The Department of Energy Organization Act of 1977 established the U.S. Energy Information Administration (EIA) as the primary federal government authority on energy statistics and analysis. EIA collects, analyzes, and disseminates independent and impartial energy information to promote sound policymaking, efficient markets, and public understanding of energy and its interaction with the economy and the environment. EIA is the nation’s premier source of energy information and, by law, its data, analyses, and forecasts are independent of approval by any other officer or employee of the U.S. government.
EIA conducts a comprehensive data collection program that covers the full spectrum of energy sources, end uses, and energy flows. EIA also prepares informative energy analyses, monthly short-term forecasts of energy market trends, and long-term U.S. and international energy outlooks. EIA disseminates its data, analyses, and other products primarily through its website, EIA.gov.
In support of its mission, EIA issues a number of survey forms to collect energy data across a number of sectors, markets and energy production markets. Traditionally the survey forms have been issued manually, or require labor-intensive methods for collecting, analyzing and disseminating results. In support of the Digital Government Strategy, Building a 21st Century Platform to Better Serve the American People, and continued leadership in Open Data initiatives, EIA seeks to establish a digital survey solution, including architecture and platforms deployment, leveraging cloud computing capabilities for the Department. Building on the success of a previous proof of concept, EIA required consulting and integration services to ensure Development, User Acceptance Test (UAT), and Production environments were deployed to meet the operational, performance and security standards of the Department.
The EIA proof of concept was originally implemented in a non-FedRAMP certified environment and the application was subsequently shutdown by the EIA Office of Information Technology (OIT) for security reasons. EIA contracted with ActioNet on October 15, 2014 to conduct an evaluation of FedRAMP certified Cloud Service Providers (CSP) and re-establish the application environment. The scope of work that ActioNet provides EIA is divided into four functional activities: Assessment, Architecture, Acquisition, and Accreditation. The overall EIA Cloud Services Work Order is performed in two work projects; 1) a Provisioning Work Project and 2) a Sustainment and Support Work Project. The Provisioning Work Project established an Amazon Web Service (AWS) infrastructure and production environment for the EIA Transform System to include infrastructure platform services and initiation of accreditation activities.
ActioNet assisted EIA in selecting AWS as the CSP and re-established the Transform System production environment in two weeks. The production environment infrastructure consists of two Active Directory servers, four application tier servers, four SQL Servers, and a Bastion server. ActioNet provides infrastructure support for backups, patching, monitoring, and is currently configuring the User Acceptance Test (UAT) and development environments. ActioNet also provided assistance in developing the FedRAMP Authority to Operate (ATO) documentation for the AWS and SalesForce infrastructure components.
For DOE EIA, ActioNet was engaged to migrate the EIA mission-critical Transform Survey System to a FedRAMP certified cloud infrastructure. ActioNet assisted EIA in evaluating FedRAMP certified Cloud Service Providers (CSP) and selecting Amazon Web Services (AWS) as the CSP. ActioNet set up the provisioning and orchestration services for compute, storage, and security for the Transform System production environment in two weeks and then implemented the User Acceptance Test (UAT) and Development environments. Secure communications was established via a ‘persistent virtual circuit’ IPSec tunnel from the EIA on premise data center to the AWS cloud-based infrastructure. ActioNet also provided assistance in reviewing AWS and SaleForce POAM for vulnerability mitigation and developed the FedRAMP Authority to Operate (ATO) documentation for both the AWS and SalesForce infrastructure components. ActioNet conducted an assessment of security vulnerability scanning tools and implemented security scanning and assessment using Tangible’s Nessus Professional. We continue to support and provide these cloud services, having partnered with EIA and AWS in delivering a forward-leaning infrastructure solution.