When it comes to IT modernization, federal agencies commonly face three central challenges: integrating a myriad of systems, rationalizing applications and winning over each system owner to support agencywide infrastructure changes. Those challenges often come to a head when trying to cultivate an agile and secure DevSecOps process.
One agency that has demonstrated surprising success in overcoming those challenges — in the face of daunting deadlines — is the U.S. Census Bureau.
Jason Keplinger, chief technology officer for T-Rex Solutions, which played a lead role in the Census Bureau’s modernization effort, describes this remarkable story in a new podcast.
This was this the first time the Census Bureau attempted to collect responses via the internet. That endeavor added to the size and complexity of the internal IT modernization project, as well to the number of developers, security and operations stakeholders and vendors brought on board for this initiative.
The DevSecOps project included over 200 field sites, 400,000 enumerators with handheld devices and the orchestration of over 52 systems and 18 operations, Keplinger explains.
He shares more from behind the scenes of the U.S. 2020 Census which helped make the project a success in this podcast, produced by FedScoop and underwritten by T-Rex Solutions:
Developing a robust DevSecOps approach
Keplinger describes the wide-reaching nature of the technical integration contract, which started with development, system engineering and back-end processes, and flowed through integration, performance testing, up to deployment of operations as well as building and securing infrastructure.
“[It was a] fairly large, broad contract. We had to hire over 300 people in less than six months to make sure that we can meet the objectives of the Census Bureau,” Keplinger says.
Keplinger shares how T-Rex took a collaborative approach to build trust among stakeholders, embedding employees in various teams, to keep the project moving forward quickly.
“This included being in their daily scrums, working sessions, and sometimes even sitting with those teams and working with them hands on,” he says. “We also took a targeted automation approach, where we really looked at the return on investment and high value targets for getting that automation and that DevSecOps platform in place first. By embedding those automation engineers, we’re able to kick start automation a lot faster and get that knowledge transfer those system teams working a lot faster.
“For example, on the platform deployments, we are going to go from almost eight days on average before to under two hours for deployment,” Keplinger says.
Best practices learned during this project
Among several key lessons, Keplinger describes pulling together the master data repository and the interface to pull documents.
“By automating that process and being able to match your interface documents to your master data repository, and also being able to match those interfaces together in an automated fashion using common terminology throughout your data, [the Census Bureau] is able to ensure they’re not losing data as it transverses the system, and avoiding those issues before you even get to test,” Keplinger explains.
Ingredients for success to cultivate a functioning and agile DevSecOps integration
“Our model emphasizes maximizing automation and development, but also it tests execution and vulnerability management,” says Keplinger. “You can’t forget the ‘Sec’ side of the DevSecOps approach, especially in the vulnerability management side where, as soon as you spin up new instances, you can scan those instances and make sure that they meet your security baseline.”
Jason Keplinger has over 20 years of IT experience in systems architecture, software and integration. For the last three years he led the system migration and DevSecOps implementation for the U.S. Census Bureau at T-Rex Solutions.
Listen to the podcast for the full conversation on U.S. Census Bureau’s system integration success story. You can hear more coverage of “IT Modernization in Government” on our FedScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.
This podcast was produced by FedScoop and underwritten by T-Rex Solutions.