 From the CUBE Studios in Palo Alto in Boston, connecting with thought leaders all around the world, this is a CUBE Conversation. Hello and welcome to today's session of the AWS Global Public Sector Partner Awards. I'm your host, Natalie Erlich. Today we're gonna focus on the following award for best partner transformation. I'm pleased to introduce our guests, Josh Dorsmith, Vice President of Public Sector at Effectual and Jeremy Yates, Deputy Technology Architect at Ginny May. Welcome gentlemen, so glad to have you on our show. Hi there, very nice to be here. Thank you so much for having me. Terrific. Well, Josh, I'd like to start with you. How can companies leverage cloud native solutions to deliver higher quality services? So Natalie, that's a great question. And in the public sector and our government customers, we run into this all the time. It's kind of our bread and butter. What they can do is the first thing they need to be aware of is you don't have to be afraid of the cloud as some very obscure technology that is just emerging. It's been out for 10, 11 years now. Customers across government space are using it lock, stock and barrel to do everything from just managing simple applications, simple websites, all the way through hosting their entire infrastructure, both in production and for disaster recovery purposes as well. So the first thing to note is just, don't be afraid of the cloud. Secondly, it's imperative that they select the right partner who is able to kind of be their Sherpa to go into, however far they want to dip their toe into the proverbial cloud waters, to select somebody who knows whatever it is that they need to go do. So if they want to go AWS as we are talking about today, pick a partner who has the right experience, past performance, designations and competencies with the cloud that they're interested in. Terrific. Well, you know, Jeremy, I'd love to move to you. What does modernization mean to Ginny May? Sure, thanks Natalie. Great to be here. Thanks Josh as well. So for Ginny May, modernization is really, it's not just technology, it's holistic across the organization. All right, so that includes things like the business, not just the IT division. So we're looking at the various things to modernize like our culture and structural changes within the organization, moving to implement some proven practices like DevSecOps and continuous integration and continuous delivery or deployment. And then our overarching goal is to give the best and most secure technology to the business that we can to meet the Ginny May mission and the needs of our customers. Terrific. Well Josh, how is effectual planning to support Ginny May's modernization plans? So we have been supporting Ginny May for about 14 months now. And back in September of last year, we were awarded a co-prime 10 year contract for Ginny May to do exactly that. It's to provide all things cloud to Ginny May for 10 years on AWS. And that's including reselling AWS. That's including providing all sorts of professional services to them. And it's providing some third party software applications to help them support their applications themselves. So what effectual is doing is kind of threefold. We are supporting the modernization of their process which Jeremy mentioned a moment ago. And that includes instantiating a cloud center of excellence for Ginny May, which enables them to modernize the way they do cloud governance while they're modernizing their technology stack. We're also providing a very expert team of cloud architects and DevSecOps engineers to be able to design the Ginny May environment collaborating with our co-prime to ensure that it meets those security requirements, the compliance requirements that Jeremy mentions. Ginny May is a federal entity, but it also has to adhere to all the finance industry compliance requirements as well. So very strenuous from that perspective. And then the third thing that we're doing to help them, you know, kind of on the long their modernization journey is instantiating infrastructure as code. So in the cloud rather than building everything in the AWS management console, we script everything to build it automatically. So it improves consistency. It improves the customer experience regardless of which resource is working on it. And it improves disaster recovery capability as well. And also just quite frankly, the speed by which they can actually deploy things. And Jeremy, how is this transition helping your security really enhancing it now? From a securities perspective, we're implementing a number of various tools, both, you know, AWS based as well as other software that Josh mentioned. So we're able to utilize those in a more scalable manner than we could previously in the traditional data center. We've got a number of things, such as we're looking at multiple vulnerability management products like Tenable IO and QOLIS. We're using tools such as Centrify for our PAM or Privilege Access Management capabilities. Splunk, a pretty industry standard software for log and data correlation and analysis. We'll also be using that for some system and application monitoring, as well as the McAfee M-Vision product for Endpoint and other cloud service security. So being able to pull those in in a more scalable and more cost efficient way as well from cloud based services, it's really helped us be able to get those services and integrate them together in a way that we may not previously been able to. Yeah, terrific. Well, Josh, let's move back to you and talk further about compliance. You know, any insight here how effectual is building a modern cloud infrastructure to integrate AWS services with third party tools to really achieve compliance with the government requirements? Just any further insight on that front. That's a great question, Natalie. And I'm going to tag team with Jeremy on this one, if you don't mind, but I'll start off. So Ginny May, obviously I mentioned earlier, has federal requirements and financial requirements. So I'll focus right now on those federal aspects. So the tools that Jeremy mentioned a moment ago, we are integrating all of them with AWS native, meaning all of the way we do log aggregation and the various tools within AWS, CloudWatch, CloudTrail, all of those things we're implementing an AWS native, integrating them with Splunk to aggregate all that information. But then one of the key requirements that's coming up with the federal government in the very near future is tick 3.0 or trusted internet connection. Basically in the first iteration, a decade or so ago, the government wanted to limit the amount of points of presence that they have with the public facing internet. Fast forward several versions to today and they're pushing that onus back on the various entities like Ginny May and like HUD, which Ginny May is a part of, but they still want to have that kind of central log repository to where all of the security logs and vulnerability logs and things like that get shipped to a central repository and that will be part of DHS. So what effectual has done in partnership with Ginny May is create a AWS native solution leveraging some of those third party tools that we mentioned earlier to get all of those logs aggregated in a central repository for Ginny May to inspect ingest and take action from, but then also provide the mechanism to send that to DHS to do that and correlate that information with everything coming in from feeds across the government. Now that's not required just yet, but we're future-proofing Ginny May's infrastructure in order to be able to facilitate adherence to those requirements when it becomes required. And so Jeremy, I'll pass it over to you to talk a little bit further about that because I know that's one of the things that's near and dear to your CISOs heart as well as Ginny May overall. Yeah, absolutely. Thanks, Josh. So yeah, as you mentioned, we have implemented sort of a hybrid tick model right now to handle compliance on that front. So we're still using some services from the legacy or existing tick 2.x models that Josh was mentioning, things such as MTIPS, the Einstein sensors, et cetera. But we're also implementing that tick 3.0 architecture on our own as Josh mentioned that will allow us to sort of future-proof and seamlessly really transition to once we make that decision or guidance comes out or mandates or such. So that effort is good to future-proof us from compliance perspective. Also, the tools that I mentioned then Josh reiterated, those are extremely important to our security and compliance, right? Being able to ensure the integrity and the confidentiality of our systems and our data is extremely important, not just both on the, not only on the government side, but as Josh mentioned, the finance side as well. Terrific, well, I'd love to get your insight too on AWS workspaces. If either one of you would like to jump in on this question, how did they empower the Ginny May team to work remotely through this pandemic? That's a great question. I guess I'll start and then we'll throw it to Jeremy. So obviously, Affectual started working with Ginny May about three weeks after the pandemic formally started. So perfect timing for any new technology initiative. But anyway, we started talking with Jeremy and with his leadership team about what is required to actually facilitate and enable our team as well as the government resources and the other contractors working for Ginny May to be able to leverage the new cloud environment that we were building. And the very obvious solution was to implement a virtual desktop infrastructure type solution. And obviously Ginny May had gone all in on Amazon Web Services. So it became the natural fit to look first at AWS workspaces. So we have implemented that solution. There are now hundreds of Ginny May and Ginny May contractor resources that have AWS workspaces functioning in the GovCloud regions today. And that's a very novel approach to how to facilitate and enable not only our team who is actually configuring the infrastructure but all the application developers, the security folks and the leadership on the Ginny May side to be able to access, review, inspect, check, log, et cetera through this remote capability. It's interesting to note that Ginny May has been entirely remote since the pandemic initiated. Jeremy's coming to us from West Virginia today. I'm coming to us from National Harbor, Maryland and we are operating totally remotely with a team of 60 folks about supporting this specific initiative for the cloud not to mention the hundreds that are supporting the applications that Ginny May runs to do its day-to-day business. So Jeremy, if you wouldn't mind talking about that day-to-day business that Ginny May has and kind of what the mission statement of Ginny May is and how us enabling these workspaces facilitates that mission. Sure, so part of the overall mission of Ginny May is to ensure affordable housing is made available to the American public. That's a HUD and Ginny May as part of that. And we provide mortgage backed securities to help enable that. So we back a lot of VA loans, FHA, those sort of loans. Workspaces has been great in that manner from a technology perspective I think because as you mentioned, Josh, it's really eliminated the need for on-premise infrastructure, right? We can be geographically dispersed, we can be mobile, whether we're from the east coast or west coast, we can access our environment securely. And then we can administer and operate and maintain the technology that the business needs to fulfill the mission. And because we're able to do that quickly and securely and effectively, that's really helpful for the business. Terrific. And I'd like to shift gears a bit and discuss what you're looking ahead toward. What is your vision for 2021? How do you see this partnership evolving? Yeah, that's great. You take that one first. Sure, yeah, definitely some of the things we look forward to in 2021 and as we evolve here as we continue our cloud journey, through practices like DevSecOps, you realize that that journey is never done. It's always a continual improvement process. It's a loop to continually work towards. A few specific things or at least one specific thing that we're looking forward to in the future, as Josh mentioned earlier, was our TIC 3.0 initiative. So with that, we think we'll be future-proofed as there's been a lot of recent cybersecurity activity and things like that that's going to create opportunities, I think, for the government. And Ginny Mae's really looking forward to leading in that area. And Josh, can you weigh in quickly on that? Absolutely. First and foremost, we're very much looking forward to receiving authority to operate. With our production environment, we have been preparing for that for this last year plus. But later on this summer, we will achieve that ATO status. And we look forward to starting to migrate the applications into production for Ginny Mae. And then for future-proof, it's, as Jerry mentioned, it's a journey. And we're looking forward to cloud optimizing all of their applications to ensure that they're spending the right money in the right places and ensuring that they're not spending over on any of the one given areas. So we're very excited to optimize and then see what the technology that we're being able to provide to them will bring to them from an idea and a conceptual future for Ginny Mae. Well, thank you both so very much for your insights. It's been a really fantastic interview. Our guest, Josh Dursmith, as well as Jeremy Gates, really appreciate it. Thank you very much. Thank you so much. Terrific. Well, I'm your host for theCUBE, Natalie Orlick. Do stay tuned for more coverage. Thanks so much for watching.