Introduction
The term 鈥渢he last mile鈥 is commonly used by communication distribution networks, such as the cable or telecom industries, as a way to describe the branching out of an underground system to reach the end users (think high-speed fiber to your home). It鈥檚 the most difficult and expensive part of the system to install, overcoming various obstacles in order for the network to interface with each user鈥檚 pre-existing equipment. It鈥檚 also known as 鈥渢he first mile鈥 from the user鈥檚 perspective, however, since it鈥檚 the first distance covered when the user鈥檚 communications are sent out to the rest of the world.
In much the same way, (TLM) is connecting incarcerated individuals with technological skills that can pave the way for their first mile back into society. Since launching America鈥檚 first coding curriculum at a prison (San Quentin) in 2014, over 400 students have graduated from TLM鈥檚 programs, and none of them (0%) have reoffended. Think about the impact of that statistic on society. Individuals that have committed a crime are working their way back to being productive members of society.
Something powerful is at work here, and it鈥檚 working very well. As TLM looks to scale nationwide, Zach Boewer, the VP of Engineering, sat down to discuss how 探花大神鈥檚 cloud-based directory is playing a crucial behind-the-scenes role in their program鈥檚 success and rapid expansion.
- Organization: The Last Mile
- Size: 11 Sites, 4 States
- Location: HQ in San Quentin, California
- Problem: National expansion, cross-OS environment (Mac/Windows), highly secure and controlled environments
- Goal: Scalable identity management, airtight endpoint security
VP of Engineering
Background
As a not-for-profit organization, The Last Mile is actively turning inmates into students with hands-on technology training. When students reach the end of their prison sentence, they re-enter society equipped with in-demand coding skills that help them to land a job in tech. Not only is this beneficial for the individual and society, these trained programmers are making a mark on their employers as well.
鈥淭here are certainly other career paths they could go down, vocational tracks like construction, or furniture building, and those are great opportunities. Coding is not for every single person,鈥 Zach explained.
“However, I think that everybody realizes the power of coding鈥攃oding embodies change. It鈥檚 a skill set that can literally change the world and how people interact with technology.”
Qualified inmates learn HTML, JavaScript, CSS, and Python 鈥 coding languages that are in-demand for developing websites and web apps. Plans are also in motion for a front-end curriculum to include web graphic design, data visualization, and even UX/UI in the near future. After a student completes the coursework, they can begin putting their newfound skills to work through TLM Works: the first web development team made of inmates. Successful students complete projects for tech companies and earn a wage while building their portfolio.
鈥淚nmates can save money so that when they go back into civilization, they have a trust fund set up to get re-established. They can send money home to support their families and they can use some inside in the commissary to buy food and personal items. But really, we get them the skillset. We help them build a portfolio and a resume, and then assist them as best we can in transition to find a job.鈥
Scaling and Security Challenges
鈥淪ince I started with The Last Mile three years ago, the program has evolved immensely, and so has our stack.鈥 Zach explained, 鈥淥riginally it was just one rack of equipment inside San Quentin with no ability to bring in external content, so it was a very challenging environment.鈥
Working within a prison meant that TLM needed to meet unique security standards.
鈥淎t the Last Mile, our security needs are different. We are ultra restrictive. Users can鈥檛 access unrestricted sites, they can鈥檛 install anything, and they can鈥檛 go browse a website.鈥 Zach explained, 鈥淪o we have to start building layers of security to prevent that from happening.鈥
TLM created a simulated online learning experience using private cloud infrastructure. With this system, incarcerated individuals are able to practice coding without needing access to the rest of the web.
“We still have some private cloud resources, some assets that we host within Google Compute for example. So we need to enable connectivity to that, while still locking down machines.”
Need for Automation
To implement their program throughout prison systems across the nation, TLM had to trade their on-prem solution at San Quentin for something scalable, secure, and automated.
鈥淲e reached a point where The Last Mile had really started to scale, and one of the major roadblocks for us to do this efficiently and securely was automation,鈥 Zach said.
“So how do we actually facilitate updates and access to our virtual machines? How do we deliver applications and extensions to make sure our students have access to the best tools to get the job done? And finally, how does all that scale?”
鈥淲e knew we couldn鈥檛 solve this just by hiring more personnel. We couldn鈥檛 afford to build out teams and teams of people internally because of the additional management challenges involved. Instead, we needed to automate.鈥
The Solution
To meet TLM鈥檚 needs, Zach turned to a tool that he had used previously at two other organizations: 探花大神 Directory-as-a-Service庐.
He explained, 鈥淚鈥檓 looking at 探花大神 as a new way to manage our environment, that will give us the ability to automate and scale out The Last Mile Works as a platform.鈥
Why doesn鈥檛 Zach use a legacy IT management solution, like Active Directory? The limitations would greatly hinder TLM鈥檚 growth, and ultimately, their ability to reach more prisons.
“Without something like 探花大神 on an iMac, this type of security and connectivity is very difficult to achieve. I would have to have more systems at play, and my ability to be nimble and roll out new sites would suffer. I don鈥檛 think we would be able to scale as quickly as we are able to with 探花大神.”
The Result
探花大神鈥檚 ability to manage and track fleets of systems with Policies and the Events API has allowed Zach to meet security demands at multiple sites from a single location.
鈥淭he fact that 探花大神 can run scripts and has built in Policies and grouping means I can build out users, control password changes, and actually have detailed information about who has access to the machine and when it was used. We can use features like MFA and single sign-on (SSO) so that we know the person signing onto that machine truly is them because they checkout a token, or a Yubikey,鈥 Zach said.
鈥溙交ù笊 and are my two cornerstones for automation, machine management, security, and software delivery.鈥
Looking Ahead
鈥淲e鈥檙e getting an onslaught of interest to expand. Currently we鈥檙e in eight sites and we鈥檙e looking at being in closer to 11 or 12 by the turn of the year,鈥 Zach said.
Companies like Slack, Fandom, and Google are taking notice of the change. They鈥檙e donating money and beginning to hire students directly.
鈥淭he students are so grateful to have this chance, and they know it鈥檚 a real opportunity. They can earn money in TLM Works and they can put money in savings. They can pay restitution and they can send money home to their families,鈥 Zach said.
鈥淲e鈥檙e educating, we鈥檙e ensuring that people can return to society in a very productive way, and have a butterfly effect that changes generational crime. People can change and actually better themselves, and we鈥檙e a cog in that wheel.鈥
As Zach continues to help The Last Mile reach more prisoners, he plans to keep choosing Directory-as-a-Service.
鈥淓ach time I have a new project, I look at 探花大神, then take a step back and look at what I need to accomplish, and there鈥檚 探花大神 again. It always ends up being a big part of what I need.
“探花大神 supports Linux, OS X, and Windows, and then you have LDAP and RADIUS covered. That is a huge chunk of the infrastructure that I need to scale a firm, and all that鈥檚 solved with this one platform.”
More Info
If you would like to learn more about how Directory-as-a-Service can act as a core directory to help your organization with scaling, user management, and much more, drop us a note at [email protected].