In the previous chapter, we introduced Fetched & Far GmbH and established a set of design principles that will guide every architectural decision throughout this series.
Now it's time to start designing the company's IT infrastructure.
But before choosing technologies, we first need to understand what the business actually requires.
My responsibility in this fictional company isn't to deploy software but rather to solve business problems using technology.
That means translating business requirements into technical requirements that can later be implemented using the right tools.
Only then can we begin making architectural decisions.
Business Objectives
Before building any infrastructure, I met with the company's leadership team to understand how the business operates and what it expects from IT.
After several discussions, six key objectives became clear.
- Hybrid work
- Fast on-boarding
- Security
- Scalability
- Low operational overhead
- Business continuity
Constraints & Challenges - Architectural Drivers
Fetched & Far faces several architectural challenges that will influence every decision made throughout this series.
Protecting Customer Data
Fetched & Far stores and processes customer information therefore must the infrastructure provide strong authentication, granular access control, encryption where appropriate, and complete auditability.
Security must be verifiable by external business partners and must be build around this core concept
Hybrid Workforce
Most employees work remotely several days a week.
Internal services must therefore be securely accessible from outside the office without sacrificing usability.
Employees should be able to work from anywhere while maintaining the same level of security as if they were connected from inside the corporate network.
Multiple Office Locations
Fetched & Far currently operates from two offices in Stuttgart and Zurich.
Although each office should function independently, employees must experience the infrastructure as one unified environment.
Identity, collaboration and internal services should remain consistent regardless of location.
Rapid Growth
The company expects to grow from 120 to around 500 employees over the next few years.
The architecture should scale naturally without requiring major redesigns as new employees, services and offices are added.
Small IT Team & Budget
The IT department consists of only six people.
Operational complexity must therefore be kept as low as possible.
At the same time solutions must be cost effective to not only follow the core business principles of Fetched & Far but also to work in the constraints of its currently limited budget.
These architectural drivers don't tell us how to build the infrastructure but instead they define what the architecture must achieve.
Translating Business Needs
At this point, we have a clear understanding of the company's business objectives and the architectural drivers that influence every design decision.
However, they still don't describe what the infrastructure must actually provide.
To bridge that gap, we can translate each business need into one or more technical requirements.
| Business Need | Technical Requirement |
|---|---|
| Hybrid workforce | Secure remote access |
| Protect customer data | Strong authentication and granular authorization |
| Rapid growth | Scalable and modular infrastructure |
| Small IT team | Centralized management and automation |
| Business continuity | Reliable backups and disaster recovery |
| Multiple office locations | Unified identity and seamless connectivity |
Baseline
With the business objectives, architectural drivers and technical requirements now clearly defined, we have established a solid foundation for the rest of this project and can define an full list of business and technical requirement that we can reference in the future.
| ID | Business Requirement | Rationale |
|---|---|---|
| BR-01 | Employees should have a single identity across all internal services. | Reduces administration and improves usability. |
| BR-02 | Employees should be able to securely access company resources from any location. | Supports the company's hybrid working model. |
| BR-03 | Customer and company data must be protected against unauthorized access. | Protects sensitive information and builds customer trust. |
| BR-04 | New employees should be onboarded quickly with minimal manual effort. | Supports rapid growth and reduces operational overhead. |
| BR-05 | The infrastructure should scale without major architectural redesigns. | Enables long-term business growth. |
| BR-06 | Critical services must remain observable and recoverable. | Ensures business continuity. |
| BR-07 | The IT infrastructure should be manageable by a small IT team. | Reduces operational complexity and cost. |
| ID | Derived From | Technical Requirement |
|---|---|---|
| TR-01 | BR-01 | Central Identity Provider |
| TR-02 | BR-02 | Secure Remote Access |
| TR-03 | BR-03 | MFA, RBAC and Encryption |
| TR-04 | BR-04 | Identity Lifecycle Management |
| TR-05 | BR-05 | Modular Architecture |
| TR-06 | BR-06 | Monitoring, Logging and Backups |
| TR-07 | BR-07 | Automation and Centralized Management |
Each requirement is assigned a unique identifier to simplify referencing throughout the project and to maintain clear, consistent documentation.
They also serve as the foundation for consistent internal documentation, supporting BR-06 and making future changes easier to justify and review.