SlideShare a Scribd company logo

Inside the Walled Garden - Drupal in the Federal Enterprise

Download as PPTX, PDF
Blackstone Technology Group | Federal
Blackstone Technology Group | Federal

Drupal is hot in government and everyone wants to play. While the Drupal project is fast-moving and community-driven, large government agencies are generally not. For Drupal to be successful in these environments, it's necessary to understand the perspectives and expectations of various government stakeholders including: Information Security Privacy Accessible Technologies Enterprise Architecture Quality Assurance Procurement and others... This presentation will provide an overview of the challenges and opportunities around managing Drupal inside the government enterprise, including behind the scenes experiences from our work with the Federal government. You'll come away with a better understanding of what it takes to leverage Drupal inside a large agency while staying compliant and keeping stakeholders happy.

Technology
1 of 18
Inside the Walled GardenDrupal in the Federal Enterprise CapitalCamp DC 2011 Presented by Dan Katz 7/24/2011 Blackstone Technology Group Proprietary and Confidential
Introductions 7/24/2011 Blackstone Technology Group Proprietary and Confidential Dan Katz dkatz@bstonetech.com Blackstone Technology Group 6 years working with Drupal 3 years working with Drupal inside Big Organizations Currently at Office of CIO in large Federal agency
3 “If you wait to do everything until you’re sure it’s right, you’ll probably never do much of anything” – Win Borden
Disclaimer The content of this presentation is solely the thoughts and opinions of the speaker. I am not an employee of, nor do I represent the US Federal Government or the Department of Homeland Security.
Agenda 7/24/2011 Blackstone Technology Group Proprietary and Confidential Who does Drupal impact inside an agency? What are their perspectives and expectations? Perceived Risks Technology Flow Model of Open Source in Gov Some Tips and Gotchas Opportunities
Wow we can download anything we want! Does it fit within our Enterprise Arch? What are the security controls? …and share our work with the world! It better be 508 compliant. Goal – Balance & Perspective
7/24/2011 Blackstone Technology Group Proprietary and Confidential 7 Will it get meappointed? What is this going to cost over time?
A Challenge and Opportunity “There is a fundamental dichotomy between what Drupal is in essence and what the government needs. The government needs a 70% solution – the ability to solve a problem. Drupal is a free form landscape, not tailored. It’s a toolset that covers too much ground. The government doesn’t want a toolbox. I don’t care about tools. What I care about is solving a business problem and what it’s going to cost over time.”- Federal Executive
7/24/2011 Blackstone Technology Group Proprietary and Confidential 9 “My goal is basically to keep you developers out of a jumpsuit.” – an ISM I know
Code Intake Gov Contributions Procurement Contracts Internet and Open Source Community Contractors and Vendor Community Accessibility SELC/QA Security Privacy
Perceived Risks Open Source FUD Immature CM/ALM Immature enterprise level vendor landscape Limited to MySQL database Lack of governance for community contributions Limited clustering support within Drupal itself Rapidly evolving technology requires engagement in community to stay current – a “DIY” culture Documentation, training and developer information requires network access to blogs, twitter, youtube, etc… Another technology stack End users not comfortable with non-Microsoft like web interfaces 11
Security & Privacy FISMA Controls Controls flow up the stack Don’t assume it’s all data center Think of Drupal as providing services – not an app Drupal access controls – 800.53 mapping DrupalGotchas Plain text password settings file Editing permissions for “anonymous users” Views – admin power and permissions PHP input filter
Procurement & Contracts FUD around open source Pre-defined product/vehicle “shrink-wrapped” Federal acquisition regulation (FAR) Open competes without SME’s in procurement Subs to subs to subs O&M, documentation needs Supply and Demand problems
Compliance – 508 Myths “Drupal” is 508 compliant out of the box Only the “front-end” needs to be 508 compliant Accessibility is regulated the same way across all the Federal agencies DrupalGotchas Core forms – title attributes on form elements Alt text on images Tables – scopes Community – get involved
Compliance – EA/SELC 7/24/2011 Blackstone Technology Group Proprietary and Confidential Documentation Change Control More Drupal Culture Conflicts
Opportunities Drupal distributions Unified processes and communities around Drupal/OSS in gov Maturing vendor landscape Training and bringing more Drupal knowledge “in house” to the government
In Summary 7/24/2011 Blackstone Technology Group Proprietary and Confidential 17 Technology moves faster than government Drupal is a catalyst Maturity doesn’t mean moving backwards Vendor and Open Source Communities can help
Questions Thank you! Feel free to contact me with your questions: Dan Katzdkatz@bstonetech.com

Recommended

Blockchain Programming Skills For New Developers
Blockchain Programming Skills For New DevelopersBlockchain Programming Skills For New Developers
Blockchain Programming Skills For New DevelopersBlockchain Council
 
Solving Real Problems Using Linked Data
Solving Real Problems Using Linked DataSolving Real Problems Using Linked Data
Solving Real Problems Using Linked DataKingsley Uyi Idehen
 
2016 02-04-gingell-iot
2016 02-04-gingell-iot2016 02-04-gingell-iot
2016 02-04-gingell-iotgingell
 
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?Ipro Tech
 
Update on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumUpdate on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumCASCouncil
 
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu
 
InfraGard Webinar October 2015 102815
InfraGard Webinar October 2015 102815InfraGard Webinar October 2015 102815
InfraGard Webinar October 2015 102815Richard Emrich
 
Are You Being Anti-Social
Are You Being Anti-SocialAre You Being Anti-Social
Are You Being Anti-SocialNetIQ
 

Recommended

Blockchain Programming Skills For New Developers
Blockchain Programming Skills For New DevelopersBlockchain Programming Skills For New Developers
Blockchain Programming Skills For New DevelopersBlockchain Council
 
Solving Real Problems Using Linked Data
Solving Real Problems Using Linked DataSolving Real Problems Using Linked Data
Solving Real Problems Using Linked DataKingsley Uyi Idehen
 
2016 02-04-gingell-iot
2016 02-04-gingell-iot2016 02-04-gingell-iot
2016 02-04-gingell-iotgingell
 
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?Life of a GB: Where Is My Data Going and How Can I Get It There Faster?
Life of a GB: Where Is My Data Going and How Can I Get It There Faster?Ipro Tech
 
Update on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumUpdate on the Work of the CA / Browser Forum
Update on the Work of the CA / Browser ForumCASCouncil
 
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...
Gluu founder and ceo, mike schwartz, to host open id connect 1.0 session at r...Gluu
 
InfraGard Webinar October 2015 102815
InfraGard Webinar October 2015 102815InfraGard Webinar October 2015 102815
InfraGard Webinar October 2015 102815Richard Emrich
 
Are You Being Anti-Social
Are You Being Anti-SocialAre You Being Anti-Social
Are You Being Anti-SocialNetIQ
 
Identity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptIdentity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptmamathajagarlamudi2
 
Social Enterprise: Trust; Vision; Revolution
Social Enterprise: Trust; Vision; RevolutionSocial Enterprise: Trust; Vision; Revolution
Social Enterprise: Trust; Vision; RevolutionPeter Coffee
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementGluu
 
Making Product Defensible with Scale by Quora Product Lead
Making Product Defensible with Scale by Quora Product LeadMaking Product Defensible with Scale by Quora Product Lead
Making Product Defensible with Scale by Quora Product LeadProduct School
 
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...Franco Ferrario
 
IP&A109 Next-Generation Analytics Architecture for the Year 2020
IP&A109 Next-Generation Analytics Architecture for the Year 2020IP&A109 Next-Generation Analytics Architecture for the Year 2020
IP&A109 Next-Generation Analytics Architecture for the Year 2020Anjan Roy, PMP
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
Knowledge Management and the Evolution of the Workplace
Knowledge Management and the Evolution of the WorkplaceKnowledge Management and the Evolution of the Workplace
Knowledge Management and the Evolution of the WorkplaceSilicon Halton
 
Mamba Media - Decoding Digital Language
Mamba Media - Decoding Digital LanguageMamba Media - Decoding Digital Language
Mamba Media - Decoding Digital LanguageMamba Media
 
MambaMedia-decoding-digital
MambaMedia-decoding-digitalMambaMedia-decoding-digital
MambaMedia-decoding-digitalRobin Cormack
 
Securing Oracle Database 12c
Securing Oracle Database 12cSecuring Oracle Database 12c
Securing Oracle Database 12cInprise Group
 
Towards a Trustmark for IoT (May 2018)
Towards a Trustmark for IoT (May 2018)Towards a Trustmark for IoT (May 2018)
Towards a Trustmark for IoT (May 2018)Peter Bihr
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?CA Technologies
 
Semantic Code Camp Presentation
Semantic Code Camp PresentationSemantic Code Camp Presentation
Semantic Code Camp Presentationdaniela barbosa
 
Lessons in Information Governance
Lessons in Information GovernanceLessons in Information Governance
Lessons in Information GovernanceJohn Newton
 
Big Data Startups - Top Visualization and Data Analytics Startups
Big Data Startups - Top Visualization and Data Analytics StartupsBig Data Startups - Top Visualization and Data Analytics Startups
Big Data Startups - Top Visualization and Data Analytics Startupswallesplace
 
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...University of Technology, Sydney
 
Moving enterprise IT to the cloud
Moving enterprise IT to the cloudMoving enterprise IT to the cloud
Moving enterprise IT to the cloudJan Wiersma
 
Embedding Security in IT Projects
Embedding Security in IT ProjectsEmbedding Security in IT Projects
Embedding Security in IT ProjectsKaali Dass PMP, PhD.
 
Going to the SP2013 Cloud - what does a business need to make it successful?
Going to the SP2013 Cloud - what does a business need to make it successful?Going to the SP2013 Cloud - what does a business need to make it successful?
Going to the SP2013 Cloud - what does a business need to make it successful?Matt Groves
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

More Related Content

Similar to Inside the Walled Garden - Drupal in the Federal Enterprise

Identity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptIdentity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptmamathajagarlamudi2
 
Social Enterprise: Trust; Vision; Revolution
Social Enterprise: Trust; Vision; RevolutionSocial Enterprise: Trust; Vision; Revolution
Social Enterprise: Trust; Vision; RevolutionPeter Coffee
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementGluu
 
Making Product Defensible with Scale by Quora Product Lead
Making Product Defensible with Scale by Quora Product LeadMaking Product Defensible with Scale by Quora Product Lead
Making Product Defensible with Scale by Quora Product LeadProduct School
 
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...Franco Ferrario
 
IP&A109 Next-Generation Analytics Architecture for the Year 2020
IP&A109 Next-Generation Analytics Architecture for the Year 2020IP&A109 Next-Generation Analytics Architecture for the Year 2020
IP&A109 Next-Generation Analytics Architecture for the Year 2020Anjan Roy, PMP
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
Knowledge Management and the Evolution of the Workplace
Knowledge Management and the Evolution of the WorkplaceKnowledge Management and the Evolution of the Workplace
Knowledge Management and the Evolution of the WorkplaceSilicon Halton
 
Mamba Media - Decoding Digital Language
Mamba Media - Decoding Digital LanguageMamba Media - Decoding Digital Language
Mamba Media - Decoding Digital LanguageMamba Media
 
MambaMedia-decoding-digital
MambaMedia-decoding-digitalMambaMedia-decoding-digital
MambaMedia-decoding-digitalRobin Cormack
 
Securing Oracle Database 12c
Securing Oracle Database 12cSecuring Oracle Database 12c
Securing Oracle Database 12cInprise Group
 
Towards a Trustmark for IoT (May 2018)
Towards a Trustmark for IoT (May 2018)Towards a Trustmark for IoT (May 2018)
Towards a Trustmark for IoT (May 2018)Peter Bihr
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?CA Technologies
 
Semantic Code Camp Presentation
Semantic Code Camp PresentationSemantic Code Camp Presentation
Semantic Code Camp Presentationdaniela barbosa
 
Lessons in Information Governance
Lessons in Information GovernanceLessons in Information Governance
Lessons in Information GovernanceJohn Newton
 
Big Data Startups - Top Visualization and Data Analytics Startups
Big Data Startups - Top Visualization and Data Analytics StartupsBig Data Startups - Top Visualization and Data Analytics Startups
Big Data Startups - Top Visualization and Data Analytics Startupswallesplace
 
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...University of Technology, Sydney
 
Moving enterprise IT to the cloud
Moving enterprise IT to the cloudMoving enterprise IT to the cloud
Moving enterprise IT to the cloudJan Wiersma
 
Going to the SP2013 Cloud - what does a business need to make it successful?
Going to the SP2013 Cloud - what does a business need to make it successful?Going to the SP2013 Cloud - what does a business need to make it successful?
Going to the SP2013 Cloud - what does a business need to make it successful?Matt Groves
 

Similar to Inside the Walled Garden - Drupal in the Federal Enterprise (20)

Identity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.pptIdentity_and_Access_Management_Overview.ppt
Identity_and_Access_Management_Overview.ppt
 
Social Enterprise: Trust; Vision; Revolution
Social Enterprise: Trust; Vision; RevolutionSocial Enterprise: Trust; Vision; Revolution
Social Enterprise: Trust; Vision; Revolution
 
Packt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access managementPackt publishing book proposal api and mobile access management
Packt publishing book proposal api and mobile access management
 
Making Product Defensible with Scale by Quora Product Lead
Making Product Defensible with Scale by Quora Product LeadMaking Product Defensible with Scale by Quora Product Lead
Making Product Defensible with Scale by Quora Product Lead
 
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...
The Dbriefs Technology Executive series presents: The Postdigital Enterprise:...
 
IP&A109 Next-Generation Analytics Architecture for the Year 2020
IP&A109 Next-Generation Analytics Architecture for the Year 2020IP&A109 Next-Generation Analytics Architecture for the Year 2020
IP&A109 Next-Generation Analytics Architecture for the Year 2020
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
 
Knowledge Management and the Evolution of the Workplace
Knowledge Management and the Evolution of the WorkplaceKnowledge Management and the Evolution of the Workplace
Knowledge Management and the Evolution of the Workplace
 
Mamba Media - Decoding Digital Language
Mamba Media - Decoding Digital LanguageMamba Media - Decoding Digital Language
Mamba Media - Decoding Digital Language
 
MambaMedia-decoding-digital
MambaMedia-decoding-digitalMambaMedia-decoding-digital
MambaMedia-decoding-digital
 
Securing Oracle Database 12c
Securing Oracle Database 12cSecuring Oracle Database 12c
Securing Oracle Database 12c
 
Towards a Trustmark for IoT (May 2018)
Towards a Trustmark for IoT (May 2018)Towards a Trustmark for IoT (May 2018)
Towards a Trustmark for IoT (May 2018)
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
 
Semantic Code Camp Presentation
Semantic Code Camp PresentationSemantic Code Camp Presentation
Semantic Code Camp Presentation
 
Lessons in Information Governance
Lessons in Information GovernanceLessons in Information Governance
Lessons in Information Governance
 
Big Data Startups - Top Visualization and Data Analytics Startups
Big Data Startups - Top Visualization and Data Analytics StartupsBig Data Startups - Top Visualization and Data Analytics Startups
Big Data Startups - Top Visualization and Data Analytics Startups
 
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
 
Moving enterprise IT to the cloud
Moving enterprise IT to the cloudMoving enterprise IT to the cloud
Moving enterprise IT to the cloud
 
Embedding Security in IT Projects
Embedding Security in IT ProjectsEmbedding Security in IT Projects
Embedding Security in IT Projects
 
Going to the SP2013 Cloud - what does a business need to make it successful?
Going to the SP2013 Cloud - what does a business need to make it successful?Going to the SP2013 Cloud - what does a business need to make it successful?
Going to the SP2013 Cloud - what does a business need to make it successful?
 

Recently uploaded

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Recently uploaded (20)

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

Inside the Walled Garden - Drupal in the Federal Enterprise

  • 1. Inside the Walled GardenDrupal in the Federal Enterprise CapitalCamp DC 2011 Presented by Dan Katz 7/24/2011 Blackstone Technology Group Proprietary and Confidential
  • 2. Introductions 7/24/2011 Blackstone Technology Group Proprietary and Confidential Dan Katz dkatz@bstonetech.com Blackstone Technology Group 6 years working with Drupal 3 years working with Drupal inside Big Organizations Currently at Office of CIO in large Federal agency
  • 3. 3 “If you wait to do everything until you’re sure it’s right, you’ll probably never do much of anything” – Win Borden
  • 4. Disclaimer The content of this presentation is solely the thoughts and opinions of the speaker. I am not an employee of, nor do I represent the US Federal Government or the Department of Homeland Security.
  • 5. Agenda 7/24/2011 Blackstone Technology Group Proprietary and Confidential Who does Drupal impact inside an agency? What are their perspectives and expectations? Perceived Risks Technology Flow Model of Open Source in Gov Some Tips and Gotchas Opportunities
  • 6. Wow we can download anything we want! Does it fit within our Enterprise Arch? What are the security controls? …and share our work with the world! It better be 508 compliant. Goal – Balance & Perspective
  • 7. 7/24/2011 Blackstone Technology Group Proprietary and Confidential 7 Will it get meappointed? What is this going to cost over time?
  • 8. A Challenge and Opportunity “There is a fundamental dichotomy between what Drupal is in essence and what the government needs. The government needs a 70% solution – the ability to solve a problem. Drupal is a free form landscape, not tailored. It’s a toolset that covers too much ground. The government doesn’t want a toolbox. I don’t care about tools. What I care about is solving a business problem and what it’s going to cost over time.”- Federal Executive
  • 9. 7/24/2011 Blackstone Technology Group Proprietary and Confidential 9 “My goal is basically to keep you developers out of a jumpsuit.” – an ISM I know
  • 10. Code Intake Gov Contributions Procurement Contracts Internet and Open Source Community Contractors and Vendor Community Accessibility SELC/QA Security Privacy
  • 11. Perceived Risks Open Source FUD Immature CM/ALM Immature enterprise level vendor landscape Limited to MySQL database Lack of governance for community contributions Limited clustering support within Drupal itself Rapidly evolving technology requires engagement in community to stay current – a “DIY” culture Documentation, training and developer information requires network access to blogs, twitter, youtube, etc… Another technology stack End users not comfortable with non-Microsoft like web interfaces 11
  • 12. Security & Privacy FISMA Controls Controls flow up the stack Don’t assume it’s all data center Think of Drupal as providing services – not an app Drupal access controls – 800.53 mapping DrupalGotchas Plain text password settings file Editing permissions for “anonymous users” Views – admin power and permissions PHP input filter
  • 13. Procurement & Contracts FUD around open source Pre-defined product/vehicle “shrink-wrapped” Federal acquisition regulation (FAR) Open competes without SME’s in procurement Subs to subs to subs O&M, documentation needs Supply and Demand problems
  • 14. Compliance – 508 Myths “Drupal” is 508 compliant out of the box Only the “front-end” needs to be 508 compliant Accessibility is regulated the same way across all the Federal agencies DrupalGotchas Core forms – title attributes on form elements Alt text on images Tables – scopes Community – get involved
  • 15. Compliance – EA/SELC 7/24/2011 Blackstone Technology Group Proprietary and Confidential Documentation Change Control More Drupal Culture Conflicts
  • 16. Opportunities Drupal distributions Unified processes and communities around Drupal/OSS in gov Maturing vendor landscape Training and bringing more Drupal knowledge “in house” to the government
  • 17. In Summary 7/24/2011 Blackstone Technology Group Proprietary and Confidential 17 Technology moves faster than government Drupal is a catalyst Maturity doesn’t mean moving backwards Vendor and Open Source Communities can help
  • 18. Questions Thank you! Feel free to contact me with your questions: Dan Katzdkatz@bstonetech.com