State Information Technology Services Division
  
NEWS BITS & BYTES
 
Customer News - July 2014, Vol. 1, Issue 5.

The Montana Data Portal -

a critical piece of Governor Steve Bullock's Transparency and eGovernment Services Initiative - launched June 30. 

 

 

 

NEWSLETTER

CONTENTS

Montana Data Portal launch

News from the State CIO

Enterprise Security Risk Assessment

Agencies' IT Plans Published

SITSD Billing System Replacement

Draft Technical Standards

Multi-factor Authentication

Microsoft Agreement impacts HUP

New SITSD employees

Calendar of Events 

 

Montana Data Portal
Portal offers enhanced data sharing, transparency for government organizations

dataportalYou might be asking, what is the Montana Data Portal? The portal acts as a data repository that provides data sharing opportunities for business intelligence, analysis, correlations, charting, graphing and trending between datasets from multiple state and local organizations. The portal allows citizens and decision makers to view and export data from a centralized location. It is designed to increase government transparency; enable better decision making through data analysis; make data easier to access, explore, use and visualize; enhance the way state and local organizations interact with customers; and modernize how Montanans use and share information. Features include embedding datasets and user-created visualizations on websites; scheduling automated publishing updates to datasets; and downloading datasets in several different formats. In addition, the utilization of customizable developer tools for application programming interface (API) can create unique data mash-ups, and employ intuitive browsing, which allows both technical and non-technical visitors fully experience the portal's value.  

 

Organizations are encouraged to learn more about publishing datasets on the portal. Visit www.howto.mt.gov or go directly to the portal at www.data.mt.gov.

TOGETHER. SHAPING THE 'IT' FUTURE.
Enterprise Security Risk Assessment moving forward
enterpriseriskassessmentThe state's Enterprise Security Risk Assessment is progressing. The state awarded a $300,000 contract in May to Cerium to perform an Enterprise Security Risk Assessment for the state's information systems. The company, which is based in Spokane, Wash., and has a Helena office, will study existing information systems, identify gaps and recommend improvements. Cerium will also be conducting physical security assessments of some Capitol Complex buildings and the state data centers in Helena and Miles City. In mid-June, Cerium began external vulnerability scans on the state network. These types of risk assessment activities will continue during the next three months. A general report will be provided to state IT managers this fall; specific recommendations (not available to the general public) will provide DOA and other state agencies with a road map for strengthening security across the state enterprise. The company will also assess the security of some agency-specific information systems. For more information, contact Project Lead Lisa Vasa.
New Microsoft Enterprise Agreement brings changes to Home Use Program

MicrosoftEAHomeprogramSITSD will develop a plan in collaboration with customer agencies to deploy Office 365, which is included in the new three-year enterprise agreement between the State of Montana and Microsoft. Until Office 365 is deployed, employees will experience no changes when using Microsoft products on their work computers and other devices. However, there are immediate changes in the Microsoft Home Use Program (HUP) due to the new agreement.

 

The HUP affiliated with the state's Microsoft Enterprise Agreement for fiscal years 2008-2014 has been discontinued as of May 31, 2014. The new agreement allows for agencies to implement a home use program associated with Microsoft Office 365; however, that program will not be available until Microsoft Office 365 is deployed. At that time, each agency will decide how employees can access the an Office 365 license for home use.  

 

In the interim, employees who would like to have Office 365 on a personal computer or other home device should visit Microsoft's online site to purchase a monthly subscription until Office 365 is deployed. Monthly subscriptions range from $6.99 to $9.99 per month depending on usage.

In the SPOTLIGHT

INFORMATION SYSTEMS SECUR-ITY OFFICE RESTRUCTURE - The Information Systems Security Office (ISSO) at SITSD has divided into two bureaus - the Security Operations Bureau and Risk Management Bureau - for a more efficient and effective delivery of services. As of June 16, Sean Rivera is serving as bureau chief for the Security Operations Bureau. Sean will oversee security operations with added responsibilities for business continuity and disaster recovery. Wes Old Coyote is serving as bureau chief for the Risk Management Bureau and will oversee risk management, auditing, policy development, architecture and standards development, and security training and awareness. Congratulations to Sean and Wes on their new assignments.

  

2014 MONTANA GOVERNMENT IT CONFERENCE - Calendar alert! The 2014 Montana IT Conference will be held Dec. 8-11 at the Red Lion Colonial Inn in Helena. This year's conference is shaping up to be the best yet. Please plan to join us!

 

SITSD welcomes new staff

newemployeesSITSD has recently welcomed and/or promoted several employees to new positions. We're glad to have these exceptional individuals on our team! Read more about them.

 

Karin Ohlin, Computer Applications Engineer, Application Technology Services Bureau.

Tobie Ohlin, Computer Systems Engineer, Enterprise Technology Services Bureau.

Ashley Downing, Computer Systems Engineer, Enterprise Technology Services Bureau.

Patrick Boyle, Computer Systems Engineer, Network Technology Services Bureau.

Matt Simpson, Computer Systems Engineer, Enterprise Technology Services Bureau.

Dan Olson, Computer Support Specialist, Enterprise Support Bureau.

Dan Hatfield, Computer Support Specialist, Enterprise Support Bureau.

NEWS FROM THE STATE CIO
Putting the Main Street Montana Plan into action!

newsfromcioHave you read the Main Street Montana Business Plan? This dynamic plan was released in April by Governor Steve Bullock. It focuses on creating a public-private partnership that provides a foundation for building and implementing a successful business plan for the state of Montana. The plan was developed from a series of statewide roundtable meetings and/or surveys involving more than 3,000 Montanans.

 The strategies identified in the plan are based on five key "pillars."

Read More
NEWS
Agencies' 2014 IT Strategic Plans available online

agencyITplansNearly all Montana state agencies' 2014 Information Technology Strategic Plans are now available on SITSD's website. As required by state law, the plans have been approved by State CIO Ron Baldwin. More analysis of the contents in the agencies' plans will be included in next month's newsletter. SITSD is also preparing to draft the state's Biennial Report later this year. The report is required by state law and assesses progress toward addressing the goals and objectives outlined in the state's 2012 IT Strategic Plan and in agency IT plans. Agencies will be asked to complete a data survey this summer as a first step in the biennial reporting process.  

SITSD decides not to purchase billing system
ITbillingsystemSeveral months ago, an SITSD project team began exploring the need for a new customer billing system for the division's IT services. The team analyzed the need to replace SITSD's Service Utilization for Billing System (SUBS) with a new off-the-shelf or custom solution that would better meet customers' needs. The project brought both SITSD staff and customers to the table to identify current deficiencies in SUBS. The resulting discussions helped SITSD take immediate steps to improve SUBS billing statements and address other concerns, while also continuing to research new systems. Unfortunately, early estimates regarding the cost of a new system greatly exceeded any funding available. State CIO Ron Baldwin announced recently that the division will not purchase a new billing system at this time due to the high estimated cost and lack of funding, combined with the fact that changes to billing statements have alleviated many customer concerns. The division will continue to monitor the need for a new system and will be asking for funding in the next biennium  
Draft technical standards address common data elements and electronic compatibility of data
drafttechnicalstandardsSITSD is accepting public comment on two proposed interim standards - the Common Data Elements Technical Standard and the Electronic Compatibility and Interchange Technical Standard. The Information Technology Managers Council reviewed the two documents at its June 4 meeting.  Regarding the Common Data Elements Technical Standard, Chief Information Security Officer Lynne Pizzini explained that the Access Control and Verification Committee and Data Portal Project team both identified a need for common data elements. In addition, she said the "Interim" Electronic Compatibility and Interchange Technical Standard provides high level guidance for identifying electronic compatibility and information exchange formats that may be used when capturing, retrieving, storing and transferring electronic records and information which can be moved between computer file systems without alteration of the original method of encoding. This standard applies to records that originated electronically, such as word processing files or digitally-recorded sound, as well as those that are digital representations of records which originated in a non-electronic form, such as paper or film. This standard also includes multi-media (streaming) and video in support of critical business operations.  Pizzini said these standards will likely be modified as various legislative and state committees further develop new policies and procedures. Please send comments on the proposed standards to Wes Old Coyote. The final standards will go to ITMC later this summer for approval.
SERVICES
Steps required to make multi-factor authentication available for enterprise use
mutifactorauthenicationThrough House Bill 10 funding, SITSD has been diligently working to increase the security posture of the state enterprise; this includes the deployment of multi-factor authentication (MFA)

SITSD staff is in the process of finalizing MFA for enterprise use.  One of the last items on the "to-do" list is to configure this system for use with the enterprise Virtual Private Network (VPN) solution that is maintained by the Network Technology Services Bureau. For this functionality to work, SITSD is asking each agency using the enterprise VPN to provide NTSB staff with two Active Directory groups. SITSD will need one group for agency personnel who need VPN access and have MFA fobs assigned to them through the enterprise MFA system, and a second group for agency personnel who need VPN access but are currently not using MFA. Agency VPN users will need to be in one of the two groups. Employees who attempt to connect, but are either in both groups or in neither group, will not be able to access the network via the VPN. These two groups will be required for agencies using the VPN whether or not the agency is using RSA MFA. SITSD has generated a list of personnel who currently have VPN access configured on their account and will be providing that list to agency points of contact to help establish these groups. This is a temporary solution until all agencies have been on-boarded to the MFA system. Suggested format for group names:
  

Single Factor:   <3 letter agency designator>-Single-Factor-VPN

Multi-Factor:     <3 letter agency designator>-Multi-Factor-VPN
 
Agencies are not required to implement MFA by this date, however, our current plan is to turn on this new requirement by July 31 and we will need these groups setup at this time for continued VPN access. Please direct questions to Alex Ostberg or Layne Cope.
calendarCALENDAR
- Microsoft Enrollment Coordinators Team - July 17, Thursday, 11 a.m. to Noon, Room 53, Mitchell Building.

- Information Technology Managers Council - August 6 is next meeting (no meeting in July).

 

Please note that some links in this newsletter are only accessible when logged into the state network. For more information, contact itsdcomoffice@mt.gov.

 

Connecting Information and People.
  
State Information Technology Services Division, a division of the Montana Department of Administration, provides IT services to more than 100 state, county and city government entities. The division works to ensure that the state's IT infrastructure is robust, secure and cost effective, and supports the business requirements and innovations of government and Montana citizens. .