The Last Mile Case Study: Nationwide Success

Introduction

The term “the last mile” is commonly used by communication distribution networks, such as the cable or telecom industries, as a way to describe the branching out of an underground system to reach the end users (think high-speed fiber to your home). It’s the most difficult and expensive part of the system to install, overcoming various obstacles in order for the network to interface with each user’s pre-existing equipment. It’s also known as “the first mile” from the user’s perspective, however, since it’s the first distance covered when the user’s communications are sent out to the rest of the world.

In much the same way, The Last Mile (TLM) is connecting incarcerated individuals with technological skills that can pave the way for their first mile back into society. Since launching America’s first coding curriculum at a prison (San Quentin) in 2014, over 400 students have graduated from TLM’s programs, and none of them (0%) have reoffended. Think about the impact of that statistic on society. Individuals that have committed a crime are working their way back to being productive members of society.

Something powerful is at work here, and it’s working very well. As TLM looks to scale nationwide, Zach Boewer, the VP of Engineering, sat down to discuss how JumpCloud’s cloud-based directory is playing a crucial behind-the-scenes role in their program’s success and rapid expansion.

  • Organization: The Last Mile
  • Size: 11 Sites, 4 States
  • Location: HQ in San Quentin, California
  • Problem: National expansion, cross-OS environment (Mac/Windows), highly secure and controlled environments
  • Goal: Scalable identity management, airtight endpoint security
Zach Boewer
VP of Engineering

Background

As a not-for-profit organization, The Last Mile is actively turning inmates into students with hands-on technology training. When students reach the end of their prison sentence, they re-enter society equipped with in-demand coding skills that help them to land a job in tech. Not only is this beneficial for the individual and society, these trained programmers are making a mark on their employers as well.

“There are certainly other career paths they could go down, vocational tracks like construction, or furniture building, and those are great opportunities. Coding is not for every single person,” Zach explained.

“However, I think that everybody realizes the power of coding—coding embodies change. It’s a skill set that can literally change the world and how people interact with technology.”


Qualified inmates learn HTML, JavaScript, CSS, and Python – coding languages that are in-demand for developing websites and web apps. Plans are also in motion for a front-end curriculum to include web graphic design, data visualization, and even UX/UI in the near future. After a student completes the coursework, they can begin putting their newfound skills to work through TLM Works: the first web development team made of inmates. Successful students complete projects for tech companies and earn a wage while building their portfolio.

“Inmates can save money so that when they go back into civilization, they have a trust fund set up to get re-established. They can send money home to support their families and they can use some inside in the commissary to buy food and personal items. But really, we get them the skillset. We help them build a portfolio and a resume, and then assist them as best we can in transition to find a job.”

Identity Security

Scaling and Security Challenges

“Since I started with The Last Mile three years ago, the program has evolved immensely, and so has our stack.” Zach explained, “Originally it was just one rack of equipment inside San Quentin with no ability to bring in external content, so it was a very challenging environment.”

Working within a prison meant that TLM needed to meet unique security standards.

“At the Last Mile, our security needs are different. We are ultra restrictive. Users can’t access unrestricted sites, they can’t install anything, and they can’t go browse a website.” Zach explained, “So we have to start building layers of security to prevent that from happening.”

TLM created a simulated online learning experience using private cloud infrastructure. With this system, incarcerated individuals are able to practice coding without needing access to the rest of the web.

“We still have some private cloud resources, some assets that we host within Google Compute for example. So we need to enable connectivity to that, while still locking down machines.”

Need for Automation

To implement their program throughout prison systems across the nation, TLM had to trade their on-prem solution at San Quentin for something scalable, secure, and automated.

“We reached a point where The Last Mile had really started to scale, and one of the major roadblocks for us to do this efficiently and securely was automation,” Zach said.

“So how do we actually facilitate updates and access to our virtual machines? How do we deliver applications and extensions to make sure our students have access to the best tools to get the job done? And finally, how does all that scale?”

“We knew we couldn’t solve this just by hiring more personnel. We couldn’t afford to build out teams and teams of people internally because of the additional management challenges involved. Instead, we needed to automate.”

The Solution

To meet TLM’s needs, Zach turned to a tool that he had used previously at two other organizations: JumpCloud Directory-as-a-Service®.

He explained, “I’m looking at JumpCloud as a new way to manage our environment, that will give us the ability to automate and scale out The Last Mile Works as a platform.”

Why doesn’t Zach use a legacy IT management solution, like Active Directory? The limitations would greatly hinder TLM’s growth, and ultimately, their ability to reach more prisons.

“Without something like JumpCloud on an iMac, this type of security and connectivity is very difficult to achieve. I would have to have more systems at play, and my ability to be nimble and roll out new sites would suffer. I don’t think we would be able to scale as quickly as we are able to with JumpCloud.”

The Result

JumpCloud’s ability to manage and track fleets of systems with Policies and the Events API has allowed Zach to meet security demands at multiple sites from a single location.

“The fact that JumpCloud can run scripts and has built in Policies and grouping means I can build out users, control password changes, and actually have detailed information about who has access to the machine and when it was used. We can use features like MFA and single sign-on (SSO) so that we know the person signing onto that machine truly is them because they checkout a token, or a Yubikey,” Zach said.

“JumpCloud and [patch management tool] Automox are my two cornerstones for automation, machine management, security, and software delivery.”

The history of user management

Looking Ahead

“We’re getting an onslaught of interest to expand. Currently we’re in eight sites and we’re looking at being in closer to 11 or 12 by the turn of the year,” Zach said.

Companies like Slack, Fandom, and Google are taking notice of the change. They’re donating money and beginning to hire students directly.

“The students are so grateful to have this chance, and they know it’s a real opportunity. They can earn money in TLM Works and they can put money in savings. They can pay restitution and they can send money home to their families,” Zach said.

“We’re educating, we’re ensuring that people can return to society in a very productive way, and have a butterfly effect that changes generational crime. People can change and actually better themselves, and we’re a cog in that wheel.”

As Zach continues to help The Last Mile reach more prisoners, he plans to keep choosing Directory-as-a-Service.

“Each time I have a new project, I look at JumpCloud, then take a step back and look at what I need to accomplish, and there’s JumpCloud again. It always ends up being a big part of what I need.

“JumpCloud supports Linux, OS X, and Windows, and then you have LDAP and RADIUS covered. That is a huge chunk of the infrastructure that I need to scale a firm, and all that’s solved with this one platform.”

SSO Alternatives to Okta

More Info

If you would like to learn more about how Directory-as-a-Service can act as a core directory to help your organization with scaling, user management, and much more, drop us a note at [email protected].

About JumpCloud

The JumpCloud Directory Platform provides secure, frictionless user access from any device to any resource, regardless of location. Get started, or contact us at 855.212.3122.