This content is provided by Red Hat.
“Open source is the best source for choice and security.” These were the first words that Paul Smith, Senior Vice President and General Manager, Public Sector, Red Hat, chose to open his talk at the recent 2017 Red Hat Government Symposium. The yearly Red Hat Government Symposium goes beyond demos and new product announcements to explore the best practices to successfully leverage people, process and technology in order to maximize digital transformation and modernization initiatives within the government.
The 2017 Red Hat Government Symposium also highlights the key role that the open source community has in meeting the challenges of government IT. One example of this, highlighted by Paul in his opening remarks, is the Kubernetes project. Kubernetes advances the use of containerization with a streamlined system for container orchestration. Kubernetes facilitates the use of containers in large enterprises and empowers IT organizations with the automating, deployment, scaling and management of containerized applications.
Kubernetes is the container orchestration engine at the heart of Red Hat OpenShift Container Platform, a container application capable of bringing Docker and Kubernetes to the enterprise. As one of the top contributors to the Kubernetes project, Red Hat chose to contribute to the greater good by submitting enterprise enhancements that Red Hat’s customers require upstream, and that are for all to benefit. Red Hat also hardens the commercially supported offering with a stable and predictable life cycle to ensure customers can use it securely in production and at scale.
Regardless of your applications architecture, Red Hat OpenShift lets you easily and quickly build, develop and deploy in nearly any public or private infrastructure. Whether it’s on-premise, in a public cloud, or hosted, Red Hat OpenShift helps agencies lay the foundation for the effective use of containers within their IT organizations. It also helps facilitate the use of orchestration tools like Kubernetes.
Another topic explored at the Symposium this year entailed removing the friction commonly found between security and compliance teams by leveraging open source and Red Hat to catalog and control compliance requirements. Placing information systems on government networks requires system owners to follow the NIST Risk Management framework, or an agency-specific tailored variant of this framework. Following this framework requires extensive documentation, and even the government provided Guide for Applying the Risk Management Framework to Federal Information Systems is over 100 pages long. Red Hat works with the OpenControl community to provide content for Red Hat products. The collaborated content, available via the open source project page, provides agencies with a capability called OpenControl, which facilitates the compliance and security process within the government.
The OpenControl project, which is a product of contributions from people across government and industry – including 18F at the General Services Administration (GSA) – accelerates compliance by standardizing the documentation of security controls. Whether those security controls are operational or technical in nature, OpenControl speeds-up the Authority To Operate (ATO) process by leveraging open source to reuse and automate compliance paperwork.
A final insight from the 2017 Red Hat Government Symposium is the contributions that people and processes bring to successful government IT initiatives. Government digital transformation challenges can’t be solved by technology alone. People and process need to be considered as well.
This is true when adopting Agile and DevOps methodologies, as well as integrating security into these practices. Some agencies are making substantial progress, while others would like to accelerate their rate of adoption. Solutions like the Red Hat Open Innovation Labs accelerate digital transformation in an “open source manner” by using cutting edge Agile and DevOps methodologies.
Red Hat realizes that, as with any large implementation or deployment, the first few steps are often the most daunting. Red Hat Open Innovation Labs let agencies field pilot programs where internal IT staff are paired up with Red Hat developers under a scope of pre-defined work. The Red Hat teams provide instruction, advice and training that agency developers can take back to their organizations.
Another contribution to people and process covered during the Symposium originated from a session with Col. Chris Wade, Director of Task Force Cyber Strong, Office of the Deputy Chief of Staff, G-3/5/7, U.S. Army. In his session, Wade stressed the importance for federal institutions, including the Army, to leverage people to not only think outside their area on the organizational chart, but also think outside their organization or agency. The point of this approach is to drive innovative ideas, produce innovation across the government, and unleash more community participation.
The Red Hat Government Symposium isn’t really about Red Hat or the government. Instead, it acts as the perfect venue for sharing, collaborating, and telling stories about times when the public and private sectors work together to make government more efficient and responsive to its stakeholders. Those types of important discussions, when public and private sectors jointly accomplished lofty and useful achievements were a huge highlight, and a high point for many participants, of the entire 2017 Symposium.