Best practices for multi-vendor IT modernization projects

Best Practices for Multi-vendor IT Modernization Projects

2024-10-05

Advocate Business Consulting’s experts were leading many feasibility workshops in the past couple of months that helped CIOs initiate large-scale core system modernization projects and with the help of our experts those projects were carried out successfully with the introduction of a microservice-based architecture. However, the transition from monolithic core systems to microservices has its own challenges that need to be addressed first with detailed operation guidelines.

The goal of many Hungarian Financial Institutions was to modernize their core systems by following a process that involves breaking down large, monolithic applications into smaller, independent and loosely coupled services that can communicate via APIs. These projects were heavily relying on vendors that were already strategic partners of our clients and in some cases brand new vendors needed to be onboarded to handle the enormous backlog of the projects.

Managing a multi-vendor microservice architecture introduces complexity especially when different services or components are supplied by various vendors. The flexibility and scalability of microservices can lead to integration, performance and security challenges. To ensure the architecture remains efficient, reliable and scalable, organizations need to adopt best practices for managing multiple vendors in a microservices environment. Advocate Business Consulting’s experts created detailed guidelines on the following issues that must be addressed during a modernization project:

Technical standardization and governance: different vendors may follow varying development standards, toolchains and communication protocols, leading to inconsistencies in the architecture. To prevent inconsistencies and miscommunication it’s essential to establish clear standards for APIs, communication protocols (REST, gRPC, etc.), data formats (JSON, XML) and security requirements across all vendors. Having a common set of standards ensures that services integrate seamlessly and reduces the risk of incompatibility. With the help of governance policies and platforms (e.g. Apigee) vendors will be able to comply with the detailed technical and security standards.
Centralized API Gateway and Service Mesh: managing multiple microservices from different vendors can lead to challenges in security, routing and monitoring traffic between services. With the introduction of an API Gateway the routing, load balancing, rate limiting and security (authentication and authorization) for all external and internal services communications could be achieved easily. For deeper traffic management, security and observability at the service-to-service level, a service mesh should be considered. A service mesh manages communication between microservices and provides features like automatic retries, circuit breaking and fine-grained access control.
Robust vendor onboarding and offboarding: onboarding new vendors and offboarding existing ones can be time-consuming and disruptive, especially during fast-paced projects. The best practice is to develop clear onboarding and offboarding procedures for vendors. These procedures should cover documentation, security standards, integration guidelines, and testing protocols. Automated CI/CD pipelines should make onboarding faster by validating compliance with existing infrastructure. Also ensure that when offboarding a vendor, services can continue operating without dependencies on the outgoing vendor. Decouple services so that replacements can be easily integrated without downtime.
Documentation and Vendor collaboration: collaborating and task delegation across multiple vendors can create communication silos and hinder transparency. It is a necessity to maintain clear, up-to-date documentation for all microservices, including their. It is imperative to ensure vendors provide robust documentation and align on versioning practices. Collaboration tools like Confluence can be used to centralize all architectural documentation. It is advised to etablish and maintain open communication channels for collaboration, such as shared Teams channels or regular review meeting to ensure vendors are aligned on common goals and standards.

Managing a multi-vendor microservice architecture requires a balance of flexibility and control. By enforcing common standards, improving visibility, and maintaining resilience across the vendor ecosystem, organizations can build an agile, scalable and secure microservice architecture that drives innovation without sacrificing stability or security. With the help of Advicate Business Consulting’s experts, many of the Hungarian Financial Institutions were able to carefully plan and leverage microservices and APIs with the help of our established guidelines and core principles governing everyday collaboration.