COLORADO SPRINGS, CO – A little over a year ago, the Sigmatech development team for the National Security Space Institute (NSSI) in Colorado Springs, CO, began a long journey of migrating two decades worth of web assets that operated and sustained NSSI’s mission, to the cloud-computing power of Cloud One. In November 2021, Sigmatech partnered with Applied Information Sciences (AIS) and took on this enormous task of establishing three cloud environments, creating an Authorization to Operate (ATO), and refactoring over a million lines of code that make up NSSI’s web applications and databases; and is now live on Cloud One as of January 2023, well below the industry migration standard of 3-4 years.
The move by the NSSI to Cloud One was needed as it works to keep up with its continuous requests for new courses and demand for increased student output. Sigmatech stabilized and secured NSSI’s Cloud One web infrastructure for this rapid growth with the implementation of DoD industry standard processes/practices, universal access from any internet on-ramp whether it be CISP or NIPR, CAC multi-factor authentication, data integrity and layered security, and developed an environment unsusceptible to disruptions and consistent with DoD DEVSECOPS initiatives. In addition, Sigmatech created system security artifacts and supported the Risk Management Framework (RMF) process to obtain NSSI’s ATO. An ATO that was one of two that Sigmatech had approved in the first round ever of USSF ATOs.
The ATO for the NSSI migration effort was made very complex due to the nature of information stored. The NSSI relies on Personally Identifiable Information (PII) of staff and students. The ATO had to comply with hundreds more security controls in order to receive approval. The ATO addresses a multitude of Laws and Regulations, including DoD Instruction 1000.30, DoD Directive 5400.11, Air Force Instruction 33-332, and the Privacy Act (5 USC 552a). This also covers registrations with DISA and Ports and Protocols (PPSM).
Sigmatech, with the assistance of AIS, played a key role in the successful migration of NSSI’s web assets to Cloud One. Prior to the migration, NSSI’s web assets had unpredictable network outages, certificate errors for its public site, application enhancements hindered with manual processes, restrictive development conditions, and was working without an approved on-premises ATO. With this migration Sigmatech disposed of these issues, secured NSSI’s applications and data, and ensured NSSI’s growth and future by establishing its web assets new home on Cloud One.