Unify stakeholders and deliver quality experiences through platform automation

Unify stakeholder priorities

We often hear from clients that they need to quickly build a new digital property (e.g., website or landing page) to support a campaign to connect with customers, promote temporary programs, or for broader promotion strategies. The quick pace of innovation from marketing and product teams means speed-to-market expectations are high. And those pace expectations often conflict with technology teams’ priorities to securely deploy a reliable and resilient solution. When solutions aren’t designed with stakeholder priorities in mind, it can cause friction within an integrated team—that’s why we developed a fully automated shared web hosting platform to help address the challenges of all stakeholders.

As we set out to architect the right design for the platform, there were countless ways to deliver the solution, but we were guided by industry best practices, internal standards, and initial known project requirements. We focused on ensuring high-availability, built-in performance monitoring, and security best practices at every tier. We wanted to ensure that the solution was repeatable enough for customers to take advantage of the cost savings and efficiency of pre-developed components, but also flexible for future customer requirements and customization.

In order to meet those initial objectives, we designed the shared hosting solution with the following three key guiding principles: 

• Create a single source of truth through full solution automation: The solution is built entirely through Infrastructure as Code (IaC); infrastructure configuration, application deployment and management, and security settings. Both the initial deployment of the solution and any on-going changes or updates are all implemented through automation and IaC. Maintaining everything through code allows for a single source of truth to ensure that a single access point for organizational knowledge. All changes are also logged, making them easy to review, and ensure version control as changes are made, making it possible to easily revert when needed.
• Ensure quality through end-to-end testing: End-to-end testing is integrated into the solution throughout an automation pipeline. Functional infrastructure testing is an effective way to ensure the system is ready before any deployment and helps meet compliance standards and objectives. Static code analysis implemented before or as part of a code commit can help avoid mistakes and unintended exposure. Compliance-as-code tools often come with built-in checks based on existing cloud and system standards so you can get started immediately avoiding a steep learning curve. Together, a collection of end-to-end tests validate the quality of a solution. By setting quality goals for a project, the level and type of testing needed paves the road to quality. Automating the testing creates an express lane to quality.
• Built-in security best practices: By embedding security settings, tools, reporting, and scanning into the SDLC and deployment capabilities, we’ve removed a significant roadblock for individual projects. Teams are now able to efficiently secure their website without the high overhead of re-implementing security settings and tools for each project. The platform currently complies with several Amazon Web Services (AWS) Center for Internet Security (CIS) benchmarks and will include the National Institute of Standards and Technology (NIST) framework in the future.

Provide maximum value to clients 

As we initially evaluated and designed the shared hosting platform, the driving factor in each decision was ensuring that, ultimately, we provide value to our partners, projects, and customers. By taking the technical approach detailed above, we are now able to provide our clients with the following: 

• Increase speed-to-market and competitive edge: By leveraging existing core product features, customers no longer need to re-invent the wheel every time they deploy a new website. They can now leverage the rapid deployment of the shared hosting platform to get up and running in a fraction of the time. That allows clients and brands to rapidly deliver the experience and demands of their customers, ultimately making them more competitive in the market
• Improve reliability and availability: Our team is responsible for ensuring the underlying platform is always up to date, allowing other teams to focus on business-driving activities such as creating the latest marketing campaign or writing the custom code for the supporting website. 
• Leverage shared enhancement and feature development: As a shared platform, when new features are developed, all projects and clients have access to absorb them into their own application and custom solution. Project teams don’t pay for any enhancements, they just become a part of the core platform they can leverage. 
• Ensure cost-efficient solutions: The highly available solution elastically scales, and downsizes, in capacity based off traffic and business demands, saving consumption costs by only running what is required. Additionally, we strive to automate 100% of the most common infrastructure delivery steps to keep costs low
• Mitigate risk with security best practices:  By providing security as a core requirement of the solution, project teams and clients don’t need to re-define security best practices and policies for every project. Instead, they can leverage the expertise of our cybersecurity team to define baseline requirements and ensure they are implemented as part of the core offering mitigating the risk of any potential data breach, and potential brand or reputational damage.

The shared web hosting platform in action

ICF recently collaborated with an energy company to migrate their solution into the shared hosting platform hosted in AWS. The legacy solution was custom-built to support energy-program-specific promotions throughout the year. Because of the promotion schedule there are variable traffic patterns throughout the year with spikes tied to the specific promotional periods. To support those spikes, the team would manually scale the environment and prepare weeks in advance. Additionally, there were single points of failure in both the solution architecture and team members supporting the environment that made reliably supporting the promotional periods difficult. 

As we worked to migrate the solution, addressing those challenges was top-of-mind. Built-in to the shared hosting solution was increased reliability and availability with a highly available architecture, removing any single-points-of-failure in the solution’s architecture. The solution’s automation also includes autoscaling when needed to support traffic spikes, removing the need for manually scaling weeks in advance, helping with cost savings by only paying for the additional infrastructure when needed. 

In addition to solving the challenges from their previous solution, we were also able to provide enhancements, maturing their overall solution. For example, the team is now able to use full CI/CD (i.e., continuous integration, continuous delivery, and continuous deployment) for deployment automation and can leverage the shared security of the platform, improving overall security posture. The energy program not only has a better solution, but we also helped decrease their costs by leveraging shared infrastructure to host the solution. The extended team can now focus on the development and program delivery instead of worrying about infrastructure and security management.

The shared hosting solution enables clients and programs to rapidly spin up innovative solutions, without having to decide between the quality of technology implementation and speed-to-market of the campaign or program. By building an automated, repeatable solution, we eliminated the need for individual projects to reinvent the wheel, leveraging the scale of the solution. Moving forward, clients will also be able to take advantage of any enhancement that is built for the solution—leveraging the shared work and product feature enhancements.