Leading Financial Services Company Scales Enterprise Software with the JFrog Platform

Company Overview

According to Mordor Intelligence, the market for Financial Services Applications is expected to grow at a CAGR of 13.1% over the next five years reaching an astonishing value of $272 billion by 2029. This requires expanding technical teams and scaling the software delivery infrastructure to support them.

This leading financial services company with over $50 billion in revenues, recently added over 5,000 software engineers, coders, and developers, to expand their development team. The majority of new hires are in the US, with almost one-third in India and the rest in Europe. Company operations support over 75,000 employees spread across more than 160 countries.

This is certainly in line with industry trends as technology continues to take a greater role in the success of financial companies through modernizing backend infrastructure, incorporating AI and ML into financial analytics, and developing personalized interfaces for consumers.

To keep up with the increasing demand for new applications, this and other leading financial firms have introduced open-source software into their IT environments, requiring companies to map out dependencies and audit processes to maximize productivity, lower operating costs, and minimize the risk of attack due to software vulnerabilities.

Challenges

With development sites spread over multiple geographies and the increased software delivery velocity, this leading financial services provider began to experience issues regarding the coordination of development teams. More specifically, the issue of developers having the authority to access certain 1st or 3rd party artifacts, ensuring that they were using promoted versions, fast retrieval of artifacts in various geographical locations, and proper vetting of third-party and open-source packages to prevent the introduction of vulnerabilities into their applications.

The problem became acute when the single centralized server hosting their development environment, including binaries, libraries, and dependencies went down, causing a significant outage that shut down development operations and impacted production deployments. This situation is a cause of great concern, especially in the financial services sector with regulations that mandate 24×7 uptime and availability, and the financial damage due to software unavailability can be significant.

With their previous vendor Sonatype unable to provide a scalable, multi-site enterprise solution, the DevOps team realized they needed to deploy a new Software Supply Chain Platform that must include these key enterprise capabilities:

• High availability
• Multi-site Federated repositories
• Access Federation
• Global Scalability

In addition to replication from region to region, the platform also needed to sync developer permissions and manage 1st and 3rd party artifacts. The requirement of these features led to conversations regarding adoption of The JFrog Platform.

Solution

Before discussing individual features, the JFrog Platform’s support for a truly distributed architecture was already a big differentiator from their previous centralized system, providing regional support and multi-site replication right out of the box.

Being able to fully access builds and upload & retrieve all of their software artifacts from any location meant that if one site was down, development & production deployment operations were unaffected as artifacts could be pulled automatically from any other repository. This certainly fulfilled their first requirement of zero downtime and high availability. Not only for resilience and disaster recovery, but the multi-site also enabled local access with increased speed, which dramatically increased the delivery velocity and developer happiness.

In terms of multi-site replication, it is recommended that all software artifacts, including shared resources, and external and internal dependencies, be physically co-located with software developers and build engines to enable production software builds at top speed. JFrog’s unique multi-site capabilities ensure local access to resources in any network topology. Including:

• Federated repositories based on JFrog’s innovative technology for bidirectional mirroring between enterprise repositories in different installations of Artifactory can fulfill a mesh topology across multiple sites.
• Replicated repositories offer a variety of topology choices, including push and pull replication topologies and scheduling strategies such as on-demand, on-schedule, or event-based replication.

It is clear from industry trends that financial institutions are expanding their global technology teams, putting pressure on DevOps to support multi-site development, making scalability a must-have.

Within one year after moving all the artifacts to JFrog Artifactory, this financial services company expanded from one to four regional development environments, with real-time replication between North American and Asian development centers. Due to the flexibility and automation of JFrog, they are also planning on opening additional regional data centers in Europe and Asia soon.

According to ZipDo, 78% of financial firms derive value from open-source software, making scanning these packages key to avoiding vulnerabilities and malicious packages, verifying licensing agreements, and supporting compliance with emerging standards. In this case, JFrog’s extensive APIs were leveraged to integrate the customer’s existing scanning tools along with JFrog’s native open-source package curation capabilities.

Reference architecture of four on-prem sites with federated repositories

Results

Deployment of The JFrog Platform not only provided a technical solution but also contributed to achieving these crucial commercial goals:

• Business continuity
• Downtime Avoidance
• Simplified operations and reduced development costs
• Ability to scale quickly and reliably

Software outages affect business operations and damage customer trust, vital for financial services institutions. By replicating all artifacts across multiple development environments, internal and external customers would not be affected even if the server hosting the Docker registry goes down. This increased confidence in their ability to deliver safe and quality applications on time and within budget.

The extensive automation of The JFrog Platform makes scanning, storage, and retrieval of source code, binaries, libraries, and dependencies more developer-friendly than ever while streamlining operations and simplifying incident remediation with a single accessible source of truth for all software artifacts.

With JFrog, scalability not only meant the ability to open additional development centers quickly but also included the deployment of more applications and services in less time to increase efficiency and lower the cost of operations.

The extensive support provided by JFrog was also a critical component of the deal. The DevOps team and JFrog engineers met regularly to discuss ways to improve efficiency, leverage advanced features, and carry out preventive maintenance to avoid problems before they happen.

By migrating to JFrog, this leading financial services company successfully addressed its challenges for zero-downtime, high availability, multi-site development, streamlined software delivery processes, increased code to production automation, and improved developer productivity and experience for scalability now and in the future.  This transition has enabled them to streamline their development operations, ultimately saving time and resources while ensuring fast and efficient delivery of their applications.

We invite DevOps professionals from the financial services industry to start a free trial and see how the JFrog Platform changes how enterprises develop software.

Products
The JFrog Platform, JFrog Artifactory

Additional Resources
White Paper:      Replication: Manage Binaries Across Multi-Site Topologies
Solution Sheet:  Get Ready for High Availability
White Paper:      Artifact Management: Best Practices for Scalability and Growth