For U.S. government agencies investing in digital transformation, cloud service providers (CSPs) play a pivotal role in integrating top-line security defenses to safeguard sensitive data. Site Reliability—a discipline developed to monitor and maintain highly reliable, efficient, and scalable environments—is integral to Salesforce Government Cloud’s approach to upholding trust for the mission-critical organizations that need it most.
Building a robust Site Reliability framework that integrates automation and proactive risk management is key for addressing the challenges of protecting sensitive government information. In this blog, we’ll outline Government Site Reliability best practices that can help strengthen the security, performance, and availability of critical operations in a high-stakes environment.
Three core pillars of Site Reliability
Government Cloud Site Reliability (GovSR) is characterized by three main functions: Observability, Incident Response, and System Performance (including the critical triage and diagnostic function). Each of these functions is unique to GovSR and they work together to address and mitigate customer impact.
Observability
The team responsible for Observability ensures proper metrics and data points are accessible to engineers who need to make data-driven decisions. Observability gives insights into how to troubleshoot issues and gauge the system’s overall performance. Monitoring systems ingest metrics, teams configure alerts, and dashboards visualize these metrics. This approach establishes a robust foundation for teams to triage incidents.
Incident Response
Multi-tenant architecture—where a single software stack supports multiple, independent customer agencies and organizations—provides distinct advantages for users. These benefits include improved user experience, cost savings, and operational efficiency. However, there can be scenarios where customer activity can disrupt a pod’s overall health in the data center. This is where Incident Response steps in, collaborating directly with support teams to understand the problem and take preventative measures.
System Performance
When cloud environments run smoothly and applications respond quickly, systems perform at their highest level of efficiency. The System Performance team specializes in surveying and applying hardware techniques, like planned site switches, to adapt to varying degrees of service disruption. This enables transition of the active site for maintenance purposes. The team also leads triage and post-incident investigations to identify infrastructure issues, aiming to enhance system performance and resilience.
What is the Incident Management System?
Observability, Incident Response, and System Performance are integral components that tie together to effectively handle security incidents. When reduced system performance is detected, the Incident Response team receives the alert and gets to work.
The team invokes the Incident Management System (IMS), a framework that helps capture the right data while working on incident resolution. This helps restore the infrastructure to a normal state and increases the Site Reliability team’s ability to meet all Service-Level Agreements (SLAs) or performance guarantees. The framework is used to ensure roles and responsibilities are consistent as they pertain to incident management.
How to create an Incident Management System
The foundation of the IMS is to create an incident record and bridge–a problem-solving session that unites subject matter experts (SMEs) to coordinate an Incident Response strategy. Here, the team facilitates the conversation to better understand the situation, much like a fire captain responds to a scene. When a fire starts, the team needs to gather the right resources to form a plan to extinguish the flames. Here are the steps to take.
Step 1: Investigate and diagnose impact
The System Performance function is first to perform initial triage and diagnosis by leveraging Observability metrics and resources. Based on their recommendation, Incident Response determines the best path forward to clear customers from impact. This may include encouraging a site switch or a rolling restart of a group of servers. Sometimes, the incident may be more complex—such as caused by a third party—but no matter the incident’s severity, the main priority is to restore the infrastructure’s health within thirty minutes or less.
Step 2: Communicate and inform stakeholders
When firefighters respond to a call, they use radios to communicate with both their team and other emergency personnel about the situation. Similarly, Incident Response broadcasts communications to keep internal stakeholders informed during an incident. Doing so helps keep leaders and engineers aware of the situation, some of whom may also be stakeholders on the incident bridge.
GovSR can’t solve all issues on its own. Rather, it serves as the gatekeeper of communication and compliance to ensure the requirements to isolate the incident are documented and preserved.
Step 3: Analyze and resolve the incident
While restoring a system as quickly as possible during a live incident remains a priority, it’s also important to understand the incident’s catalyst. The GovSR function collaborates on the post-incident analysis, which involves driving a root cause analysis to understand what happened and why. To ensure processes operate at the highest level, the function evaluates internal metrics and observations to identify strengths, address shortcomings, and produce corrective action reports to close any gaps. These analyses are integral to the continuous improvement of services and response.
Secure Site Reliability for Government
GovSR involves many moving parts to mitigate incidents. With mission-critical operations on the line, a multi-pronged approach is designed to integrate the highest level of security and availability every step of the way.
By leveraging Observability, Incident Response, and System Performance, the Incident Management System framework can be used to ensure timely and effective security incident management while also improving Site Reliability.
Learn more:
- Read about Salesforce’s Security Best Practices and commitment to security for all customers.
- Want to read more Government Cloud stories? Check out this blog to see how Government Cloud helps the public sector achieve compliance and high levels of performance.