-to-date, the virtualization layer is maintained, and there is bandwidth to scale as needed.