April 2019
Volume 14, Number 4

From the CIO

CIO Nelson Moe

CIO Nelson Moe

VITA will sponsor a "services fair" the afternoon of May 8 to introduce information technology (IT) services and related rates for the new fiscal year to agencies. I extend an invitation to all agency information technology resources (AITRs) to attend and urge them to share the invitation with others at their agencies who need to know about VITA’s new services and rates. We will send the details soon as a calendar invitation.

VITA's service leads and representatives of all suppliers will be on hand to talk with attendees about all service categories. As a reminder, those suppliers include:

  • Science Applications International Corporation (SAIC) – MSI
  • Atos – Managed security
  • Iron Bow – End-user services
  • Perspecta – Mainframe
  • Tempus Nova – Messaging
  • Unisys – Server/storage/data center
  • Verizon – Data/voice network
  • Xerox – Print services

Additionally, VITA finance staff will be available to provide rates and answer questions.

I am excited about this event, and again, urge you to attend and invite others from your agencies to learn about our new and enhanced services and have the opportunity to discuss any questions regarding rates with our finance staff.

VITA and its suppliers in the new multisourced infrastructure environment are making significant progress but VITA, our agency customers and our suppliers continue to face challenges. As we mature this new environment, our program and services will get better and better. Agencies are asking about new services. Suppliers are working very hard to provide new and enhance existing services. This is a very different environment and very different conversations than we were having a few years ago.


State officials, projects up for national honors, voting open

Three Virginia IT officials and two projects have been nominated for the annual StateScoop 50 Awards. These national awards honor those who make state government more efficient and effective.

Nominated in the state leadership category are Chief Information Officer (CIO) of the Commonwealth Nelson Moe, Chief Data Officer of the Commonwealth Carlos Rivero and VITA Director of Enterprise Services Demetrias Rodgers. Nominated for state IT innovation projects of the year are the Virginia Cloud-Based Emergency Response from VITA and the Opioid Data Sharing and Analytics Platform by the Virginia Department of Criminal Justice Services.

Voting is open until April 15. Winners will be announced May 5. Vote here.

NASA CIO to speak at security conference

NASA CIO Renee Wynn has been added as the third guest speaker at the Information Security Council’s sixth annual Information Security Conference for the Commonwealth of Virginia, April 11–12. Registration for the conference has closed because the event has reached capacity.

CIO Wynn will deliver lunchtime remarks on day two of the conference. Ms. Wynn joined NASA in 2015 as deputy CIO after 25 years with the Environmental Protection Agency (EPA). At the EPA, Wynn served in a number of roles, including the acting assistant administrator for the Office of Environmental Information. She has 28 years of federal service, and has been working in the federal CIO world since 2011. Ms. Wynn has been able to bring her experience working on environmental policy, program management, budget formulation and analysis to her role as CIO.

Again, registration for the conference is now closed.

Agency IT news

Services added, more planned July 1

VITA, the MSI and service tower suppliers are adding items to the VITA service catalog and planning new services July 1 as part of its IT infrastructure services program.

All requests for secure sockets layer (SSL) certificates can now be completed in the VITA service catalog. The SSL certificate form can be found under the Security Services category. RSA tokens are listed in the catalog as “Enterprise VPN 2-Factor Authentication Service” under the Network Services category.

Five peripherals now are available in the VITA service catalog under Personal Computing – Peripherals: HP Elite Display E243 24" monitorHP UltraSlim docking stationHP USB-C G4 docking stationHP wireless keyboard and mouse and Targus 15.6" Meridan II top-loading laptop case. The full suite of peripherals is expected to be available in the catalog on July 1.

End-user computing upgrades are planned this calendar year. The upgrades will move the computing platform to the newest technology and provide the functionality sought by agencies. All workstations (desktops, laptops and tablets) will move from Windows 7 to Windows 10. Workstations currently running Windows 10 long-term service branch (LTSB) will migrate to semi-annual channel (SAC) operating system. Additionally, Windows 10 SAC onboarding will migrate the new version of Windows 10 as the standard operating system for the enterprise.

Voice and data network refresh is being scheduled for the 60 percent of components that are end of life. While much work has been done since the Dec. move to the new multisourced infrastructure environment, there’s still a lot of back-end work to be done. An 11-month plan has been developed that is very aggressive for the amount of work needed. A refresh criteria/prioritization has been established. First priority item will be the refresh of equipment that is or soon will be past its refresh cycle. After that, refresh will be prioritized according to the site/location tier level, non-compliant equipment/software, pre-existing issues, manufacturer's end-of-support date, and the minimization of site visits with maximization of benefits.

Three security standards posted for comments

The proposed updates to the documents listed below are posted on VITA’s online review and comment application (ORCA). Comments will be accepted through April 21. Comment here.

  • SEC501-11 – Information Security Management Standard

    • Changes: New requirements were added to section 2.4; AT-2-COV; PL-4-COV. Clarifying language was added to sections: 4.1; 4.2, RA-5-COV

  • SEC502-03 – Information Technology Security Audit Standard

    • Changes: Revised to add definitions in section 1.2.4 IT Security Audit and clarify IT Security Audit requirements in section 1.4

  • SEC525-04 – Hosted Environment Information Security Standard

    • Changes: New requirements were added to section 2.4; AT-2-COV; PL-4-COV. Clarifying language was added to sections: 4.1; 4.2, RA-5-COV

IT staff at agencies are invited to submit comments.

Agencies must select server software options

Agencies are reminded they must select an option by May 10 for Microsoft Windows server 2008 software, which is approaching end of life. Agencies should report their selection to their MSI business relationship manager (BRM) by May 10. Options include:

  • Upgrading to Windows server 2012 or Windows server 2016. Operating systems will not be upgraded on current servers.

  • Remaining on Microsoft Windows server 2008, applying for enhanced server operating system security (ESOSS) and filing a security extension.

For agencies that do not respond, VITA will implement ESOSS at agency cost on all Microsoft Windows servers 2008. Charges for ESOSS will begin in January 2020 when 2008 goes end of life and continue until servers are upgraded to a supported version.