Your browser does not support JavaScript!

Network News

June 2021
Volume 20, Number 6

From the CIO

CIO Nelson Moe
CIO Nelson Moe

Over the holiday weekend, I was thinking back to the first move event that occurred in Sept. 2020 toward our effort to relocate the data center. As we near completion, join me in acknowledging the progress we have made thus far, and know that I have much appreciation for the partnership of each agency. To date, 83% of agencies have completed their moves to the new QTS data center. 

Agency teams are busy finalizing the last move-associated activities, and the VITA team is committed to ensuring that service availability and cloud services implementation will continue. Every effort will be made to ensure that supplier staff and resources are made available as the deadline approaches. The agencies’ data center move teams have been invaluable to the effort, and I recognize their dedication and commitment to helping VITA complete the project on time. Thank you! 

The weekend was not all spent on work thoughts, however, as yesterday was the observance of the Memorial Day holiday. As a 17-year veteran of the U.S. Navy, Memorial Day reminds me of the amazing spirit of peace and freedom heroic soldiers give to us, the people of America. I hope you and your family were able to take a moment to honor those who gave their lives for our country. Let us never forget the bravery and honor of those who died in service.

Nelson

Messaging request for proposals update

The request for proposals (RFP) team for the messaging services contract is currently in negotiations with the potential supplier(s) and a contract(s) is expected to be awarded in June. 

In order to minimize risk and impact to our customers, VITA has renewed the current messaging contract with the current supplier for one year. The new messaging supplier(s) will focus on onboarding, integrating into VITA’s multisourcing service integrator (MSI), and collaborating with the other service tower suppliers to implement a new, modernized messaging solution. These activities will take approximately six months to complete after the contract is awarded. Upon completion of these activities, new service options including the option to change messaging platform will become available.  

For any questions related to the RFP, please contact Shabeen.Vijayan@vita.virginia.gov.

 

New URL: TEBS has moved to the cloud

VITA’s telecommunications expense (management) and billing solution (TEBS) system has transitioned to a new billing platform. The new platform will provide improved performance and response. The move will also significantly reduce server and storage cost, free up VITA’s database administration and architect resources, and ensure we are fully in line with Executive Order 19. Users should experience a more stable environment and faster search results. 

TEBS users, please note the new way to access the application: 

  • Launch Chrome web browser
  • Use (copy/paste) new URL - https://connect.mdsl.net/vita/
  • Enter your telecommunications and expense billing system (TEBS) credentials to log in 

For additional information or assistance, please contact TEBS mail.  

 

New Microsoft Power Platform development governance

Every Commonwealth Microsoft 365 license comes with access to VITA’s (default) development environment. This environment can be accessed via the Power Platform (Power Apps, Power BI and Power Automate). While this environment is accessible to all workplace collaboration services (WCS) customers (users with Microsoft 365 licenses), it should not be used for building agency-specific applications. All agency-specific application development should be done within agency-specific environments.  

If your agency needs to set up one or more of these environments, please submit a workplace collaboration services – support request via the VITA service portal (selectAll other requests from the dropdown list in the WCS support request field, and request that a Power Platform environment be created).  

 

Required security awareness curriculum for agencies

Legislation was recently enacted which requires VITA to establish a baseline cybersecurity training curriculum that all agencies must implement. To that end, and to support this legislation, VITA has developed a new information technology (IT) security standard: “SEC527 – Cybersecurity Awareness Training Standard.”

The new standard can be found here.

The legislation requires that agencies use security awareness training that meets a minimum curriculum baseline (established in the new cybersecurity standard), and that each agency’s compliance with the training standard be reported to VITA starting in calendar year 2022. As a reminder, VITA has security awareness training services available on contract should an agency need them. 

 

RSA system maintenance

RSA system maintenance began last month to unassign abandoned and expired tokens that have not been used in the past 120 days. Once initial cleanup of expired tokens is complete, continued maintenance will be enforced once every 120 days going forward. Agency staff are encouraged to log in to test assigned RSA tokens monthly to ensure that they remain active and are operating properly.  

Users should contact the VITA customer care center (VCCC) if they experience any issues.     

 

Agency device updates and battery swelling

Important security and non-security updates are delivered to devices on a regular basis. Please leave your laptops and tablets on, plugged in overnight and connected to the virtual private network (VPN), to receive updates. If there is concern about a device going into sleep mode, then it is recommended to set the time to five hours under power management. 

Additionally, continue to monitor your devices for any signs of potential battery swelling. To avoid battery swelling, laptops should be left on a hard surface with no air flow restrictions and should also regularly allow the battery to discharge. You can unplug your devices a few hours each day before plugging in overnight, while still connected to the VPN to receive updates. Please contact your agency information technology resource (AITR) with questions.  

If you are experiencing issues with battery swelling, submit a ticket to the VITA customer care center (VCCC).   

 

2021 virtual security conference program online 

The 2021 virtual Commonwealth of Virginia Information Security Conference general program is available on the VITA website. You can view it here 

Conference details: 

The theme of the conference is “2021 Cybersecurity Reboot: Tools for building a cyber resilience.”  We encourage you to register now as the conference has almost reached maximum capacity.  

Learn more about this upcoming exciting conference

 

ITRM documents on ORCA 

The following Information Technology Resource Management (ITRM) documents have been posted on VITA's online review and comment application (ORCA) at: https://vita2.virginia.gov/publicorca/ 

The review period, open to obtain agency level feedback, will expire June 7. Below you will find the name and purpose of each document for review.  

  • ITRM Prohibited Hardware, Software and Services Policy SEC528-01- The purpose of the new ITRM Prohibited Hardware, Software and Services Policy (SEC528-01) is to protect the Commonwealth by notifying all agencies of any hardware, software or services that have been prohibited for use.
  • ITRM Information Technology Security Audit Standard SEC502-04 - The purpose of the new ITRM Information Technology Security Audit Standard (SEC502-04) is to delineate the methodology for conducting an IT security audit of sensitive IT systems that contain agency information as identified and prioritized in an agency’s business impact analysis.
  • Information Security Policy SEC519-01 - The Information Security Policy (SEC519-01) has been entirely rewritten. The purpose of this policy is to protect the Commonwealth information assets by defining the minimum information security program for Commonwealth of Virginia (COV) agencies. This policy establishes the program as a comprehensive framework for agencies to follow in developing security programs to reduce the risk to COV information irrespective of the medium containing the information. 

 

June 30: End of VITA's Sprint contract 

VITA's contract for Sprint rate plans will end on June 30. T-Mobile completed the acquisition of Sprint Solutions in April and an extension of services was put in place in order to facilitate a transition from Sprint-branded rate plans to T-Mobile. That extension will end on June 30.  

If your agency is a user of Sprint Wireless services, please convert your current Sprint users to T-Mobile before the end of the month. There should be no change in your service coverage and services may actually improve as a result.  

Agencies may find that some older phones and equipment may not be T-Mobile-compatible and will need to be replaced. You can work with the Sprint/T-Mobile state account representative, Michael Girardi, to determine what the impact to your users will be and if an existing device will need to be replaced. If agencies do not complete the transition by June 30, there is a remote possibility that they could lose service on affected devices since the contract does not provide for continuation of Sprint services past that date. 

 

Did you know?

Did you know you can fill out specific forms to save time and increase speed to fulfillment?

Did you know you can skip the step of having a form reviewed and distributed by the VCCC? When the forms listed below are completed, they go directly to the supplier, which is charged with fulfilling the order. This saves time and moves the request directly into the queue for fulfillment. 

The following forms may be used to request specific services related to personal computing devices:

 

Training opportunities: New learning management system 

See below for the list of classes available in June in the ITISP learning management system (LMS).  

The LMS is available via the training widget on the VITA service portal homepage—providing easy access to training registration and CBT courses. We invite you to review knowledge base article KB0018324 to learn more.  

(Note: The ITISP LMS is not a replacement for the current DHRM enterprise LMS solution.)  

Available classes:  

Solution design - June 8 

Project management for suppliers - June 8 

Remediation plan training - June 9 

HARP for submitters - June 15 

Reports and dashboards - June 22 

Governance - June 24 

Configuration management database (CMDB) - June 29 

*Please remember: The training schedule is posted in the knowledge base. Log in to VITA’s knowledge base and click on the “Training” icon – here you can view training-related materials. To view the training schedule, click on “show filters” on the left side of the page. Then, check the box for “Training Schedules.” If you have any questions, please contact the VCCC at 866-637-8482.  

 

Information Security Tips

An email account can be compromised in a number of different ways. In some cases, your password may be weak and easily guessed or obtained through a public breach. In other cases, you may have clicked on a malicious link in an email, social networking site, or webpage. Or, you may have downloaded an app or file that contained malicious scripts. In the May edition of Information Security Tips, we look at potential warning signs that your email account may have been compromised, what you can do to recover and steps you can take to help prevent it from happening again.

Read Information Security Tips