Ready on Day 1 in lifecycle management means ready to manage any challenges before Day 1, advises Peraton’s CIO

This is the third article in our IT lifecycle management series, Delivering the tech that delivers for government.

For any federal contractor, managing its team’s needs on government projects requires a continual real-time, proactive approach to lifecycle management.

This means ramp-up has to happen well in advance so the organization can achieve true day 1 readiness, said Tom Terjesen, chief information officer at Peraton.

“What’s changed is that on day one of any new program we stand up, we have to be ready to support the program,” he said. “And what has changed really is the frequency we have to push patches and upgrades and things like that.”

As part of total readiness, cybersecurity processes also take center stage before work on a project for any government customer begins.

Peraton’s support of the Defense Department, Homeland Security Department and Intelligence Community agencies means it works with organizations that are constantly a target of foreign adversaries.

“We have to keep our guards up all the time” from a compliance standpoint, Terjesen said. “But also making sure our employees are trained properly to understand the risks and make sure they’re not introducing any risks to our environment that could impact our ability to support our customers. That’s a huge challenge we face on a daily basis.”

To protect the environment, the company applies a zero trust model and only provides its employees with access to systems and data necessary to do their jobs. “It has helped significantly with our risk and compliance requirements,” he said.

We talked with Terjesen for Federal News Network’s series, Delivering the tech that delivers for government, about how a federal systems integrator can best manage lifecycle before, during and after a project. He offered three strategies.

Day 1 Readiness Strategy 1: Know your baseline

“When I say we have to be ready to support our programs on day one, if a vendor issues a zero day vulnerability, we’re ready to deploy it to the program right away,” Terjesen said.

To do that, before a project officially starts, requires knowing the baseline for all devices being used for a program, both by Peraton but also by government users, he said.

“The process has to start during the transition period,” Terjesen said. “We stand up that ability to support our customer when we’re getting ready for day one — readiness and managing and maintaining assets.”

In today’s hybrid environment, making sure all tools and services are accessible over the internet matters too and must be part of the baseline knowledge gathering process. “People are much more mobile,” he pointed out. “We need to be able to connect with them wherever they are in the world,” no matter the hour.

Day 1 Readiness Strategy 2: Introduce a change management process

For ongoing management and maintenance, Terjesen calls the creation of a change management process essential.

It’s the only way to be sure there’s centralized control over the types of changes happening to an environment. That also allows for a controlled approach to managing technology needs, he said.

“You don’t want it to be a free for all because then you’re going to be in a situation where you’re having outages all the time — and that’s the last thing you want for your customer.”

The process also allows for appropriate planning well in advance of any project need or deadline. It avoids panic when trying to get things done, Terjesen said. In fact, that’s a critical gauge of success, he noted.

“If you’re patching things and upgrading things and keeping them in support, you’ll have a lot less fire drills to fight,” he said.

Day 1 Readiness Strategy 3: Implement an asset management tool

Finally, stand up a tool to manage assets across the project’s lifecycle, Terjesen advised. “When you deploy a device, you need to know where it’s going, who owns it or who’s using it.”

It’s critical that the tool be able to connect with all devices on the network, which should be evaluated during the initial baseline assessment. Part of the management tool’s capabilities must be vulnerability scanning, he said.

“Once you’re pushing software out and you’re patching software, you have to have a tool that can tell you, ‘Is it working?’ You have to be able to run a vulnerability scan against all those assets to make sure what you’re doing is actually making a difference,” Terjesen said.

Scanning also provides information to proactively identity and target any devices with issues or needs. And it plays into decommissioning assets too.

“That’s a step we take seriously,” Terjesen said. “We want to make sure, one, it’s done in a green fashion, and two, we don’t want any data left on the device when we hand it off. We have a whole process where we scrub and cleanse data off those devices.”

Discover more stories about how federal systems integrators and government contractors manage their enterprise infrastructure environments in our series Delivering the tech that delivers for government, sponsored by Future Tech Enterprise.

To listen to the full discussion with Peraton’s Tom Terjesen, click the podcast play button below:

Check out all podcast episodes of the Delivering the tech that delivers for government series.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.