Big Bang or waterfall development has long been the standard approach to legacy modernization projects. However, government agencies are increasingly turning away from this approach, finding an incremental, agile approach to suit their missions and goals better. For instance, agencies such as Veterans Affairs stating they are moving away from Big Bang projects.

Issues with the Big Bang

In the Big Bang approach, agencies spent years gathering requirements and awarded projects to a single contractor. The contract was then delivered based on these requirements, leaving little room to adapt to changing requirements and needs. Further, since this frequently tied agencies to a single, large systems integrator, there was little opportunity to introduce small and emerging contractors with specialized expertise. The result was delayed, over budget, and underperforming modernizations. 

Taking an Incremental Approach

Agencies are shifting from Big Bang modernization to agile, incremental, or bit-by-bit approaches. In this approach, they identify a minimal viable product (MVP), ensuring the solution first meets the minimum needs of its users. Then, its agile development teams add enhancements to the solution incrementally. This allows agencies to scale up and down, add new programs and features, and adapt to change requirements.

Modernization to Meet the Mission

The result is modernization that meets the agency’s mission. There are additional strategies teams can employ to ensure mission-oriented development. When experts modernize alongside domain experts, that collaboration supports an MVP that will meet the needs of its users. At Karsun, we use processes like event storming, human-centered design, and others to ensure we receive this feedback throughout our engagement. Moreover, working with a partner experienced in combining public sector experience with modern methodologies and tools enhances this synergy further. 

The Karsun Approach

At Karsun, we take this approach to our modernization projects from the beginning. Critically, we also look beyond to understand the application’s purpose and its users’ needs after our departure from the project. This product mindset, which we call Modernization for Every Next, is an incremental approach that allows us to focus on meeting agency missions, introduce emerging solutions at the appropriate time, build secure architecture meant to last, and accelerate transformation with fit-to-purpose toolkits. Learn more about our modernization successes in the Acquisitions, Aviation, Fleet, and Grants industries.

Every day over 21,000 people use U.S. government websites. Given this, incorporating the needs of millions of users while modernizing on a large scale can be daunting. Karsun Solutions President Terry Miller joins John Gilroy and the Federal Tech Podcast to share how a product mindset combined with Karsun’s Digital Transformation toolkits enable agencies to meet their mission while meeting the expectations of its users.

The Product Mindset

In the interview, Miller describes how legacy application modernization can get bogged down by a focus on adding functionality over a focus on the product as a whole. He notes by taking a product mindset, technology teams instead consider the purpose of the product and what it is supposed to do for its users. This goes beyond adding features or modernizing to meet new requirements. Instead, product mindset oriented modernization considers the long-term vision for the product. It involves stakeholders from the beginning to ensure their vision is part of the collective vision. This includes adopting feedback loops, like those used in human centered design, to ensure consistent input from the beginning.

Toolkits Accelerate Transformation

Miller explained the second part of Karsun’s approach to design at scale is its Digital Transformation Toolkits. These resources and playbooks accelerate transformation as Karsun begins its modernization process. For example, the Digital Transformation Design Toolkit uses a system of 40 different components enabling our developers to quickly create U.S. Web Design System (USWDS) standards compliant interfaces. This allows rapid interaction from prototype to production while engaging the frequent feedback cycle needed for product mindset development. Miller mentions Karsun’s new Design for Every Next whitepaper dives deeper into this relationship. Produced by the Karsun Innovation Center, the paper examines user experience throughout the modernization process.
The podcast is out now. Tune in to the Federal Tech Podcast on Apple Podcasts, Spotify, or at https://www.theoakmontgroupllc.com/ep-73-how-to-build-federal-systems-for-scale-and-resilience/.

Over 21,000 people visit U.S. government websites each day. The annual paperwork burden for executive departments and agencies exceeds 9 billion hours. Adopting next-generation user experience practices can address these challenges. By considering the needs of all stakeholders, designing for scale can improve the user experience, reducing paperwork and empowering agencies to meet their mission no matter the changing digital landscape. 

In 2021, the Executive Order on Transforming Federal Customer Experience and Service Delivery to Rebuild Trust in Government called on agencies to improve government performance while using proven best practices such as human centered design and service delivery models. We must embed the user experience in the process to meet these requirements as early as possible. It compels us to take a long view. We should take a product oriented mindset that asks not how we can introduce a particular feature or functionality but how the product itself will be used past the completion of a modernization project. 

We have applied this approach to modernization projects for our customers in the acquisitions, aviation, and grants management industries. Aligning to industry standards, some of our applications see more than 1 million registered users. Using repeatable processes, we enable User Experience/User Interface (UI/UX) on a massive scale as we modernize complex systems for our agency customers. We collect our best practices, resources, and components into toolkits used by our teams. Now we have assembled our insights into a white paper from our Karsun Innovation Center.  

Our new Design for Every Next white paper takes you step by step through this process. From building your data capabilities to effectively analyzing stakeholder needs to creating effective feedback loops. We also share best practices and strategies for leveraging emerging technologies to implement new enhancements quickly. We also share our component-based approach to rapidly iterating and prototyping interfaces. Part of our Digital Transformation Toolkits, our Design Toolkit ensures teams have the resources and expertise to accelerate transformation with a comprehensive view of stakeholder needs and wants.  Download the white paper at https://karsun-llc.com/resource/design-for-every-next-2/.

HERNDON, VA – Karsun Solutions announced today that it achieved Amazon Web Services (AWS) DevOps Competency status. This is the third AWS Competency designation for the IT modernization firm serving federal civilian agencies. In addition to the AWS Government Competency and AWS Migration Competency it already achieved, Karsun is also a Public Sector Partner (PSP) and participates in AWS Partner Network (APN) Immersion Days.

The AWS DevOps Competency designation recognizes companies helping customers implement continuous integration and continuous delivery (CI/CD) practices or helping them automate infrastructure provisioning and management with configuration management tools on AWS. Achieving the AWS DevOps Competency differentiates Karsun as an AWS Partner that provides specialized demonstrated technical proficiency and proven customer success with a specific focus on CI/CD, Monitoring, Logging and Performance, Infrastructure as Code, and Consulting. To receive the designation, AWS Partners must possess deep AWS expertise and deliver solutions seamlessly on AWS.

“The AWS DevOps Competency validates our commitment to implementing technology the right way to meet our customer’s mission,” said Terry Miller, President of Karsun Solutions.

AWS enables scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify AWS Partners with deep industry experience and expertise. 

“Every solution from Karsun uses industry best practices applied to the latest advancements in technology,” said Badri Sriraman, Senior Vice President, Karsun Innovation Center. “We’re proud to be among the AWS Public Sector Partners that have achieved the AWS DevOps Competency.”

Karsun migrates, builds and optimizes in the cloud. Its expert DevOps teams introduce industry best practices using repeatable frameworks and playbooks which enable digital transformation at an accelerated pace. Its cloud architecture, platform and legacy application modernization solutions address agency needs today while preparing customers’ systems for the future.

An Advanced Consulting Partner, Karsun software development, cloud and data solutions teams all deliver on AWS. As an APN member with AWS Migration Competency status, its customers may utilize Karsun’s access to AWS Migration Acceleration Program (MAP) resources.  When applicable, Karsun implements these financial incentives as part of AWS MAP. Its government customers may also leverage Karsun’s extensive experience modernizing large, complex systems with Cloud Runways, a portfolio of purpose-built toolkits optimizing migration to the cloud.

Learn more about Karsun’s AWS DevOps Practice at https://karsun-llc.com/solutions/cloud-solutions/aws-devsecops/.

About Karsun Solutions

Karsun Solutions modernizes enterprise systems enabling agencies to make the next technological advancement their next opportunity to elevate mission capability. IT solutions from Karsun are tailored to meet agencies’ unique needs and optimize operations. These solutions adapt and stay relevant with current trends while using secure, digital architecture built to last. It is a proven modernization partner whose expertise elevates agency capabilities and ensures every next opportunity is within reach.

Company Contact: marketing@karsun-llc.com

Leveraging improved efficiency and reduced costs while ensuring availability, cloud native development is a must for complex enterprise modernization projects. Modern cloud native architectures involve applications developed and deployed through cloud service providers such as AWS. These use services like AWS VPC, EC2, S3, Kinesis, DynamoDB, RDS, and others.

While utilizing cloud native architecture can provide impressive operational improvements, maintaining security and compliance standards using manual processes can quickly limit those outcomes. This is a common concern for our agency customers. Applications deployed in federal agencies obtain Authorization to Operate, an ATO. 

Getting an ATO involves categorizing the information system, then selecting, implementing, and assessing the controls. Risks are identified based on this assessment, and final authorization is provided to operate the system. In most cases, this process relies on manual tasks, like copying security control documentation into a  Governance, Risk, and Compliance (GRC) document, then manually updating this documentation on a regular basis. Continuous deployment of new workloads and features in an agile environment being a necessity, manual processes and massive documentation effort adds significant delays to the authorization process.

AWS DevOps and OSCAL Compliance for cATO and Zero Trust

One solution is the Open Security Controls Assessment Language (OSCAL). OSCAL is a set of formats expressed in XML, JSON, and YAML developed by NIST. These formats provide machine-readable representations of control catalogs, control baselines, system security plans, and assessment plans and results. Govready-q is an open source GRC platform for highly automated, user-friendly, self-service compliance assessments and documentation which supports OSCAL. AWS is the first cloud service provider to provide OSCAL formatted system security plan (SSP). Integrating a GRC tool like Goveread-q part of the DevSecOps toolchain and using OSCAL for documenting all the controls automates most aspects of the ATO process enables us to do continuous ATO (cATO) and alleviates the documentation burden and most manual processes associated with it.

Enabling DevOps with Karsun Solutions 

At Karsun, we promote the adoption of OSCAL for the documentation of security controls and use automated GRC tools like GovReady-q. When applications deploy on AWS, we can leverage OSCAL documentation created by AWS. This enables faster, more accurate authorization packages, decreases customers’ security documentation burden and reduces service authorization timelines.

Working with an experienced cloud solutions partner such as Karsun ensures you do not need to trade security for efficiency. In particular, we are an AWS Advanced Consulting Partner with both a Government Services Competency and a Migration Services Competency. Partner with our experts, modernize with cloud native architecture, and optimize both operations and security.

About the Author

Judewin Gabriel is a Subject Matter Expert and the DevSecOps Practice Lead at Karsun Solutions. An advocate for DevSecOps best practices, he drives Driving CI/CD, security engineering, SRE, pipelines, and observability excellence.

Whether using as a Platform-as-a-Service, such as Docker, or orchestration through a tool like Kubernetes, the race is on for containerized solutions. In October 2021, the General Services Administration released its Containerization Readiness Guide. Containerized software solutions allow agencies to develop applications rapidly, scale quickly and optimize compute resources. The need is especially pressing for legacy applications which must also remain secure as they modernize. 

Creating Dockerfiles for Containerization

When we think of containerization, the first step is to create a Dockerfile for each application. While the Dockerfile provides flexibility to build an image that is only limited by your ability to script, it also adds overhead on developers to ensure the accuracy, efficiency and security of these images. For example, the developers must ensure that the Dockerfiles are as small as possible by removing any redundant dependencies that can increase the image size, which increases the build time. They must also confirm the files don’t contain any secrets or config keys. Additionally, they should verify that the base image comes from a secure source while actively scanning the images for new security vulnerabilities. If the image contains vulnerabilities that can spread to all containers that use the vulnerable image. Without proper planning and oversight, things can quickly get messy.

Benefits of using Buildpacks over Dockerfiles

Buildpacks allow you to convert application code into a secure, efficient and production ready container image without the need to create a Dockerfile for each application. It examines applications written in Java, .NET, Python and many other languages to determine all the dependencies it needs and then configures them appropriately to run on any cloud. Buildpacks also offer the capability to swap out OS layers without rebuilding an image. This reduces build time by eliminating the need to recreate all the layers when the base image is updated.

Using Tekton for creating CI Pipelines 

Tekton is a cloud-native solution for building CI/CD pipelines. Unlike Jenkins, Tekton was designed to work natively on Kubernetes and incorporates AWS EKS best practices by default. It installs and runs as an extension on a Kubernetes cluster and provides a set of open source Kubernetes resources to build and run CI/CD pipelines, such as parameterized tasks and pipelines. Just like Jenkins uses plugins to extend its capabilities, Tekton has Tekton Hub – a catalog of predefined tasks, you can create custom tasks and scripts to extend the capabilities of these tasks if you can’t find a task that precisely matches your requirements. Tekton’s modularity allows for componentization, standardization and reusability within the CI/CD workflow. Buildpacks project provides tasks that Tekton can leverage to build and deploy applications.

Additionally, Tekton also provides support for Windows containers and an ability to run Linux-only, Windows-only as well as hybrid workflows. Installing Tekton on an EKS cluster means EKS automatically manages the availability and scalability of the Kubernetes control plane nodes responsible for scheduling containers, managing application availability, storing cluster data, and other key tasks. In addition, it allowed us to take advantage of all the performance, scale, reliability, and availability of AWS infrastructure, as well as integrations with AWS networking and security services, such as application load balancers (ALBs) for load distribution, AWS Identity and Access Management (IAM) integration with role-based access control (RBAC), and AWS Virtual Private Cloud (VPC) support for pod networking.

Conclusion

In summary, integrating Tekton with Buildpacks allowed us to containerize applications easily and securely and create an end-to-end CI/CD pipeline with reusable components. Using Tekton and buildpacks we were able to containerize more than 20 .NET applications and move them to the cloud in less than six months. This initiative will reduce the technical debt by reducing application maintenance costs by 50% and increasing technical compliance score by 35% in the next two years. 

About the Author

Prerak Patel is DevOps Engineer from the Karsun Solutions DevSecOps Practice. This practice is responsible for driving CI/CD, security engineering, SRE, pipelines and observability excellence at Karsun.

Herndon, VA, USA (12 April 2022)— Karsun Solutions announced today that it was once again appraised at CMMI Level 5 for Development. Karsun is one of the first 25 companies in the U.S. to receive this distinction under the updated V2.0 (CMMI-DEV) appraisal model. to hold this distinction for quality and procedures in development.  The appraisal was performed by Maverick Quality Advisory Services (MQAS).

CMMI is a proven, outcome-based performance model and the globally accepted standard for improving capability, optimizing business performance and aligning operations to business goals.

An appraisal at Maturity Level 5 indicates that the organization is performing at an “optimizing” level. At this level, an organization continually improves its processes based on a quantitative understanding of its business objectives and performance needs. The organization uses a quantitative approach to understand the variation inherent in the process and the causes of process outcomes.

GoLean® forms the foundation of the quantitative methodology used by the Karsun Solutions modern software development practice. It combines data-driven insights with modern software development and DevSecOps principles in a proprietary platform. Developed by its in-house Innovation Center, the platform is designed for software development, delivery and orchestration. The CI/CD pipelines can be configured and integrated with existing tools and on multiple cloud platforms. It also allows for each implementation to be optimized based on customer needs and constraints.

“This is a proud moment for Karsun to be one of the select companies rated at Level 5 in the federal marketplace,” said Badri Sriraman, Senior Vice President, Karsun Innovation Center. “We are proud of our teams as they raise the bar for delivery excellence once again.”

“Organizations worldwide are harnessing CMMI to elevate their business performance to new heights, creating a sustainable competitive advantage in the process,” says Ron Lear, Senior Director, CMMI Program. “We commend Karsun Solutions on achieving this CMMI appraisal level and demonstrating their ability as a high-performing organization.”

For more information about CMMI performance solutions, visit www.isaca.org/enterprise/cmmi-performance-solutions.

About Karsun Solutions

Karsun Solutions is a fast-growing, innovative enterprise modernization firm. Recently awarded Best Company Culture by Comparably.com, its teams deliver modern software development, cloud, and data solutions to customers at government agencies including the Department of Homeland Security, Federal Aviation Administration and General Services Administration. Leveraging GoLean, Karsun teams drive digital transformation and help its government customers Do Extraordinary. Learn more at Karsun-LLC.com.

Media Contact: marketing@karsun-llc.com

Promote Transparency is one of the three Ethical Governance Principles in the Federal Data Strategy. This 10-year vision statement drives agencies across the government to build better tools to bring valuable insights to decision makers and citizens. Nowhere is this clearer than in government dashboards and data visualizations which must clearly communicate complex information in a meaningful manner for their users.

Modernizing Legacy Dashboards

Leveraging its business intelligence and visualization expertise, Karsun recently engaged in such a dashboard modernization project with one of its government customers. This customer was charged with delivering a dashboard that provides insights to both internal stakeholders and key decision-makers outside the organization. The goal was to allow users to access the dashboard for data-driven decision-making while enhancing transparency and adhering to the Conscious Design principles outlined in the Federal Data Strategy.

An on-premise legacy application added complexity to the modernization project. Moreover, the previous dashboard was built by different vendors with a mix of features and functionality. As a result, Karsun’s customer needed to provide a new, user-friendly dashboard. It also strove to limit human error with the data submission and ingestion process while seeing a decrease in operations and maintenance costs. Using a modularized approach, the customer wanted one, coherent dashboard. The customer envisioned a streamlined data submission process while reducing the time required for making new data sets available and improving speed-to-insight.

Combining Design and Data Expertise

The Karsun Data Practice uses DataOps to bring together data platform and engineering with business intelligence and visualization expertise. In doing so, it worked with its customer to deliver a solution that not only used DataOps principles but also incorporated best practices for usability, accessibility, and visualization within the dashboard.

Working with the on-premise application and within the requirements set by another project partner, Karsun built the data objects. Backend microservices utilizing RESTful API fetched data from an API service call and prepared the visualization using the Python Plotly visualization library. Those visualizations are then delivered as a JSON object.

An additional component to dashboard modernization is user experience. The President’s Executive Order on Customer Experience compels the government to design and deliver services “with a focus on the actual experience of the people whom it is meant to serve.” As practitioners, this order draws the spotlight to a range of design methodologies intended to enhance accessibility, transparency, and equity for all users.

This project used human centered design (HCD), putting user needs, desires, and abilities at the center of the process. This also uses iterative feedback from each step to inform the analysis. Seeking clarity at each step, it transitions the dashboard away from a mixed experience that’s difficult for users to navigate and hard for the customer to maintain.

It uses a three step process. The first step is Demand Side Analysis. This engages users at the earliest opportunity through interviews and surveys. The team also conducts a Prior Usage Analysis. Next, they design a User Centered Service Delivery Model. This incorporates Design Thinking, Service Design, and Detailed Design. Finally, they again Engage Product Users by introducing Mock-Ups, Prototypes, and Wireframes. After iterating through these three steps, the team identified and built an application layer on a PHP/Drupal framework allowing for easy content manipulation without requiring technical knowledge.

User Friendly, Data Driven Insights at Lower Cost

This modernization project sunsetted legacy infrastructure and reduced high-cost maintenance. The new dashboard application further streamlined data collection, introduced omnichannel distribution of IT data, and improved the overall user experience. Moreover, by improving the process through human centered design, the customer improved the user’s ability to make evidence based decisions.

This project not only enhanced user experience it also supported requests for better data-driven decision making in government. While modernization projects frequently address high maintenance costs, human centered design adds an additional element. Improved user experience not only saves money, it enhances both accessibility and transparency, delivering better government to all.

This month we’re sharing success stories from our Data Practice. Follow us on LinkedIn for more insights. Check out our Data Solutions section for more from our Enterprise Modernization Experts.

The American Council for Technology and Industry Advisory Council (ACT-IAC) announced the release of the first volume of its Intelligent Automation Playbook. This playbook is designed for agencies considering Robotic Process Automation (RPA), running pilots or accelerating deployment. By automating administrative tasks RPA may also address the shrinking federal workforce and decreasing budgets.

The President’s Management Agenda, Cross-Agency Priority Goal 6 encourages shifting from low-value to high-value work. This imperative challenges agencies to find efficient solutions for administrative processes. These include tasks like data entry, completing forms using information read in a document and extracting then processing data. In addition to improving efficiency, accuracy, auditability and compliance, RPA adoption should reduce cycle time and increase citizen and employee satisfaction.

The playbook addresses implementation from organizational readiness through operating and maturing RPA. The playbook was preceded by the Intelligent Automation Primer, released in January 2019. This is suggested reading for those unfamiliar with intelligent automation and RPA.

The playbook and primer were developed by ACT-IAC’s Intelligent Automation Working Group. Manish Bhatia, from Karsun Solutions Cloud Practice, is a member of the working group. In May he shared his thoughts on the solutions demonstrated at ACT-IAC’s Igniting Innovation event.

Karsun Solutions supports ACT-IAC’s professional development and working group programs. ACT-IAC programs build relationships between government and industry. Like many Karsun team members, Manish is deeply connecting to the IT contracting industry through ACT-IAC. In March, Karsun Solutions spotlighted his involvement in these emerging technology communities.

HERNDON, VA – Karsun Solutions, an IT modernization firm serving the United States government, announced today the formation of a new DevOps practice within the Karsun Innovation Center. Samir Bham will head the new practice. Bham is a seasoned technical executive with over 25 years of experience.

Karsun Solutions was founded in 2009 with a focus on introducing both Agile and DevOps methodologies in government IT modernization initiatives. Karsun Solutions’ GoLean modern software development methodology incorporates robust DevOps/DevSecOps practices. The software development unit, utilizing GoLean as its methodology, was assessed at CMMI Level 5 Dev earlier this year. An AWS Advanced Consulting Partner, the firm was also recently awarded AWS Government Competency status.

The new innovation center practice takes DevOps adoption as core theme with employee enablement as its focal point. With the group’s founding comes a new focus on collaboration across programs and renewed focus on innovation for current clients. It also allocates specific resources toward developing offerings for future customers. Rather than targeting entry into a specific industry or agency, Karsun Solutions utilizes a capabilities-driven approach to new work. The Karsun Innovation Center identifies real world problems then proactively creates working solutions. Once these solutions are validated the firm seeks out new work ensuring customers are presented with proven approaches to their modernization challenges.

Under Bham, the DevOps Practice will increase resources for employee technical excellence and growth. The firm recently announced the opening of a new headquarters in Herndon, Virginia. The Karsun Innovation Center will be housed at this new location along with additional training facilities. The new DevOps Practice will utilize these resources to add new collaborative events and increase the professional development offerings available to Karsun team members.

About Samir Bham

Samir Bham serves as the Director of the DevOps Practice at Karsun Solutions. He is an accomplished technology executive with over 25 years of extensive experience leading diverse multi-disciplinary engineering teams. Samir is responsible for adopting Cloud and DevSecOps practices for software delivery across programs at GSA, FAA, and FEMA. Prior to joining Karsun Solutions, Samir held leadership positions at Neustar Inc. where he led several software delivery teams that delivered solutions for commercial and federal clients using Agile and DevOps methodologies. Samir’s thought leadership includes a continuous improvement philosophy while leading and developing next-generation high-performing teams with an emphasis on professional development, and collaboration. Samir holds a Master’s degree in Computer Science from Villanova University.

About Karsun Solutions

The federal IT modernization experts, Karsun Solutions enables enterprise transformation for its government customers including the Department of Homeland Security, Federal Aviation Administration and General Services Administration. An innovation-based and performance-driven culture, Karsun Solutions teams deliver extraordinary software development, cloud and advanced analytics solutions to their customers.  Karsun Solutions’ commitment to quality includes a DCAA Approved Accounting System, a CMMI Level 5 – DEV appraisal plus ISO 9001, ISO 20000 and ISO 27001 certifications.