Every day CSRA makes a difference in how the U.S. government serves the nation and its citizens. The company is a leading provider of next-generation IT solutions and professional services that help its customers modernize their legacy systems, protect their applications, infrastructure, and assets, and improve the effectiveness and efficiency of mission-critical functions for the nation’s soldiers and citizens. The organization provides a range of services, including cybersecurity, cloud computing, data analytics, enterprise IT, and mobile computing solutions.
In November 2015, the U.S. government business arm of Computer Sciences Corp. was spun off from its commercial business. At the same time, the separated government company merged with SRA International to create CSRA. This newly formed company had a major challenge on its hands: It had to build an entirely new IT platform to support more than 40 critical business applications. “We were becoming an entirely self-sufficient company with our own applications and systems,” says Matt Bergen, chief enterprise architect for CSRA. “That included all the applications we needed to function as a company, including HR, payroll, finance, and document management.”
Setting up an IT environment to support these applications was especially challenging because of the short timeline CSRA had to work with. “We were given a very aggressive timeline of just four months to get everything up and running,” Bergen says. “During that time we had to go from having nothing to having all of our applications replicated so we could support our 15,000 employees. We didn’t have time or money to build a platform ourselves.”
CSRA also had to meet regulatory compliance rules. “We had to migrate customer data as well as our own data, and customer data requires us to have additional protections in place,” Bergen says. For example, like many of the government customers it serves, CSRA must comply with Federal Risk and Authorization Management Program (FedRAMP) and International Traffic in Arms Regulations (ITAR) restrictions for protection of covered information.
Why Amazon Web Services
As CSRA searched for a way to meet its data migration challenges, it realized it would need to move to the cloud. “We knew we had to execute this project in a cloud environment because of the short timeframe we had,” says Bergen. CSRA had no doubt about using Amazon Web Services (AWS) as its cloud provider. “We already had small internal development environments on AWS, and we were partnering with AWS on new business opportunities,” says Bergen. “We had built a strong relationship with AWS, and we knew AWS had the technical capabilities needed to make the project successful.”
CSRA specifically chose AWS GovCloud (US), an isolated AWS region that can host sensitive data and regulated workloads. “The fact that AWS GovCloud (US) is a FedRAMP-compliant cloud service provider that can support ITAR workloads made our decision easier,” says Bergen. Once it made the choice to go with AWS, CSRA moved supporting technologies, including Active Directory and other foundational services, to the AWS GovCloud (US) region. It then began moving more than 40 business applications to AWS GovCloud (US), with technical design and configuration assistance from technology partner RACEMI. “RACEMI provided not only design, but also best practices, and helped us manage the new environment once it was set up,” says Bergen. AWS helped CSRA migrate 400 TB of customer and internal data to AWS GovCloud (US).
The new application platform runs on 250 Amazon Elastic Compute Cloud (Amazon EC2) instances, with data stored in Amazon Simple Storage Service (Amazon S3) buckets. CSRA and AWS worked together to clone applications hosted in the existing CSC environment and move them to the new AWS GovCloud (US) environment. CSRA and RACEMI then reconfigured the applications to run on the new isolated network. AWS Professional Services also provided support by putting best practices in place to help CSRA manage the environment. “Working with AWS, we accomplished all of this within the four-month deadline,” says Greg Minneman, Infrastructure Project Manager for CSRA. “The AWS team was an invaluable resource for us during the entire process. They provided not only design but also best practices, and helped us manage the new environment once it was all set up.”
CSRA is running a hybrid IT environment, with some customer data still hosted in on-premises data centers. “Our data has different sensitivity levels, and some of our customers have varying degrees of comfort with the cloud,” says Bergen. “A hybrid environment makes the most sense for us."
CSRA was able to quickly migrate its mission-critical, sensitive applications to AWS GovCloud (US). “We had no choice—we had to move all our applications to a new environment in four months, and we were able to do that using AWS GovCloud (US) and working with the AWS team. For instance, facilitating payroll would have been a challenge had we not migrated our payroll system to AWS on time,” says Bergen.
CSRA is taking advantage of the on-demand capabilities of the cloud. “We have the agility to spin up as many compute resources as we need, as quickly as we need to, by being in AWS GovCloud (US),” says Bergen. “That gives us the ability to add more applications as we continue to grow.” It also helps the company reduce operational costs. “Because we can spin up resources on demand and take them down when we don’t need them anymore, we only pay for what we consume,” Bergen says. “As a result, we are definitely saving money.”
AWS GovCloud (US) also gives CSRA the flexibility it requires to operate in a hybrid IT environment. “We’re running a hybrid architecture, and we still host some of our applications in our own data center, but we are moving more and more applications to the cloud,” says Minneman. “We’re finding that we have the flexibility to support both environments because of the tooling, APIs, and management features AWS has on top of its cloud. And, with the flexibility we get using AWS, we can adapt over time to our company’s changing needs.”
CSRA can also meet its customers’ strict data security requirements. “Part of our responsibility as a leading federal IT contractor is to protect and secure the data of our government customers,” says Bergen. “AWS GovCloud (US) helps us meet our customers’ important FedRAMP and ITAR requirements. And, as AWS GovCloud (US) expands the number of accreditations it has, we will be able to meet additional data protection demands going forward.”
CSRA is now turning its attention to optimizing its cloud environment. “Optimization is our next phase,” Bergen says. “We plan to evolve our cloud usage and expand the AWS services we use. During this process, we’re consolidating applications and trying to eliminate complexity. While a hybrid architecture will continue to be part of our strategy, we will be taking advantage of everything AWS GovCloud (US) provides in terms of speed, flexibility, and cost savings.”
“Part of our responsibility as a leading federal IT contractor is to protect and secure the data of our government customers. AWS GovCloud (US) helps us meet our customers’ important FedRAMP and ITAR requirements.”
Matt Bergen, Chief Enterprise Architect