Application programing interfaces connect apps, cloud platforms, Internet of Things devices and more to an agency’s enterprise data.
As agencies modernize their networks and integrate more applications and devices with their systems, it’s critical to give both employees and citizens the ability to use them efficiently and safely.
Many agencies, including the Department of Veterans Affairs, the Small Business Administration, the National Oceanic and Atmospheric Administration and the Federal Aviation Administration, are finding new ways to test and implement apps with their APIs before they’re made public.
Automation, virtualization, cloud tools and systems management software are among the solutions the agencies have used as they work to modernize application development, delivery and management.
“We want to start small, because we want to work through any bugs,” says Drew Myklegard, executive director of Project Special Forces within the VA’s Office of IT.
“The impact is not just in the number of forms we can take in electronically, but in how we’re able to change the narrative around the VA and enable people to build applications on top of what we create.”
MORE FROM FEDTECH: See how DOD intends to revamp its software acquisition and creation.
VA Encourages Third-Party Participation for Apps
The VA is more than willing to make its APIs available to third parties, and a talk by Myklegard and Alex Loehr, the VA’s deputy CTO, led to the first project by a private developer in 2018.
Inspired by a tweet from an audience member, the developer reached out to the VA, which provided access to its data and APIs. The app was created in an open-source repository for transparency and visibility while the work was being done. Once it was finished, the VA’s software team ran automated tests for security, then deployed the app to the agency’s commercial hybrid cloud, which includes Microsoft Azure, for further testing.
In just a few months, the free app, which allowed veterans to ask Alexa-enabled digital assistants for the location of the nearest VA facility, was set to launch.
“Government doesn’t always pivot that quickly,” says Loehr. “Consumer expectations have changed. We need to be able to meet those expectations and give people the sort of experience they can get in the private sector.”
Agencies Seek to Streamline the User Experience
These API initiatives are driven by a desire to give both internal users and external customers the seamless experience they’ve come to expect from consumer-focused applications.
Maureen Fleming, program vice president for integration and process management at IDC, says agencies want to move existing applications to new platforms to make them more cost-effective and easier to manage.
“A lot of federal agencies I talk to are interested in public cloud, private cloud or shifting assets to a Kubernetes-based container,” an open-source way of automating app deployment and management, Fleming says. “That’s a huge decision that agencies now are struggling with.”
“There can be a significant economic benefit to making these changes,” she adds. “Every agency should be experimenting with taking an older system and modernizing it.”
The SBA is taking a more agile, user-centered approach to application development. The agency is bringing in business owners to interact with and act as focus groups for applications as they’re being developed and engaging more with developers as apps are built.
“This idea that government should write a 100-page solicitation that describes exactly what it wants? For us, it’s a bad approach,” says Ryan Hillard, an IT specialist and systems developer at SBA. “The beginning of a project is when you know the least about the problem you’re trying to solve.”
SBA uses native tools embedded in Microsoft Azure and other providers to check up on its apps and APIs, says Beau Houser, the SBA CISO.
“Leveraging cloud-native artificial intelligence and machine learning allows us to identify anomalies in near real time and take appropriate actions,” he adds.
MORE FROM FEDTECH: Discover how AI will reshape the federal workforce.
NOAA Strives to Manage Legacy Apps for Far-Flung Users
NOAA works to regularly patch and update its applications for its employees, no matter where they work.
“We’ve had people in very remote offices, we have them in planes, we have them on ships — and they don’t always have the best connectivity,” says Cameron Shelton, director of the agency’s Services Delivery Division. “That’s been a challenge, getting updates out to those users.”
To ensure that employees have proper access, NOAA has pushed applications closer to the edge — by adopting G Suite, for example — and uses tools such as IBM’s BigFix and MaaS360 as well as Microsoft’s System Center Configuration Manager to patch other applications. And it retires legacy solutions when new ones are adopted.
Other agencies rely on virtualization to support legacy applications. “For the small number of legacy applications that are no longer compatible with our current desktop, but can’t be replaced, our preferred solution is desktop or application virtualization using Citrix XenApp, or something similar,” says Larry Grossman, acting director of the Federal Aviation Administration’s Solution Delivery Service.
“This has worked well for us in the short term,” he says. “Over the long term, there is no substitute for replacing platforms that have reached the end of their life.”
MORE FROM FEDTECH: Find out how to set a timeline for your agency’s Windows 10 migration.
Feds Shake Off Old Ways to Updating Apps
To keep both employees and citizens satisfied going forward, agencies must strive to keep up with constantly evolving expectations around applications, federal IT leaders say.
“NOAA’s workforce is increasingly mobile,” says Shelton. “We need to equip support staff with the necessary tools to reach remote locations. Real-time security precautions and countermeasures are imperative these days.”
The agency uses tools such as Dameware for mobile support. “The workforce is not going to become any less mobile,” says Shelton.
“We’ve had this mindset of, ‘Let’s bring the laptops in once a month to get them patched.’ We need to get out of that mindset.”
At the VA, Myklegard and Loehr are spearheading efforts to lead the agency’s technology away from legacy practices.
“As this wave of APIs is being exposed, developers are able to depend on the federal government the way they can depend on the commercial sector,” says Loehr.