The client faced significant capacity challenges in meeting the timeline for stringent security requirements to obtain Authority to Operate (ATO) for classified systems, a critical step for securing government contracts for satellite imagery services. The client also faced some knowledge gaps across the various teams regarding system architecture and the specific requirements for achieving ATO.
Technically, the client needed support to collaborate across the teams to address:
Standardization of deployment processes across various teams.
Inconsistent system configurations and the use of older, deprecated systems.
Improvement of enterprise-wide security monitoring and had a need to harden deployment environments.
Ownership of mapping out clear requirements and project roadmaps.
The lack of capacity hindered progress and prevented the client from sustaining revenue-generating services.
Trility's approach centered on embedding our team within the client's teams to achieve:
Collaborative Partnership: We integrated directly into their teams, attending stand-ups and meetings to ensure constant communication and build strong rapport. Working alongside their engineers, we coached and set them up for success with the new processes and configurations.
Process Improvement & Roadmapping: To address the lack of clear requirements, we established a bi-weekly roadmap review with key stakeholders. We created working groups to define and whiteboard requirements, which was so successful the client asked us to replicate this process for multiple other teams.
Ownership & Knowledge Transfer: We took temporary ownership of critical services to harden, document, and test them, with the end goal of enabling the client's teams to take over. This included providing documentation support and knowledge transfer sessions to help new team members get up to speed quickly.
Trility leveraged a range of tools to implement robust solutions, including:
Infrastructure & Deployment: Terraform, Terragrunt, Kubernetes (EKS, Rancher), Helm, Jenkins, Python, and Bash.
Security and Monitoring: Elastic Stack, Trellix, and AWS Log Aggregators.
Version Control: GitHub and GitLab.
Trility's involvement contributed to significant outcomes, enabling the client to overcome capacity and technical hurdles for securing government contracts:
Achieved ATOs: Trility was instrumental in helping the client secure multiple ATOs – two for classified systems which was an ongoing, five-year process.
Security & Compliance: We enhanced overall security posture through improved enterprise-wide monitoring and hardening of deployment environments. We also built out compliance dashboards to meet requirements.
Delivery & Standardization: We helped standardize deployment methodologies and service configurations, moving them off older systems and onto more efficient, standardized pipelines. This led to both client-facing deployment changes and internal, organization-wide improvements to standards and functionality.
Patterns & Capabilities: Our roadmapping and requirements-gathering processes were adopted within the organization. By providing extensive knowledge transfer, we increased the capabilities of their internal teams, preparing them for seamless handoffs and long-term success.
