When we started the project, the DOT had dozens of existing AWS accounts created by business units and managed by various outside vendors. These accounts were not following standard guidelines for security, identity management, logging, and networking; one account had even been recently breached. When we ended, the organization had standard and supportable processes, increased speed and visibility, higher security and control, and higher end-user capabilities – all at a lower cost.
U.S. Department of Transportation
The Department of Transportation (DOT) desired to move to the cloud, with many individual business units having already done so with widely varying results. Standardization and efficiency were virtually nonexistent, leading to challenges taking solutions through to completion such as security, networking, billing, and cost management.
In addition, the DOT needed to provide a safe home for the diffusion of accounts already in place without having at that time skilled resources on staff. The business goal of the project was to provide a centrally managed, multi-account AWS environment that consistently follows AWS best practices and adheres to DOT policies.
Enquizit worked with the DOT to create a centrally managed solution which provided management of all core services, including standardized account creation, networking, billing and overall management and operations. In addition, application enablement services such as code pipelines and DevSecOps processes were created to create and manage applications and infrastructure as code while allowing simple updates whenever desired. We also integrated into the DOT’s Identity Management and billing solutions to remove some of the common roadblocks for implementations and limited services to those which were allowed for the department’s use based on their security standards – in this case, FedRAMP Moderate. We also applied security and application standards to a DOT-specific server image, which allowed automated builds and auto-scaling of systems to be done automatically while maintaining standards. With the standard solution in place, Enquizit created on-boarding processes, and worked with the various business areas on moving their workloads to the new environment, ensuring security was applied or exceptions granted where appropriate.
After implementation, Enquizit was retained to support and operate the DOT’s cloud operations, while simultaneously training and enabling other DOT staff as they gained skills and experience.