Stackarmour

GSA – Cloud.gov Architecture and Compliance Services

Summary

stackArmor provided program management, technical support services and security compliance services in support of GSA 18F’s Cloud.gov platform (PaaS) on the AWS GovCloud. Services and personnel provided included full-stack developers and DevOps engineers with expertise in Cloud Foundry, BOSCH and Docker technologies. stackArmor provided a proven cloud governance framework called “ServiceOps”. The ServiceOps framework developed by stackArmor for delivering FedRAMP compliant Platform-As-A-Service (PaaS).

Solution

stackArmor deployed CloudFoundry and AWS certified architects and engineers to develop a service operations and management capability that included 4 key service dimensions.

System Operations: This work stream covers the full-stack operations on the platform and includes proactive monitoring and management from the operating system and up. The Systems Operations function also includes the proactive operations, Cloud Foundry release updates, Stemcell updates, Buildpack updates, 24/7 support is provided to resolve urgent incidents and ensure a service level as defined in the Service Level Agreement (SLA).

Security Operations: The Security Operations activity stream covers the tactical security hygiene and operational actions including patching, vulnerability scanning, system hardening using DISA STIG’s and FedRAMP/FISMA SA&A compliance.

Financial Operations: It is critical to ensure the optimal financial performance of the platform by leveraging reserved instances, turning off unused instances, right-sizing instances, deleting unused snapshots/storage on EBS and S3.

End-User Experience: Given the high profile and visibility associated with the Cloud.gov program, it is essential that workload users on the platform have a superior end user experience.

stackArmor provided Technical Program Management, DevOps Engineering and Cybersecurity support services for the Cloud.gov initiative. A key contribution of the stackArmor team was the development of IA and Compliance Automation for the Cloud.gov system through the use of forward looking tools like Compliance Masonry and Open Controls based innovative open source services. stackArmor was able to help reduce the time taken for system compliance activities by an average of 20%.