Page 91 - Cyber Defense eMagazine September 2022
P. 91
Government agencies varied broadly in their approaches to implementing remote work. The agencies
that focused on low-side – or unclassified – development were able to keep their missions going, and
found an increased ability to develop code on the low side much faster than they could ever before.
As remote work continues to solidify its place as the new way of working, it’s critical to create new
processes that allow developers to work remotely while still being part of the development process. Let’s
walk through how to bring low-to-high side development to life, and the tools and organizational shifts
necessary to do so.
Why Implement Low-to-High-Side Development?
Low-to-high development is critical to improving speed-to-mission, developer productivity and
experience, and most importantly, creating more innovative products, all while remaining secure by
design. Many government agencies today work across a number of classified and siloed networks, which
can make collaboration extremely challenging, and at times, nearly impossible.
As these organizations attempt to scale, each point solution tool must be configured, managed,
troubleshooted, and maintained in order to work with the other point solutions tools within that toolchain.
With each duplication, toolchains become even more complex, turning toolchain management into its
own time consuming, and cost prohibitive task. These legacy tools and processes oftentimes result in
siloed teams, poor collaboration, and increased bottlenecks – ultimately slowing delivery time and halting
results.
Adopting a consolidated, singular end-to-end software development platform can enable faster low-side
development. This approach allows developers to stay in one interface throughout the cycle and get more
work done without having to rely on disparate tools, stitched together to make a disjointed toolchain and
inefficient software development cycle. A comprehensive software development platform also enables
developers to collaborate within the solution with government leadership and program management,
keeping everyone on the same version of the truth. All of this can be accomplished within distributed
teams, without needing to be on-site.
Best Practices for Low-to-High Side Development
A typical low-to-high side environment has one team of developers, UX/UI designers, and project
managers working on the low side. They are able to build out the initial code, create issues, and
collaborate in a non-classified environment. From there, they are able to pass the work over to the
classified environment, or high side, within the same platform to finalize the work. By using a consistent
toolchain across environments, all relevant context to the code is passed over from the low side, including
artifacts, versioning, audit trails, reviews, and testing results.
Typical application segmentation leads to segmented environments that are similar, but built through
different processes. Although this works in theory, in practice it is made challenging when each
environment has the same parent organization, resulting in redundancies and inefficiencies. In these
Cyber Defense eMagazine – September 2022 Edition 91
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.