DHS/USCIS/EID: Support Platform Engineering and DevOps Integration (SPEDI)
Case Study
The primary application USCIS used to perform its core mission, the Electronic Immigration System (ELIS), moved to the AWS Cloud in 2014. To optimize performance for end-users and application security, USCIS engaged OPTIMOZ and its partner, Mantech as a part of the SPEDI contract, to continue the modernization process of other USCIS applications. USCIS needed continuing enhancement in several areas: (1) migration to AWS cloud, (2) implementation of agile DevOps processes, (3) security compliance, (4) improved deployment processes, and (5) the implementation of powerful Cloud Management tools.
USCIS administers the country’s naturalization and immigration systems.
Our Work
We supported the refactoring and AWS cloud migration of the multiple core applications of USCIS that manage the daily work of USCIS. Our work fell into four areas:
- Long-term IT Security compliance through DevSecOps. Working with USCIS OIT Enterprise Infrastructure Division (EID), we provide enterprise infrastructure support and security services that ensure enterprise information security in accordance with NIST and DHS guidance, as well as USCIS policies and procedures. We also ensure compliance with the Federal Information Security Management Act of 2002 (FISMA) and other federal regulatory mandates to protect USCIS’ information technology (IT) infrastructure/resources, information systems, and the information used in these environments.
- Transformation of the USCIS application development methodology from Waterfall to Agile. We provide the essential support for migrating the USCIS application development methodology from a waterfall process to an agile environment and from a silo-based development-deploy-support structure to an Agile Methodology with a DevSecOps framework, including cloud integration engineering services and the automation of environment builds and patching.
- Modernize the software deployment process. We provide Change, Configuration and Release Management services in three areas:
Governance over the processing of all changes to be deployed to or implemented within USCIS operating environment.
Release management governance over deployment activities occurring within USCIS
Management of USCIS enterprise wide configuration management.
- Introduce leading edge tools and Cloud management processes. We provided Subject Matter Expertise in: AWS cloud services such as EC2, RDS, ELB, ECS, Route 53, S3, IAM, SQS, SNS and CloudWatch, Configuration Management utilizing tools like Chef and Ansible, DevOps – Continuous Integration / Continuous Delivery, RedHat OpenShift, Google apigee, MongoDB, Infrastructure automation, Linux/Unix administration, and Data Center Automation. We heavily leveraged on AWS auto scaling, cloud formation and lambda functions to practice Infrastructure as Code (IaC), immutable infrastructure and security.
Benefits to USCIS:
- High performance and reliability – The ability to execute and support zero-day deployment with no user downtime
- Modern software development and operations processes – specifically tailored to operate in the Cloud
- Lower operating costs – through better management of computing resources
- Real-time application monitoring – via Cloud-based application performance management tools
- Infinite scalability – through automation and the use of modern Cloud platforms
- Improved technical skills of the internal team – including knowledge of the latest development tools and DevSecOps processes
- Enhanced security – by embedding modern security practices into every step of the development to deployment process