Requirements

In the previous chapter, we introduced Fetched & Far GmbH and established a set of design principles that will guide every architectural decision throughout this series.
Now it's time to start designing the company's IT infrastructure.

But before choosing technologies, we first need to understand what the business actually requires.

My responsibility in this fictional company isn't to deploy software but rather to solve business problems using technology.
That means translating business requirements into technical requirements that can later be implemented using the right tools.

Only then can we begin making architectural decisions.

Business Objectives

Before building any infrastructure, I met with the company's leadership team to understand how the business operates and what it expects from IT.

After several discussions, six key objectives became clear.

  • Hybrid work
  • Fast on-boarding
  • Security
  • Scalability
  • Low operational overhead
  • Business continuity

Constraints & Challenges - Architectural Drivers

Fetched & Far faces several architectural challenges that will influence every decision made throughout this series.

Protecting Customer Data

Fetched & Far stores and processes customer information therefore must the infrastructure provide strong authentication, granular access control, encryption where appropriate, and complete auditability.

Security must be verifiable by external business partners and must be build around this core concept

Hybrid Workforce

Most employees work remotely several days a week.

Internal services must therefore be securely accessible from outside the office without sacrificing usability.
Employees should be able to work from anywhere while maintaining the same level of security as if they were connected from inside the corporate network.

Multiple Office Locations

Fetched & Far currently operates from two offices in Stuttgart and Zurich.

Although each office should function independently, employees must experience the infrastructure as one unified environment.
Identity, collaboration and internal services should remain consistent regardless of location.

Rapid Growth

The company expects to grow from 120 to around 500 employees over the next few years.

The architecture should scale naturally without requiring major redesigns as new employees, services and offices are added.

Small IT Team & Budget

The IT department consists of only six people.
Operational complexity must therefore be kept as low as possible.

At the same time solutions must be cost effective to not only follow the core business principles of Fetched & Far but also to work in the constraints of its currently limited budget.

These architectural drivers don't tell us how to build the infrastructure but instead they define what the architecture must achieve.

Translating Business Needs

At this point, we have a clear understanding of the company's business objectives and the architectural drivers that influence every design decision.
However, they still don't describe what the infrastructure must actually provide.

To bridge that gap, we can translate each business need into one or more technical requirements.

Business NeedTechnical Requirement
Hybrid workforceSecure remote access
Protect customer dataStrong authentication and granular authorization
Rapid growthScalable and modular infrastructure
Small IT teamCentralized management and automation
Business continuityReliable backups and disaster recovery
Multiple office locationsUnified identity and seamless connectivity

Baseline

With the business objectives, architectural drivers and technical requirements now clearly defined, we have established a solid foundation for the rest of this project and can define an full list of business and technical requirement that we can reference in the future.

IDBusiness RequirementRationale
BR-01Employees should have a single identity across all internal services.Reduces administration and improves usability.
BR-02Employees should be able to securely access company resources from any location.Supports the company's hybrid working model.
BR-03Customer and company data must be protected against unauthorized access.Protects sensitive information and builds customer trust.
BR-04New employees should be onboarded quickly with minimal manual effort.Supports rapid growth and reduces operational overhead.
BR-05The infrastructure should scale without major architectural redesigns.Enables long-term business growth.
BR-06Critical services must remain observable and recoverable.Ensures business continuity.
BR-07The IT infrastructure should be manageable by a small IT team.Reduces operational complexity and cost.
IDDerived FromTechnical Requirement
TR-01BR-01Central Identity Provider
TR-02BR-02Secure Remote Access
TR-03BR-03MFA, RBAC and Encryption
TR-04BR-04Identity Lifecycle Management
TR-05BR-05Modular Architecture
TR-06BR-06Monitoring, Logging and Backups
TR-07BR-07Automation and Centralized Management

Each requirement is assigned a unique identifier to simplify referencing throughout the project and to maintain clear, consistent documentation.

They also serve as the foundation for consistent internal documentation, supporting BR-06 and making future changes easier to justify and review.