This article was written by Clay Goldwein and John Nemoto of CGI Federal.
Yesterday, we outlined some of U.S. Customs and Border Protection’s (CBP) challenges to their upcoming IT modernization project; today we’d like to suggest some steps that will help ease CBP’s transition to a secure hybrid cloud services model.
While CBP has a requirement for secure cloud adoption—and implementing this strategy will help the agency reduce costs while gaining unprecedented agility and flexibility—any shift to a new IT architecture is difficult. The move to the cloud will certainly facilitate the continued adoption of a SecDevOps-focused operational model, however, this shift requires significant effort and planning. Furthermore, the migration may be extra challenging to CBP given the vast number of legacy processes and services it must reconcile/reposition across multiple cloud environments, not to mention the logistics of trying to serve officers at 328 ports of entry and agents who safeguard 7,000 miles of land border, 95,000 miles of shoreline and patrol associated air and maritime spaces.
Obstacles to cloud adoption may arise in various forms. On the frontlines, agents and officers may need new or standardized applications to better perform their missions, while new back-office functions may require the introduction of multiple tools, processes and service providers. While no single tool, solution or service can address all of CBP’s challenges, a holistic approach to transformation that incorporates three primary phases can help grease the skids for the agency’s transition:
1.) Assess: A successful switch to a cloud environment starts with CBP leaders defining the governance framework, identifying the stakeholders and building consensus around its goals and objectives. This information establishes a baseline for the current and future states of its security, financial, technical and operational models. It will also drive adoption by CBP’s 60,000-person staff and maximize service capability while ensuring the security and compliance of workloads and data.
2.) Transform: CBP’s future state governance model, modernization strategy and schedule should drive individual migration projects. Enterprise security, compliance and operational models must be instituted to manage new hybrid cloud technical and business processes. Transformation of traditional development, security and operational processes to a streamlined SecDevOps model that leverages cloud-native features like Infrastructure as Code to drive automation, reduce operational costs, and increase speed to delivery of new and innovative features.
3.) Manage: A secure, centralized hybrid IT management platform can deliver the needed governance and transparency for CBP’scloudenvironment as well as lead to continuous optimization and improvement. It also helps achieve operational efficiencies through the automated requisitioning, provisioning and billing/chargeback of cloud workloads and data.
Addressing CBP’s hybrid cloud challenges with this comprehensive enterprise/hybrid cloud strategy and operational framework can not only drive the success of the agency’s hybrid cloud migration but also provide additional opportunities for modernization and transformation including successful implementation of SecDevOps processes.
(Clay Goldwein is a vice president at CGI Federal and serves as the company’s DHS sector lead, and John Nemoto, also a vice president, leads the product management and business engineering practices for CGI Federal’s cloud and cybersecurity offerings and services)