October 2015
Volume 10, Number 10

From the CIO

CIO Nelson Moe

CIO Nelson Moe

October is Cyber Security Awareness Month. Those of us working in the information technology (IT) field are cyber security aware every minute of every day – and, sometimes, in the middle of the night. The designation provides an opportunity for us to share information with others. I am providing a link to Gov. Terry McAuliffe's proclamation for the month. Please feel free to link to the proclamation from your website or share it with your co-workers.

Gov. McAuliffe and the Virginia Information Technologies Agency (VITA) have made some significant strides recently to enhance cybersecurity. The governor formed Virginia's Cyber Security Commission, which has been meeting on a regular basis and made recommendations. He also issued an executive directive related to strengthening the commonwealth's cybersecurity protocol. VITA's commonwealth security and risk management staff members, with the support of all VITA's leaders and staff, are working diligently to meet the directive. We also have implemented additional measures to combat phishing attacks, work diligently to ensure patching is up to date and use best practices in this essential area of IT.

I know you will join me in embracing the importance of cybersecurity. I look forward to continuing to work with you to protect citizen's information entrusted to the commonwealth while VITA staff and I continue to work diligently to provide IT infrastructure, cybersecurity, IT governance, geospatial mapping, emergency communications support and IT procurement services.

Cyber Security Awareness Month Resolution 
Cyber Security Commission, First Report, August 2015, " Threats and Opportunities
Governor Signs Executive Directive to Strengthen Cybersecurity Protocol 
National Cyber Security Awareness Month – Stay Safe Online

Nelson

Governor's Technology Awards honor state agencies, localities, universities

The annual Governor's Technology Awards were presented to honorees in nine categories at a special ceremony at the Commonwealth of Virginia Innovative Technology Symposium (COVITS) in Richmond last month. On behalf of Gov. McAuliffe, Secretary of Technology Karen Jackson presented the awards to a distinguished group of Virginia government entrants, including state and local government and universities.

In a statement, Gov. McAuliffe said, "I want to congratulate the winners of these awards. Building a new Virginia economy requires the ability to innovate and find ways to increase efficiency in government. The future is bright for the commonwealth as these talented groups continue to use technology to make government more efficient, less expensive and more responsive to taxpayers."

Multiple awards were presented in some categories because of the extremely close scores between projects.

The 2015 Virginia Governor's Technology Awards winners, by category:

Cross-Boundary Collaboration on IT Initiatives 
Electronic Death Registration System -- Virginia Department of Health

IT as an Efficiency Driver -- Government to Citizen 
Real Estate Property Report App -- Roanoke County 
Charlottesville Area Transit Mobile App -- City of Charlottesville

IT as Efficiency Driver -- Government to Business 
The C.A.R.E. Application -- Virginia State Corporate Commission 
Transportation Network Company Registration -- Virginia Department of Motor Vehicles 
GIS-centric Development Management System -- Prince William County 
E-GIFT -- Virginia Department of Health

IT as Efficiency Driver -- Government to Government 
Cloud Technology Partnership for Economic Development -- Chesterfield County

IT as Efficiency Driver -- Government to Government 
BeneVets Automated Claims Application -- Virginia Department of Veterans Services

Innovative Use of Technology in Local Government 
Fire Department Tablet Project -- City of Lynchburg 
CAD to CAD -- York-Poquoson-Williamsburg Regional 9-1-1 Center, James City 9-1-1 Center

Innovative Use of Technology in Education 
The Geospatial Semester -- James Madison University 
Frictionless High Speed Research Network -- Virginia Commonwealth University

Innovative Use of Big Data and Analytics 
OneSource Data Warehouse -- Virginia Department of Behavioral Health and Developmental Services 
Public Safety Operational Data Storage (PODS) -- Chesterfield County

Innovative Use of Open Data 
Open Data Portal -- City of Richmond

Best Citizen Portal 
Citizen Portal -- City of Newport News 
Virginia Law Portal -- Division of Legislative Automated Systems

Executive Summaries of Winner's Entries

Governor talks automobile cybersecurity

Gov. McAuliffe yesterday announced the promising results of a collaborative public-private initiative to explore the safeguards needed to protect Virginia's citizens and public safety agencies from cybersecurity attacks targeting automobiles. He spoke at the Commonwealth of Virginia Cyber Security – Unmanned Systems Technology Showcase, which continues today in Chesterfield County.

Governor's Press Release

Register now for Fourth Annual Project Management Summit

Registration is underway for the Fourth Annual VITA IT Project Management Summit Oct. 15. The summit is designed for commonwealth and local government IT project managers, commonwealth employees on a project management career path and contractors assigned to IT projects in the commonwealth. The educational component will include case studies, industry best practice and relevant project management topics. The summit runs from 8 a.m. to 4:30 p.m. at The Cultural Arts Center at Glen Allen, 2880 Mountain Road, Glen Allen. Cost is $85.

Register

Attention AITRs: Resources, sharing options available online

Did you know you can find an archive of messages sent to agency information technology resources (AITRs), links to AITR meeting presentations, network capacity reports, service level agreement reports, user guides, FAQs and a calendar of events on the VITA COV intranet? The site is open to all commonwealth employees. Don't forget to bookmark the site.

Also, bookmark Connections. The site provides a collaboration tool for CIOs and AITRs. Share success stories and best practices, and receive updates on various initiatives resulting from the VITA valued customer experience (VCE) improvement projects.

VITA COV Intranet Site 
Connections

IT infrastructure update

Infrastructure sourcing strategy work continues 
VITA, the IT Sourcing Steering Committee and Integris Applied are continuing to work on strategy for the end of the current infrastructure contract. Potential future-state scenarios are being reviewed. The scenarios have been evaluated, based on secretariat, agency and VITA business and IT leaders' interviews, against the agency and enterprise goals identified in early stages of the assessment. Integris advisors pointed out the existing infrastructure contract was built primarily around enterprise goals, and a better balance of the needs of both agencies and the enterprise is needed in this sourcing initiative. Integris also noted the two are not mutually exclusive and the potential sourcing models being discussed will meet all goals to some degree. Integris and the VITA team will continue to evaluate scenarios, transition timing and financial models over the next month and discuss those topics in additional committee meetings. The current IT infrastructure contract with Northrop Grumman expires in 2019 and cannot be extended. Procurement regulations require the infrastructure work to be competed.

Sourcing committee members have scheduled extra meetings to ensure adequate input to the strategy work. Members include: Dave Burhop, Department of Motor Vehicles; Sharon Kitchens, Department of Taxation; Brian Logwood, Department of Planning and Budget; Neil Miller, Finance Secretariat; Jason Powell, Senate Finance Committee; David Reynolds, House Appropriations Committee; Dana Smith, VITA; Ernie Steidle, Department of Aging and Rehabilitative Services; and, Chad Wirz (chair), VITA. The VITA core team members working on the project include Perry Pascual, Ashley Colvin and David Swynford.

Sourcing Strategy Information

DGS campus infrastructure upgrades complete
State agencies in downtown area buildings (also known as the Department of General Services or DGS campus) have an upgraded, more reliable infrastructure and redundancy so that if the circuit goes down in one building, circuits in other buildings will be operational. The extensive upgrade was completed on weekends over the past several months for minimum disruption of services.

Mainframe billing now online; paper eliminated 
VITA mainframe services customers will receive VITA bills online beginning Nov. 1, eliminating paper bills. VITA's new cost management system features online billing reports in a variety of formats, delivery of reports by email, and extensive reporting capabilities that permit end users to select and view data for analysis. Customers will receive these invoices by email and will have the option to log on to a billing portal to view additional details of their bill. Reports can be generated on demand using criteria, such as accounts and date ranges, selected by the user.

Project to reduce, eliminate paper telco invoices advancing

VITA's telecommunications expense (management) and billing solution (TEBS) project is in the execution and control phase. For state, local and higher education telecommunications users, TEBS will reduce or eliminate paper invoices, provide easier access to bill detail online with full drill-down capability, support data extracts, offer on-demand order and payment status tracking, and enhance reporting capabilities. The solution provider, Telesoft, continues to configure the system. The collection of legacy data is in the final steps for loading into the TEBS system. The technical team is tuning the environment and continuing to prepare for the installation of TelMaster on the servers. The process owners are preparing staff for the coming changes. During the coming weeks, activities will include continuing to load and validate data, preparing VITA for the future state and providing communication to all stakeholders.

VAGOVWEB meeting is Oct. 8

VITA has scheduled a meeting of Virginia Government Webmasters (VAGOVWEB) Oct. 8. On the agenda are Cyber Security Awareness Month, virginia.gov implementation of the DigitalGov search, live tweeting 101 and a keynote on the Virginia Law Portal by the Division of Legislative Automated Services.

Register

VITA to host NG9-1-1 decision maker webinar

VITA will host a next generation 9-1-1 (NG9-1-1) decision maker education webinar on Oct. 7. The webinar will provide information regarding NG9-1-1 public safety access points (PSAP) and geographic information systems (GIS) managers and decision makers. The implementation of NG9-1-1 will require significant commitment and resources from all levels of government. Getting early buy-in of decision makers to the need, approach and solutions will be essential to successful deployment. This webinar will provide materials and methods to approach leadership of the NG9-1-1 implementation.

Learn more about Webinar Wednesdays

VITA staffer discusses DR in national technology magazine

An article by Josh Haravay, a disaster recovery (DR) specialist with VITA, is featured in StateTech Magazine. He discusses how to develop a successful continuity of operations plan. Last year, VITA completed a full disaster recovery drill at a backup data center. The drill involved 22 state executive branches, 211 servers and 170 terabytes of data. The agency successfully recovered critical systems to a backup data center in southwest Virginia within 24 hours, and less critical systems within 48 hours. This year's DR drill recently was conducted. Preliminary results are promising; final results are pending.

Read the article

The harm in password reuse

Every day, malicious cyber actors compromise websites and post lists of usernames, email addresses and passwords online. Password reuse on multiple websites or accounts is a vulnerability when the password is exposed in coordination with other information that identifies who is using the password, such as first and last names, login names or email addresses. More information is available in the recent issue of the e-newsletter Information Security Tips.

Read September Information Security Tips