A defense customer currently runs a public system for the reporting of boating accidents. This system supports regular reporting of data submitted by each of the 56 states’ and territories’ reporting authorities as required by United States Code 6102. It is a web-based application that utilized legacy software code and ran on legacy infrastructure. The legacy system did not meet the security requirements imposed by the several government agencies for an authority to operate and introduced several security risks to the organization.
Perspecta’s cloud is a FedRAMP-authorized infrastructure as a Service (IaaS) solution that also meets Department of Defense (DOD) Provisional Authority to Operate Security Requirements Guideline Level 5 controls. This IaaS environment is open-source engineered for intelligent and scalable cloud infrastructure deployments.
Perspecta migrated the legacy application to the security-compliant IaaS environment following a three-phased migration approach:
- Application discovery: Perspecta reviewed the architecture, infrastructure, capacity, connectivity and dependency artifacts of the current enterprise
- Planning and scheduling: Perspecta finalized the characterization of business systems to be migrated, identified all dependencies and resources required to operate, and reviewed plans with the customer to determine goals and limits to maximize the value and success of the migration
- Migrate to the cloud: Perspecta made application changes to accommodate the modern infrastructure and validated operational readiness and response integration to ensure that the target environment was ready before migrating the application and data to the new environment
Perspecta’s proprietary cloud management tool, Zeus, was used to provide total asset visibility into the customer’s cloud infrastructure. The new system is hosted in Perspecta’s FedRAMP-authorized architecture with virtual machines of equal or greater compute power and storage capacity/performance than the infrastructure previously in place, and at a fraction of the cost. Perspecta maintains the ability to scale the environment and to provision additional compute resources through Zeus in real time. All software meets DOD security guidelines. The virtualized operating system instances are hosted on the IaaS platform and are managed by Perspecta’s FedRAMP team. In addition to the physical application hosting, the FedRAMP team provides system administration inclusive of operating system and security patch management, configuration and change management, performance reporting and any maintenance required to ensure the virtual machine servers are up to date and in compliance with security documentation. The application and associated source code are maintained by the program team whose responsibilities include: program management, application development, help desk support, end-user administration, and security authorization support and training.