
Modernizing legacy systems while ensuring strict compliance and security is essential in today's fast-paced governmental landscape. In just six months, ASSYST delivered a federal agency's next-generation Personnel and Facility Access Tracking System by leveraging the Microsoft Power Platform and hosted within the Microsoft Government Community Cloud (GCC).
The result? Enhanced real-time collaboration across agencies, streamlined case management, Privacy Act System of Record, and improved data security and compliance.
The Challenge: A Legacy System with Modern Collaboration Needs
The agency managed foreign personnel and facility access across multiple locations using a 20-year-old outdated, siloed legacy system that couldn't efficiently support modern, cross-agency collaboration. They required the rapid development of a solution capable of:
- Automating Manual Processes: Access requests were manual, leading to bottlenecks.
- Cross-Agency Data Exchange: Fragmented systems hampered secure data exchange and slowed operations servicing 75 disparate client sites and other Federal law enforcement, intelligence, and counterintelligence agencies.
- Data Confidentiality and Availability: In compliance with the customer's records policies, the Federal Records Act, and policies associated with safeguarding records covered by the Privacy Act, migrating and validating historical, current, descriptive, and reference data was essential to supporting the customer mission.
- Reporting: Detailed, complete, and accurate reporting is critical to providing insight data in response to congressional requests, the Senate Select Committee on Intelligence, and the Counterintelligence communities.
- Single Sign-On: User identity and access rights will be authenticated with multi-factor authentication integrated with the customer's Enterprise Identity and Access Management (IAM) solution.
- Strict Compliance and Security: Given the sensitive nature of the data and high government standards, NIST 800-53, FedRAMP, OMB M-21-31 High Value Asset (HVA) System Advanced Event Logging (EL3), and Section 508 compliance were critical.

The Solution: A Low-Code Approach with Seamless Integration
To solve these challenges, ASSYST implemented an integrated solution using Microsoft Power Platform—a suite of low-code tools—including Power Apps, Power Automate, and SharePoint Online. These tools worked alongside Azure DevOps for a continuous integration/continuous delivery (CI/CD) pipeline, allowing the system to be fully developed, tested, and deployed in just six months.
- Agile, Shift-Left Methodology: Our shift-left Agile sprint methodology allowed us to accelerate defect detection and continuously integrate improvements throughout the development cycle.
- Backend API Development and Optimization: Extensive backend API development supported complex workflows across multiple facilities, with optimized data upload and download management to handle high data volumes. These APIs facilitated seamless communication between external site-specific systems and the new platform, enabling real-time access control and information sharing. An interface was also developed to access historical data from the previous legacy systems.
- Agency Identity Management Integration: Our team enhances the solutions by integrating a secure agency Enterprise Identity and Access Management (IAM) solution through Azure Active Directory (Azure AD). This will enable Role-Based Access Control (RBAC) and solution access using an agency-issued Personal Identity Verification (PIV) single sign-on with multi-factor authentication, ensuring that only authorized users can access the system and manage sensitive data. The solution will allow for automated provisioning, de-provisioning, and managing user identities across agencies, improving operational security. I
Key Technical Features: From Automation to Collaboration
ASSYST's solution was more than a system update; it was a technical overhaul that optimized the agency's handling of personnel and facility access.
- Power Apps for User Interface: Using a modular approach, we developed custom next-generation user interfaces (UI) in Power Apps to support different user roles (e.g., facility managers, personnel security, office of counterintelligence, and intelligence investigation officers), ensuring intuitive case management, enhanced user experience (UX), and real-time facilities access request updates.
- Automated Workflows with Power Automate: Using Power Automate, access requests were routed and approved in real time. Automated notifications and escalations ensured that approvals occurred without delays, minimizing bottlenecks.
- Secure Data Exchange and Inter-Agency Collaboration: The system enabled real-time collaboration across multiple facilities and agencies using Office 365 and SharePoint Online, breaking down data silos and ensuring secure data exchange. Azure AD will be integrated with the Enterprise IAM solution, providing identity management remains secure across all users.
- Reporting: Facility managers, personnel security, and investigation officers use reporting and personalized dashboards to gain actionable insights into personnel access patterns, trends, and anomalies. This reporting provides visibility into which personnel accessed specific facilities, improving operational efficiency, congressional reporting, intelligence, counterintelligence, and personnel security response.

Testing Center of Excellence
Quality and security are core to our delivery, so the system underwent rigorous testing using ASSYST's Testing Center of Excellence (TACoE), which provided a comprehensive testing suite that included:
- End-to-End Integration Testing: We ensured that the new platform was fully integrated with existing systems such as Office 365, SharePoint Online, and legacy databases.
- Performance and Load Testing: Verified the system's ability to handle large-scale data uploads/downloads and high access request volumes across multiple agencies and facilities.
- Interoperability and Compatibility Testing: Confirmed that the platform worked across different devices, browsers, and environments, facilitating seamless cross-agency usage.
- Section 508 Compliance Testing: Ensured the system was fully accessible to all users, including those with disabilities, meeting government accessibility requirements.
- Automated Testing: Accelerated testing cycles using automated test scripts, ensuring continuous quality through the CI/CD pipeline.
Value: Key Technical Outcomes
ASSYST's implementation of this low-code solution delivered significant technical and operational benefits:
- Automated Access Control: The automated workflows reduced manual intervention and improved operational efficiency, reducing access request approval times by 70%.
- Seamless Multi-Agency Data Exchange: Real-time data sharing and collaboration capabilities improved security and response times across agencies and facilities.
- Real-Time Insights and Monitoring: Reporting and dashboards provided critical data to investigative officers and leadership, enabling informed decision-making and quick responses to security anomalies.
- Scalable and Compliant: The platform was built to scale as the agency expanded, maintaining full GCC compliance and meeting strict federal security and privacy standards.
Impact: Driving Innovation with Low-Code Solutions
ASSYST's deployment of this low-code solution on Microsoft Power Platform showcases how leveraging automation, secure identity management, and backend API optimization can modernize government agency operations. Our shift-left Agile methodology, Azure AD integration, and TACoE testing framework delivered a scalable, secure, and compliant system that enables real-time inter-agency collaboration and enhanced facility access management.

ASSYST's Microsoft Azure Practice
As a Microsoft Certified Partner for over 20 years, ASSYST was an early adopter of Microsoft technologies such as .Net, SharePoint, Dynamics CRM, Microsoft 365, Office 365, Army 365, SQL Server, and the Power Platform. Since 2003, we have rolled out SharePoint solutions to customers in several sectors, including defense, federal / state / local government agencies, multilateral institutions, non-profit organizations, and healthcare establishments. ASSYST's industry-recognized development practice covers the full spectrum of SharePoint, O365/M365/A365, Microsoft Power Platform, and Microsoft Azure, which enables us to rapidly develop enterprise solutions compatible with any architecture, regardless of a public, private, or hybrid infrastructure. Our tailored approach allows us to build customer solutions with future compatibility and scalability in mind. Our development team has deep expertise in creating custom applications utilizing Microsoft's Power Fx low-code programming language for expressing logic and .NET solutions across the Power Platform that may reside outside a SharePoint or O365 platform or interact with it to meet a specific business requirement. We deploy scalable, innovative solutions using Azure Cognitive Services for AI capabilities, Azure Machine Learning (Azure ML) for advanced model building and deployment, and Azure Kubernetes Service (AKS) for container management and scaling. Our expertise extends to Fabric, which integrates and manages data seamlessly across various environments, enhancing data governance and enabling advanced analytics. We also utilize Azure Purview for comprehensive data governance, Databricks for big data processing, Azure OpenAI for cutting-edge AI applications, and Azure Sentinel for intelligent security monitoring. ASSYST is a prime vendor for several large task orders, providing extensive cloud transformation, systems modernization, and solution enhancements to customer collaboration, knowledge management, and customer relationship management (CRM) platforms.