USCIS tries to move legacy systems to the cloud piece by piece, CIO Mark Schwartz says. 

Nov 02 2016

Feds Tap the Cloud to do the Heavy Lifting in Legacy IT Modernization

The time is ripe for agencies to start moving aging infrastructure to the cloud, and some agencies, like USCIS and the FCC, have already done so.

Despite years of costly modernization efforts, agencies continues to grapple with antiquated and cumbersome — yet mission-critical — IT systems.

A recent Government Accountability Office report found that the cost of operating and maintaining these aging computers and applications increased steadily over the past decade. In fiscal year 2015, more than 75 percent of the federal IT budget went to legacy systems. However, the money available to invest in new IT development and enhancements has nose-dived by $7.3 billion since 2010.

The situation could change, as government technology leaders now see the cloud as a solution to the legacy conundrum.

The cloud offers the speed, agility, scalability and process replication that enables agencies to deliver mission value rapidly, says Mark Schwartz, CIO at U.S. Citizenship and Immigration Services (USCIS), especially when compared with the historic approach of undertaking a single, massive system modernization.

Earlier this year, federal CIO Tony Scott proposed that Congress authorize $3.1 billion to fund cloud-enabled modernization efforts. Under the new Federal IT Acquisition Reform Act (FITARA), CIOs have more power to plan, approve and purchase IT products and services.

New leadership at the General Services Administration is also looking to further streamline the FedRAMP cloud adoption process so more innovative, private-sector vendors will participate.

Some agencies have already taken to the cloud, transitioning within ­existing IT budgets and around less-than-optimal conditions.

Moving Systems to the Cloud in Pieces

USCIS was in the midst of a years-long effort to modernize legacy systems, including E-Verify, a monolithic application that lets employers determine if new employees are eligible to work in the U.S. Out of patience, Schwartz and his team started moving E-Verify to the cloud incrementally last December, using a strategy that Schwartz refers to as the “strangler” pattern.

“It sounds ominous, but the general idea is that we try to break a piece of the legacy system and move it to the cloud but still keep it interoperating with the rest of the legacy system,” Schwartz explains. “Then we break off another piece, and we keep doing that until the entire system has been re-engineered and moved to the cloud.”

There are several types of verifications performed within E-Verify, so Schwartz first tackled an especially slow and frustrating process within the system. To transition, Schwartz and his team built web services on the back end so they could separate the front end and move it to a public cloud provider.

The initial effort was completed in six weeks. Users had no idea that there was a change. “They can’t tell that it’s been moved to the cloud, except for the fact that the system is a lot faster and easier to use,” Schwartz says.

Over the next few months, additional E-Verify pieces were successfully moved to the cloud, all within the existing IT budget. Now, Schwartz is focused on moving the E-Verify back end to the cloud. Once the system is fully transitioned, the team can easily add new features or reorganize it to be even faster and more user-friendly.

That flexibility will be important as demand on the system grows. “One of the best parts about the cloud is we will be able to right-size it to whatever scale we need,” says Schwartz. “And no matter how many cases we add into the system, there won’t be any degradation of performance.”

Building Cloud Migration Momentum

The IT team at the Federal Communications Commission also saw the cloud as the solution to its legacy challenges, but took a different approach.

The effort started shortly after David A. Bray became CIO in 2013 and assessed the agency’s technology environment. Once cutting-edge, the FCC didn’t even have the infrastructure to allow telework.

“The average system was more than 10 years old, almost everything was onsite except for a few web pages, and it was consuming more than 85 percent of our IT budget — and would only continue to take more and more,” he explains.

Bray and his team saw potential in the cloud. “It offers cradle-to-grave faster options for us to be more efficient, secure and reliable,” says Christine Calvosa, deputy CIO for resiliency at the FCC.

They started slowly, by first moving employees to virtual desktops, then testing the transition process by moving one overly complicated application to the cloud.

Buoyed by their success, the IT team made the bold decision to move the entire data center to a commercial cloud site in one fell swoop. “We realized that instead of spending 85 percent of our budget maintaining the systems on-premises, we could reduce that to less than 50 percent,” Bray explains. “So even if our budget stayed flat, which is likely to be the case, we would immediately have the ability to invest in new systems and modernization, rather than just maintaining the status quo.”

SOURCE: Government Accountability Office, “Federal Agencies Need to Address Aging Legacy Systems,” May 2016

The project, dubbed Operation Server Lift, involved shutting down, packing up and physically moving all hardware, applications and supporting equipment, then getting everything back up and running with minimal impact on users.

“We started planning nine months out,” Calvosa says. Preparation included working with stakeholders, thinking through contingency plans, conducting tabletop exercises and transitioning employees to Microsoft’s cloud-based Office 365 so all FCC users would have access to office productivity tools while the system was down for a week.

Gaining Freedom by Moving to the Cloud

The IT team began the move on the Thursday before Labor Day of 2015 and worked around the clock to rerack, recable and reboot everything.

“We were able to bring up some of the external-facing systems on Tuesday morning so that for the public, it was largely transparent,” says John Skudlarek, deputy CIO for management at the FCC. “It took a few days longer to get everything up for the rest of the workforce, and I can tell you that we were scrambling, but we have a team of change agents here who went and personally worked with all of our bureau and office representatives to make sure everyone had what they needed.”

With the FCC’s infrastructure now in the cloud, Bray is focused on improving user interfaces, adding new features, and “untangling” the places where applications and stored procedures comingle with data, so that different pieces can be moved to one of the FCC’s four FedRAMP-certified cloud service providers.

“Eventually, we will have untangled and stitched the different cloud services to authenticate a user, to collect the data, to visualize it and so forth,” says Bray. “And in the future, if a better cloud service comes along, we can just change it out to a different provider. It will be a snap.”

As the process continues, Bray has his eye on one prize: freedom. “We don’t want to host anything anymore,” he says. “Our goal is to be 99 percent public cloud, if not more.”

Gary Landsman

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT