Reducing delivery times and hosting costs, whilst increasing developer productivity in a highly secure environment

Appvia provides the UK Home Office with a centralised, cloud-native developer platform.

40 %

Hosting cost reduction

1 day

Developer onboarding time

50 : 1

Devs : DevOps ratio
Solution
Landing Zone
Cloud provider
Multi-Cloud
Location
London
Team size
700 developers
NCSC-aligned security standardisation
40+ projects

Challenge

The UK Home Office was undergoing a digital transformation journey in line with the Government Digital Services Framework along with other Departments back in 2013. When the transformation began, each project was treated as an autonomous multidisciplinary delivery team. This had huge benefits in terms of removing bottlenecks, improving processes, adopting Agile ways of working and general product mindset. However, it also allowed for technology isolation, duplication of effort and a lack of shared tooling, leading to teams delivering their own sets of tools, services and infrastructure to support their SDLC. This led to inconsistencies between development teams and high resource costs as each team required Cloud and DevOps specialists to be embedded in the team.
 As each team had their own sets of tools and processes the developer onboarding time organisationally was high as well as the time to deploy into production environments. The duplication of infrastructure led to increased costs and operational overheads on maintaining a consistent security posture as they scaled. The Home Office recognised the need for a central platform that could support multiple projects and standardise on a way of delivering quickly, efficiently and at a reduced cost.

How Appvia helped

Appvia collaborated with multiple project teams, especially Developers to create an internal cloud-native developer platform, built on AWS, so that they could deploy and manage applications easily, without extensive knowledge of the Cloud or Kubernetes.

The Platform solely focused on containers as the application packaging technology, that was Docker as well as Kubernetes as the orchestration engine to allow for scalable and repeatable deployments across environments.

Containers added benefits for future portability to enable a Multi-Cloud strategy and create a standard way for Developers to deliver applications across the organisation. 
There was also additional integrated tooling that was made up of:

A CI/CD solution that had a principle of ‘Pipeline-as-code

Make sure pipelines were transparent to team members and also part of the code review process and an audit of the software lifecycle.

Short-lived, just-in-time access and automation to environments

So that teams were able to deploy and troubleshoot applications without the need to request permissions each time.

Templated cloud resources

To support applications that had Cloud dependencies.

Visualisation of Cloud costs

For teams to keep track of how much they were spending.

Infrastructure isolation and security tooling

To isolate workloads to specific machines and have inspection, detection and prevention of workload behaviours to prevent malicious attacks.

Data isolation and strict policy governance

To reduce data risks and prevent breaches.

Logging and monitoring solutions with indexed logs and dashboards ready

For teams to shape inline with their application needs.

Service

Monthly training was provided to keep teams aligned to Platform changes and ways of working. Once teams were onboarded, Appvia provided continuous up-skilling where required as well as professional services for more complex applications or complex migrations and integration needs.

Support

Appvia’s highly skilled team of engineers provided 24/7 support processes, tooling and auditing to business-critical services across several projects until, ultimately, client teams took full ownership and control of the platform.

Appvia have shown a drive to not just innovate within the service they provide but provide guidance and assistance to other parts of the organisation to promote both product and agile delivery.

Matt Philpot

Home Office | Director, Enterprise Technology

The Outcome

Platform Engineering provides organisations with ever increasing benefits, specifically around DevOps DORA metrics and enabling business to focus more on business logic rather than operational and non-functional requirements around applications. By driving consistency and standardisation on how project teams were delivering their applications across the Cloud, there were several key improvements made to the 700 Developers and 40+ projects using the Platform, these were:

Reduced delivery time

On average, project delivery time dramatically decreased from eight months to as little as two weeks.

Minimised hosting costs

On average, the shift to central hosting reduced costs by 40% across all projects. Predominantly through the aggregation of shared services, spot instances and scheduling workload downtimes, outside of necessary operating hours.

Operational efficiency through reduced DevOps resources

Adhering to the DevOps principle of ‘you build it, you run it’, Developers were able to be onboarded and empowered to deploy applications quickly. The ability to self-serve across projects is a huge time saver, allowing for a 50:1 Developer to DevOps ratio.

Improved security posture

NCSC cloud security principles were embedded in the platform enabling secure-by-default principles across all environments and application deployments.

Increased developer onboarding

The developer onboarding speed was reduced to 24 hours from several weeks.

Summary

The adoption of platform engineering principles enabled a consistent, standardised approach to cloud delivery that not only increased the overall delivery speed but allowed for a smooth onboarding process for developers.

By engineering centrally, the security assurance could be managed in a consistent way that underpinned multiple services and provided an instant uplift to all applications hosted in the platform as well as the data surrounding them. This allowed for repeatable patterns and architectural standards to be adopted with ease enabling teams to focus on delivering business value to their end users quickly, without the overheads of building the supporting infrastructure, tooling, processes, security standards and deployment patterns.

The benefits were operational efficiencies across over 40 projects as well as cloud cost management and reduction through the optimisation of cloud infrastructure, right-sizing, scalability and methods for downscaling environments out of hours.