More than ever before, Australian government agencies are engaging local businesses to deliver high-end digital services to the public, a phenomenon which has paved the way for a vibrant tech startup community that often out-performs the established players in the digital delivery space. But when those smaller businesses are contractually required to adhere to the government's strict data security requirements, the dream can quickly turn into the nightmare.
It's the situation that was all-too-familiar to the team at SoNET systems. As the premier provider of online case management, examination and assessment solutions, SoNET's hosted Assessment Master and iCase SaaS platforms are used to deliver state and federal government services, such as:
- The National Assessment Program - Literacy and Numeracy (NAPLAN)
- The Western Australian Online Literacy and Numeracy Assessment (OLNA)
- The National Disability Insurance Scheme (NDIS).
"We are very good at delivering highly customisable and intuitive solutions to our customers, but when it comes to technical security and compliance, we need experts we can rely on 24x7 that not only understand security but also DevOps and infrastructure automation." says Stephen Birchall, General Manager Software Development.
"It's a tricky situation because the data we're hosting is highly valuable and sensitive, but the funding to hire a team of cyber-security experts and DevOps engineers simply isn't there."
Today, SoNET systems' web developers use the Cohesion Method to deliver digital services in a way that conforms to the government's strict data security requirements.
"We had to make a few workflow changes, but there's no doubt we're now significantly more automated and secure than our previous in-house attempts at compliance. Once we got used to the tools and the methodology, we found that we had the autonomy to test and release code changes into production as often as we liked with zero downtime. Most of the complexity of the security mechanisms were invisible to our daily workflow."
Before the Cohesion Method, deployments for SoNET systems were a manual, error prone and stressful process.
"It used to take an hour or so to deploy new versions of our software, because we had to do everything manually. Since adopting the Cohesion Method, our failed deployment rate has dropped from 25% to less than 1%."
For a company with no prior experience with Linux, Amazon Web Services or Infrastructure-as-Code, there were genuine concerns about whether the team could absorb the Cohesion Method.
"What really surprised us was the level of support and training we continue to receive from Salted Signal's cyber security and DevOps team. Every time we read articles and blogs about other cloud migration projects, we realise how many bullets we've dodged and how much time and money we've saved, thanks to our partnership with Salted Signal."