DevOps and Continuous Integration

Application Management

  • Deployment support for all patches, upgrades, and maintenance releases as needed
  • Database administration
  • Configuration Management support
  • Issue tracking
  • SLAs
    • Service level agreement of 99.9% uptime
    • Process for scheduled maintenance

Information Assurance

  • Monitoring security of the network and servers
  • Client access to appropriate security logs
  • Security Management plans
  • Intrusion Detection
  • Managed network operations including VIPs, firewalls, switches, load balancers, intrusion detection systems
  • Compliance with Federal Standards (i.e. FISMA, NIST)

Disaster Recovery/Local Coop

  • Disaster recovery plan for complete recovery within 48 hours
  • Contingency Plan
  • Regular full/incremental backups
  • Regular offsite storage for backups
  • Restore backups in no more than 24 hours

Hosting/Physical Security

  • Environments
    • Provide Development, Staging, Production, and Failover environments
    • Management of configuration, patches, upgrades and monitoring of the operating system
    • Ability to install, upgrade, configure, start and stop application dependant software systems
    • Ability to remotely review, deploy and troubleshoot application code
  • Physical Facilities
    • A physically secure facility for all equipment
    • Appropriate power, power conditioning and power continuity
    • Air conditioning and ventilation
    • Fire detection and control
  • Connectivity
    • Application Web servers connected to the public internet with data bandwidth equal to or greater than 5Mbits
    • Access to an SMTP mail server
    • Redundant Internet connectivity via independent backbone providers
  • Equipment and Software
    • Redundant and scalable environments
    • Price/schedule for application dependant software/leasing
    • Immediate notification in case of outages
    • Description of outage and any corrective action taken
  • Reporting
    • Web statistics reporting
    • Continuous monitoring and management of all services and equipment
    • Anomaly notification

Devis has provided managed services and information assurance to a wide variety of clients and initiatives – from a small PVO in West Africa to the official Federal portal for all disability resource information. Devis has invested in cloud compatible infrastructure to support agile, efficient and scalable environments. See our Virtualization Success Story.

For our Federal clients, we provide secure managed services, in which we are responsible for conducting Privacy Impact Assessments, Certification & Accreditation of the system, continuous monitoring of security controls, and overseeing the mitigation of system vulnerabilities/weakness.

As part of this service we provide information and respond to security data calls in each of the following 17 control topic areas:

  • Risk Management
  • Review of Security Controls
  • Life Cycle
  • Authorize Processing
  • System Security Plan
  • Personnel Security
  • Physical and Environmental Protection
  • Production, Input/Output Controls
  • Contingency Planning
  • Hardware and System Software Maintenance
  • Data Integrity
  • Documentation
  • Security Awareness, Training, and Education
  • Incident Response Capability
  • Identification and Authentication
  • Logical Access Controls
  • Audit Trails