BUSINESS NEED
Our client conducts hundreds of audits each month to ensure the soundness of the country’s financial system, and ultimately the safety of our economy. The agency needed a solution to support the secure transfer of Personally Identifiable Information (PII) and other sensitive financial data between its auditors and other stakeholder organizations during their examinations. Our client was using an outdated legacy system that could not meet the rising demands and requirements of the auditing process.
OUR SOLUTION
Our client asked Pyramid Systems to help facilitate the secure transfer of PII information in the cloud based on our reputation for delivering other successful cloud solutions at the agency. After Pyramid’s discovery phase, our agile/DevSecOps team got to work and developed a working prototype, including integration with the agency’s identity management system, in just 8 days using Cloud.gov, AWS S3, Angular, and NodeJS. After proving out the system architecture and feasibility, Pyramid completed all requirements associated with the Minimum Viable Product (MVP), including User Acceptance Testing (UAT) and security testing, in only 10 weeks. Thus, in less than 3 months the agency had a working solution in Production that was being used for real-world examinations. The combined technologies created a modern platform that is scalable and that took our client’s security to the next level with data encryption using self-managed keys. The Large File Transfer in the Cloud (LFT) solution that we developed provided a massive improvement to the user experience, resolved pain points identified by user communities, and provided new capabilities to the agency. The enhancements included:
- A simple, modern, and intuitive user interface using Angular, with support for all modern browsers (Chrome, Firefox, Edge) and legacy browsers (Internet Explorer 11).
- A significant increase in supported individual file sizes (from 200MB to over 50GB) and total file storage (from ~150GB to unlimited with AWS).
- An ability to upload multiple files and folders at once using drag-and-drop. The previous system required users to upload individual files manually.
- A substantial increase in the reliability of file transfers, with clear progress indicators.
- A significant improvement in file transfer performance and speed.
- A new feature that enabled users to resume file transfers that were interrupted for any reason (e.g., loss of network connectivity). The previous system would often time out or experience other errors, requiring users to start over from scratch. Another new feature enabled file transfers to continue even when users navigated to other sections of the platform.
- An enhanced layer of security to ensure the safekeeping of PII data involved in the audits.
Our DevSecOps team deploys iterative agile releases every 6–7 weeks, continuously delivering business value to the client through new features. Deployments to Production are completed in less than 10 minutes using the team’s automated deployment pipelines.
RESULTS
Pyramid’s 8-day working prototype was identified by the the client as one of its top “2018 Innovations in Action.” LFT saved the client millions of dollars a year that otherwise would have been spent on recurring license costs for a COTS tool that would not have met the agency’s needs. During the project, Pyramid coded an innovative AuthProxy to allow communication between Cloud.gov and the agency’s identity management system, allowing the client to control access and authorization in-house. Because LFT was so successful for our client, the agency is proposing to expand the capability among other intersecting agencies to save money, increase information sharing, and further standardize the auditing process within the larger federal community.