Technology. Organisation. Transformation.

Neuland

Neuland is the handbook for technology, organisation and digital transformation. It explains concepts, provides decision-making frameworks and documents the methods we work with: factual, without marketing language, grounded in practice.

The handbook is for everyone interested in internet, cloud and infrastructure, AI and data, IT security, open source, agile methodology, organisational culture and digital sovereignty. Team members, clients, partners and those who want to make well-founded decisions. It is not a sales document, but a thinking aid.

The content is organised into five areas: Culture, Strategy, Technology, Innovation and Tools. Each area has an introduction page with an overview and context, followed by individual pages on specific topics.

Note on methodology Living Handbook: This handbook is not finished. It grows organically with new technological realities. Therefore, visible Open Topics can be found at the end of many chapters, transparent placeholders for concepts and references that have yet to be developed or validated.

Why a handbook instead of PowerPoint presentations?

Working Code over Pretty Slides. The handbook is the single source of truth we align around asynchronously, without meeting overhead, without knowledge loss when someone leaves and ready for onboarding newjoiners to the project.

Reference Guide

  • GitLab Handbook: Blueprint for asynchronous, handbook-driven company culture.
  • Basecamp Handbook: Example of radically transparent internal policy documentation.

Table of Contents

Culture

Systemic organizational development, engineering culture, and agile scaling strategies.

  • Culture and Mindset: Technology scales on a functional cultural foundation. How psychological safety and error culture create measurable IT efficiency.
  • Blameless Culture: Errors as a systemic learning opportunity instead of individual failure. How Blameless Post-Mortems increase operational resilience and speed.
  • Leadership Principles: Leadership in the digital age means context over micromanagement. Principles for scalable decision-making and team autonomy.
  • Agile Scaling: Scaling is more than just hiring more people. How Team Topologies and the reduction of cognitive load maintain agility in growing organizations.
  • InnerSource: Apply open-source principles within the company. How InnerSource breaks down silos, increases code quality, and democratizes knowledge.
  • Product Mindset: From pure project focus to value-creating products. How the Product Mindset ensures alignment with customer value and long-term maintainability.
  • Delivery Management: Making software delivery steerable. How DORA metrics and modern delivery processes create transparency and increase the impact of IT organizations.
  • Developer Experience: Optimizing the productivity of the development organization. How reducing cognitive load and good toolchains improve Developer Experience (DevEx).
  • Remote and Async Work: Efficiency through asynchronous communication and written culture. How remote work models standardize knowledge distribution and create geographic independence.
  • Stakeholder Management: Transformation needs allies. How strategic stakeholder management and radical transparency reduce resistance and safeguard projects.
  • Employee Lifecycle: Retain and develop employees. How a structured Employee Lifecycle from onboarding to offboarding strengthens psychological safety and company culture.
  • Engineering Career Framework: Growth paths beyond management. How the Dual Track Career Framework enables expert careers and retains valuable expertise within the organisation.

Strategie

Digital sovereignty, cloud economics (FinOps), and strategic vendor management.

  • Business Strategy: IT strategy as an economic lever. How ecosystems, APIs, and SaaS operating models determine the market value and scalability of organisations.
  • Digital Sovereignty: Control over your own IT infrastructure and data. Why digital sovereignty through Open Source and open standards is the foundation for long-term operational independence.
  • Make or Buy: The fundamental decision between custom development and standard software. An objective matrix for architecture decisions based on TCO and competitive advantage.
  • Managed Services: Outsource operations, retain focus. When managed services and SaaS are the right choice, and where the limits lie.
  • TCO: Calculate the total cost of an IT solution realistically. How TCO analyses uncover hidden costs and enable informed make-or-buy decisions.
  • Vendor Lock-in: Recognising and assessing dependencies on cloud providers. Strategies for avoiding Vendor Lock-in through abstraction and standardisation.
  • Legacy Modernisation: Modernise legacy core systems without disrupting operations. Strategies for legacy replacement from strangler fig migration to modular architecture.
  • Public Code and SBOM: Public money for public code. Why Public Code and Software Bills of Materials (SBOM) are the foundation for trust and transparency in the public sector.
  • OSS Business Models: Open source as a strategic economic asset. How companies create value through Open Source Program Offices (OSPO) and targeted licensing models.
  • Data Monetization: Data as an intangible economic asset. How Infonomics and sovereign data architectures enable new revenue streams and efficiency gains.
  • Innovation Management: Steering innovation systematically instead of relying on chance. How the 3-Horizons Model and structured experiments make the technology portfolio future-proof.
  • Green IT: Ecological sustainability as a competitive factor. How efficient software architecture, Green Coding, and sustainable hosting optimize the IT balance sheet and costs.
  • Marketing Automation, CDP and PLG: Scalable marketing through technology. How marketing automation, customer data platforms (CDP), and product-led growth (PLG) automate sales.
  • Technical SEO and Core Web Vitals: SEO is an architectural topic. Why Core Web Vitals, semantic structure, and performance are more important today than isolated keywords.
  • Ecommerce Architectures and Composable Platforms: Modern e-commerce architectures beyond monoliths. How Headless systems and Composable Commerce increase flexibility and scalability in online retail.
  • SAM and FinOps: Control over software assets and cloud costs. How Software Asset Management (SAM) and FinOps secure the economic efficiency of the IT landscape.
  • OSPO: Open source as a core component of the software supply chain. How an Open Source Program Office (OSPO) steers the strategic use and compliance of OSS.
  • Hardware and Workplace: The physical workplace in a digital world. Why hardware strategy, Endpoint Security, and Zero-Trust at the endpoint are critical to productivity.
  • Digital Workplace (M365): Productivity and governance in the Microsoft ecosystem. How a structured M365 architecture enables collaboration and prevents data sprawl.
  • Partner Management: Successful steering of IT service providers and agencies. How partner management through clear SLAs, transparency, and shared goals secures quality.

Technology

Architectural guiding principles, CI/CD operating models, and Security by Design in the enterprise context.

  • System Architecture: Designing scalable system landscapes. How moduliths, microservices, and the Strangler Fig pattern minimize technical debt.
  • Conway's Law: Wenn Systemarchitektur die Organisationsstruktur widerspiegelt. Conway's Law als Diagnose-Tool und Gestaltungsprinzip für Engineering-Organisationen.
  • Microservices: Anwendungen als Sammlung kleiner, unabhängiger Services bauen. Wann Microservices sinnvoll sind und wie man die Komplexitätsfallen vermeidet.
  • API-First: Interfaces as the primary integration strategy. How headless architectures and API-First design dissolve data silos and create flexibility.
  • Event-Driven Architecture: Reactive systems through asynchronous communication. How Event-Driven Architecture (EDA) optimizes load distribution and increases system resilience.
  • Tech Stack: Resource allocation through technological pragmatism. How Innovation Tokens and the 'Boring Technology' principle ensure maintainability.
  • Standard Software: Strategic evaluation between custom software and standard solutions. How Composable Architecture minimises integration effort.
  • CI/CD: Automation of software delivery. How CI/CD pipelines and automated testing accelerate release cycles and lower the error rate.
  • Platform Engineering: Optimising developer productivity. How Internal Developer Platforms (IDP) reduce Cognitive Load and create Golden Paths for teams.
  • Cloud Native: Cloud Native as an architectural paradigm. How containerisation, Kubernetes and elastic infrastructure ensure scalability and resilience.
  • IaC and GitOps: Infrastructure as Code and declarative configuration. How GitOps anchors the Single Source of Truth for the entire system environment in Git.
  • FinOps: Financial governance in cloud environments. How FinOps maximises IT efficiency through cost attribution, tagging strategies, and Unit Economics.
  • Quality Assurance: Quality assurance as an integral part of development. How automated tests and Shift-Left strategies increase confidence in releases.
  • DORA Metrics: Vier Kennzahlen für Software-Delivery-Performance. Wie DORA-Metriken Teams helfen, Engpässe zu erkennen und kontinuierlich zu verbessern.
  • AI Development: AI-assisted software development and orchestration. How Copilots and LLM integrations are fundamentally changing the software lifecycle.
  • Security Strategy: Holistic security strategies for modern IT systems. How Zero Trust, supply chain security, and risk management ensure digital resilience.
  • Offensive Security: Proactive attack defence through Red Teaming and Penetration Testing. How offensive methods uncover vulnerabilities before attackers find them.
  • Zero Trust: Vertrauen als Designprinzip eliminieren. Wie Zero-Trust-Architekturen den Perimeterschutz durch kontextsensitive Zugriffskontrollen ersetzen.
  • Compliance: Compliance as an automated process. How Compliance as Code and legally sound architectures meet regulatory requirements (nFADP, GDPR).
  • Service Management: Service Management between ITIL and SRE. How modern operating models ensure service quality and bridge the gap between business and ops.
  • Observability: Understanding what's happening inside your system. How telemetry, Distributed Tracing, and dashboards increase transparency and accelerate troubleshooting.
  • SRE: Software-Engineering-Methoden auf den IT-Betrieb anwenden. Wie SRE mit SLOs, Error Budgets und Toil-Reduktion zuverlässige Systeme baut.
  • Incident Response: Methodical action in a crisis. How Incident Response processes and Chaos Engineering train the resilience of systems and teams.
  • Disaster Recovery: Protection against total failure. How RTO/RPO definitions and regular recovery audits ensure the survival of the business.
  • Post-Mortem: Learning from failures without blame. How structured Post-Mortem reports and systemic analysis lead to lasting improvements in IT organisations.

Innovation

Data engineering, generative AI architectures, and emerging technologies.

  • Data Architecture: Modern data architectures for scalable AI systems. How Medallion Architecture and Data Mesh ensure data quality and availability.
  • Modern Databases: Database strategies for the AI era. Why Polyglot Persistence and vector databases are indispensable for modern applications today.
  • GenAI and RAG: Extending AI systems with your own knowledge. How Retrieval-Augmented Generation (RAG) on sovereign infrastructure minimises hallucinations and ensures data privacy.
  • Data Governance: Ensuring data quality and accountability. How Data Governance and Observability create trust in data products within distributed systems.
  • Data Mesh: Decentralised data architecture for large organisations. How Data Mesh shifts data ownership and responsibility into domain teams.
  • Tech Radar: Evaluating technological trends systematically. How a Tech Radar creates orientation and structures decision-making for new tools.
  • Tech Debt: Managing technical debt strategically. How visibility and planned refactorings preserve the organisation's long-term capacity for innovation.
  • OSS Strategy: Open Source as a driver of innovation. How strategic contributions to OSS projects support technological market leadership and talent acquisition.
  • Blockchain and Web3: Decentralised trust anchors for business. How Blockchain and Web3 technologies enable secure identities, Smart Contracts and transparency.
  • Edge Computing: Processing data where it originates. How Edge Computing and IoT reduce latency, conserve bandwidth, and increase resilience.
  • MACH Architecture: Modern commerce architecture based on open standards. How MACH replaces monolithic platforms with composable, interchangeable services.
  • Privacy and Anonymity: Privacy as a technical feature. How Privacy-Enhancing Technologies (PETs) and anonymisation techniques guarantee the protection of sensitive data.
  • Digital Ethics: Ethical responsibility in digitalisation. How Algorithmic Accountability and Ethical Design secure societal acceptance of AI.
  • Quantum Futures: Preparing for the quantum age. Why Post-Quantum Cryptography (PQC) is critical for long-term data security today.

Toolkit

Methods, standards, open-source licences, and software evaluations for day-to-day IT operations.

  • Methods: Process frameworks for architecture, design, and day-to-day IT operations.
    • Agile Scaling and Descaling: Scaling agile teams without bureaucratic overhead. How Team Topologies and Conway's Law optimise the organisation.
    • Bounded Context: Drawing precise domain boundaries. How Bounded Contexts serve as the foundation for clean microservice architectures.
    • C4 Model and Docs-as-Code: Systematic visualisation of software architectures. How the C4 Model creates clarity across levels and containers.
    • Compliance as Code: Automated checking of regulatory requirements. How Compliance as Code replaces manual audits with continuous, machine-readable controls.
    • DDD (Domain-Driven Design): Mapping complex business logic in software. How Domain-Driven Design bridges the gap between specialist departments and code.
    • FinOps and Cloud Economics: Financial management of cloud usage. How FinOps creates transparency and secures the economic efficiency of infrastructure investments.
    • GitOps and Reconciliation: Infrastructure management via Git. How GitOps uses declarative configuration and automatic synchronisation to ensure consistency.
    • Golden Path: Standardised development paths for fast, reliable results. How Golden Paths improve developer experience without sacrificing autonomy.
    • InnerSource and Code Openness: Applying open-source principles within the organisation. How InnerSource breaks down knowledge silos and scales collaboration.
    • ITIL vs. SRE: Service management in transition. How classic ITIL processes are automated and made more flexible through Site Reliability Engineering (SRE).
    • Nearshoring and Vendor Integration: Managing IT service providers and nearshoring partners. How partner management secures quality through transparency and shared goals.
    • Blameless Post-Mortems: Learning from incidents without blame. How blameless post-mortems improve operational resilience and team trust.
    • Refactoring: Improving code without changing behaviour. How systematic refactoring keeps technical debt under control.
    • RFCs and ADRs: Asynchronous documentation of architecture decisions. How RFCs and ADRs democratise the decision-making process and make it traceable.
    • Strangler Fig Pattern: Replacing legacy systems incrementally. The Strangler Fig Pattern as a safe migration strategy for live production systems.
    • 20% Tech Debt Rule: Managing technical debt in day-to-day work. How the 20% rule and Dependency Bankruptcy preserve the team's ability to act.
  • Standards: Legal requirements, technical standards, and regulatory guardrails for IT systems.
    • EMBAG: Open source by default for Swiss federal authorities. What EMBAG means and what obligations it creates for public IT contracts.
    • EU AI Act and Explainable AI: The first comprehensive regulation of artificial intelligence. How the EU AI Act defines risk categories and enforces transparency requirements.
    • EU Whistleblower and Secure Cryptography: Protection of whistleblowers and requirements for internal reporting channels. Why secure cryptography is essential for whistleblowing systems.
    • Green IT and Software Carbon Intensity: Measurable sustainability in IT. How Software Carbon Intensity (SCI) and hardware lifecycle standards improve the ecological footprint.
    • ISO 27001 and Compliance-as-Code: The international standard for information security. How ISO 27001 serves as a framework for risk management and compliance.
    • MCP (Model Context Protocol): An open standard for connecting AI models to data sources and tools. How MCP ensures the interoperability of AI agents.
    • nFADP / DSG and Privacy by Design: The new Swiss data protection act (nFADP). How privacy by design and technical deletion concepts ensure compliance.
    • Open Source Definition (OSI) and SLSA: The definition of true open-source software. Why adherence to OSI criteria is critical for avoiding vendor lock-in.
    • Software Asset Management (SAM): Systematic management of software licences. How ISO 19770 and automated SAM processes optimise audits and costs.
    • SBOM (Software Bill of Materials): Transparency about software dependencies. How an SBOM makes supply chain risks visible and meets regulatory requirements.
    • US Cloud Act and Sovereign Cryptography: US legislation and its global implications. Why the US Cloud Act affects data sovereignty in European clouds.
  • Licences: Overview and analysis of open-source licence models for enterprise use.
    • AGPL: The strictest copyleft licence for web services. Why the AGPL requires source code disclosure even for pure network access.
    • Apache 2.0: The enterprise-grade open source licence. How Apache 2.0 provides commercial certainty through explicit patent rights and permissive terms.
    • BSD: Maximum freedom for developers. Why BSD licences (and variants) often form the foundation of core internet infrastructure.
    • BSL and Fair Source: Between open source and commerce. How BSL and Fair Source allow companies to share code whilst limiting competitive use.
    • GPLv3: The manifesto of free software. How GPLv3 enshrines the copyleft effect and what organisations must consider when using it.
    • MIT: The world's most straightforward licence. Why the MIT licence has become the standard for modern JavaScript and web libraries.
  • Software: Evaluations of programming languages, databases, and application software.
    • Banana Accounting: The trusted Swiss solution for accounting and finance. Why Banana is a standard choice for SMEs and associations.
    • C# and .NET: Microsoft's enterprise framework. How C# and .NET stand out in large organisations through performance and first-class tooling.
    • Chatwoot: The open-source alternative to Intercom and Zendesk. How Chatwoot enables sovereign customer support across all channels.
    • Claude Code: The command-line tool for AI-assisted development. How Claude Code automates the entire development workflow.
    • Cursor IDE: The next generation of software development. How Cursor as an AI-native IDE fundamentally improves the developer experience.
    • Drupal: The modular enterprise CMS. Why Drupal is the preferred choice for complex, data-heavy portals and public sector organisations.
    • Flutter: UI development for every platform. How Flutter reduces costs through a single codebase for iOS, Android, web, and desktop.
    • Go: The language of the cloud era. Why Go (Golang) became the standard for infrastructure through simplicity, speed, and efficient parallelism.
    • Grav CMS: The modern flat-file CMS for maximum performance. Why Grav CMS is the ideal foundation for knowledge bases and fast company websites.
    • Joomla: The all-round talent for web portals. Why Joomla is a strong choice for complex community sites and association portals.
    • LAMP Stack: The classic stack of the internet. Why the combination of Linux, Apache, MySQL, and PHP still underpins 80% of all websites.
    • Laravel: The modern PHP framework for professionals. How Laravel brings the elegance of Ruby on Rails to the PHP world and accelerates development.
    • Matomo: Web analytics with full data sovereignty. Why Matomo is the logical choice for privacy-compliant organisations (Google Analytics alternative).
    • Mautic: The only true open-source marketing automation platform. How Mautic automates sales through personalisation and campaign management.
    • Node.js: JavaScript everywhere. Why Node.js — through its event-driven architecture — is ideal for modern real-time web services and APIs.
    • Obsidian: The personal knowledge base. Why Obsidian — through its local flat-file principle and powerful linking — is the ideal tool for managing complex knowledge.
    • Open Code CLI: The interface between humans and AI systems. How the Open Code CLI standardises access to LLMs and automates workflows.
    • PHP: The language of the web. Why PHP today — through version 8+ and frameworks such as Laravel — is more modern and performant than its reputation suggests.
    • PostgreSQL: The world's most advanced open-source database. Why PostgreSQL is the gold standard for relational data and AI vectors.
    • Python: The lingua franca of data science and AI. Why Python is indispensable for innovation through its library diversity and simplicity.
    • Rocket.Chat: Sovereign real-time communication for teams. Why Rocket.Chat is the more secure alternative to Slack for confidential projects.
    • Rust: Performance without compromising safety. Why Rust is the language for business-critical system software and WebAssembly.
    • Symfony: The solid foundation for enterprise PHP. Why Symfony excels in large projects through stability and component architecture.
    • Tryton: The modular enterprise ERP. How Tryton maps complex business processes through flexibility and a clean technical core.
    • Vtiger CRM: Open-source CRM for the mid-market. Why Vtiger is a pragmatic choice for structuring sales and service processes.
    • WordPress: The operating system of the web. Why WordPress — despite criticism — remains the most flexible choice for content marketing and SME websites.
  • Services: Managed infrastructure, cloud platforms, and enterprise services at a glance.
    • Adobe Creative Cloud: The industry standard for design and creativity. How Adobe Creative Cloud is integrated and licensed within organisations.
    • AWS: The world's largest cloud provider. Why AWS remains the reference for cloud infrastructure through its vast range of services and global presence.
    • Azure: The cloud for the Microsoft ecosystem. How Azure excels in enterprise environments through its integration of Windows, M365, and Active Directory.
    • Backstage: The framework for internal developer portals. How Backstage improves developer experience (DevEx) by centralising services and documentation.
    • Bexio: The cloud software for Swiss SMEs. Why Bexio is the standard for accounting, invoicing, and payroll in small businesses.
    • Classic Frontend: Web development without framework overhead. Why Vanilla JS, CSS, and SSR are often the more stable and performant choice for long-lived websites.
    • Claude: The AI model for precise writing and coding. Why Claude from Anthropic is often the preferred choice for complex textual tasks.
    • Cloudflare: Security and performance at the network edge. How Cloudflare accelerates the internet through CDN, DDoS protection, and serverless computing.
    • ERPNext: The open-source ERP for all industries. How ERPNext digitalises organisations through modularity and a modern Python architecture.
    • Gemini: Google's answer to the AI revolution. How Gemini enables new productive workflows through deep integration with Workspace and Android.
    • GitLab: The complete DevOps platform. Why GitLab is the heart of modern software teams through its integrated CI/CD and security features.
    • Google Cloud: Cloud infrastructure with a focus on data and AI. Why Google Cloud is the best choice for high-performance data pipelines and machine learning.
    • Grafana and Prometheus: Prometheus and Grafana as an observability engine. Digital immune systems, metrics-based polling, and automated remediation.
    • Java and Spring Boot: The powerhouse for enterprise backends. Why Java with Spring Boot remains the first choice for business-critical, highly scalable systems.
    • Keycloak: Sovereign identity management for modern IT. How Keycloak enables single sign-on (SSO) and security without US dependency.
    • Kubernetes: The operating system of the cloud. Why Kubernetes (K8s) is the foundation for scalable, resilient, and automated infrastructure.
    • Magento: The heavyweight for demanding e-commerce. Why Magento (Adobe Commerce) remains the first choice for complex online shops.
    • Microsoft 365: The standard for digital collaboration. How Microsoft 365 structures productivity and governance in organisations.
    • Odoo: The modern all-in-one business tool. How Odoo digitalises the complete process from CRM to accounting through modular apps.
    • OpenAI: The pioneer of modern AI. How OpenAI democratised the integration of artificial intelligence in software through GPT models and APIs.
    • Pickware: E-commerce and ERP hand in hand. Why Pickware is the ideal solution for Swiss online retailers with physical warehouses.
    • Power BI: Data visualisation for decision-makers. How Power BI transforms complex datasets into interactive dashboards and valuable insights.
    • Sage: Software for Swiss accounting. Why Sage is a proven choice for financial accounting and HR administration in SMEs.
    • Salesforce: The world's leading CRM platform. How Salesforce consolidates sales, service, and marketing in a powerful cloud architecture.
    • SAP S/4HANA Cloud: The ERP cloud for large enterprises. How SAP S/4HANA Cloud drives the global transformation and standardisation of business processes.
    • SAP Commerce Cloud (Hybris): The enterprise e-commerce solution from SAP. Why SAP Commerce Cloud (Hybris) is the standard for complex B2B and omnichannel scenarios.
    • Shopify: E-commerce without maintenance overhead. Why Shopify is the preferred choice for rapid growth and D2C brands.
    • Shopware: The leading e-commerce platform from Germany. API-first architecture, Community Edition (MIT), and AI-powered Copilot features.
    • Squarespace: Beautiful websites for beginners. Why Squarespace is the reference for design-focused portfolios and small service providers.
    • Terraform and OpenTofu: Infrastructure as Code (IaC) for the cloud. Why Terraform and OpenTofu are the indispensable tools for reproducible environments.
    • TypeScript: Safe JavaScript for large applications. Why TypeScript reduces error rates and improves maintainability through static typing.
    • Vibe Kanban: Orchestrating AI coding agents. How Vibe Kanban unifies planning, execution, and code review in a single interface.
    • Webflow: Professional web design without code. How Webflow bridges the gap between graphic design and frontend engineering.
    • Wix: The website builder for quick results. Why Wix is a pragmatic choice for straightforward web presences.
  • Glossary: Definition of the core technical terms used across software architecture, cloud infrastructure, and IT management.
    • Glossary: Definition of the core technical terms used across software architecture, cloud infrastructure, and IT management.