Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
1
Information Technology Advisory Committee
Date: February 26, 2020
Time: 2:00 PM – 4:00 PM
Location: City-County Building, Room 107
Chairperson: Mr. Elliott Patrick, Interim Chief Information Officer
Previous Meeting Minutes
Review meeting minutes from October 16, 2019
Agenda Topics
Discussion Items
• 2019 Customer Satisfaction Results – Mr. Daniel Rieger
• 2020-2023 Strategic Plan – Mr. Elliott Patrick
Status Updates
• Enterprise Security Program Updates – Mr. Clark Giles
• General Open Forum Discussion
Information Technology Advisory Committee Meeting Minutes
Date of Meeting: October 16, 2019
Time of Meeting: 2:00 PM – 4:00 PM
Location of Meeting: Room 107, City-County Building
Chairperson: CIO, Ken Clark
Members in Attendance:
Elliott Patrick ISA, IT Representative
Chris Becker Recorder’s Office, Property & Land Management
Ann Sutton Public Defender Agency, Justice
Brienne Delaney MCEB, Constituent Services
David Condon OFM, Admin & Finance
David Schwartz DPS, Public Safety
Agenda Topics
Approval of May 29, 2019 Minutes
Ms. Brienne Delaney made a motion to accept the May 29, 2019 minutes as written. Mr. David Schwartz seconded the motion. The motion passed unanimously.
Discussion Items
IT Contract Review and Approval Policy
Mr. Chris Becker provided feedback from Property and Land Management Functional Group, requesting policies which update previous or existing policies include redlines to show what has changed and what has been kept. Mr. Ken Clark agreed moving forward ISA could show the difference between original and updated documents. Mr. Mark Warner with ISA summarized revisions from the Administration and Finance which included adding the IT Board resolution governing the dollar limit for board approvals as an attachment to the policy. There was also discussion regarding the amount of time ISA needed to review contracts in advance (four (4) months was suggested) and whether the contract should go to ISA or to OCC first. Ms. Brienne Delaney expressed concerns about bottlenecking if all ISA contracts must go through a single person, Sean Dean. Mr. Ken Clark acknowledged the concern and in response ISA created a new position, Finance and Compliance Analyst, as well as employing outside counsel, TAFT, to assist with contract overflow. Sean Dean and OCC are currently working on developing standard IT contract terms which would also help to make the process more efficient. Mr. Clark stated the best way to avoid a bottleneck situation is to get ISA involved in the contract process as early as possible. Ms. Ann Sutton presented the concerns brought up in the Criminal Justice Functional Group. The definitions around IT contracts were too broad and also suggested a “notice” process where the agency
can notify ISA and provide justification for contracts they (agencies) feel do not need to be reviewed by ISA. Mr. Clark agreed to add a “notice” process but added ISA may not always agree with the agencies on which contracts do not need ISA review. He further clarified stating whether a system sits on the network or not, ISA would still need awareness. Any systems which have inmate data or social security numbers, such as NeoGov, would also need ISA’s review. He also cited the Crime Lab as an example where “notices” for specialized equipment contracts would make sense. Mr. Clark Giles, Chief Technology Officer for ISA, stated applications for cyber security insurance ask specifically if the central IT agency reviews all IT contracts and the answer to that question is likely to impact insurance costs. Mr. Clark requested Mr. Ed Klaunig, Chief Financial Officer for ISA, work with Sean Dean to develop the notice process. Ms. Sutton also brought up the need for an emergency clause in the policy. This would allow for contracts to be fast-tracked through the review process in emergency situations particularly as they relate to public safety. Mr. Klaunig agreed to put something in writing regarding the clause. On behalf of the Admin and Finance Group, Mr. Mark Warner asked about exceptions for grant funded projects and whether they would still need IT review. Mr. Sean Dean, ISA attorney, was unclear as to why that situation would be treated differently. There was discussion surrounding the issue of grants and ISA involvement in the review of those contracts. New grant contracts as well as existing contracts up for renewal will still need to go through ISA. Ms. Brienne Delaney noted some contracts, such as those for the voting machines, did not go through ISA and the IT Board and asked for clarification on when it was appropriate for the IT Board to see the contracts. Mr. Clark answered, stating it is a dollar amount which determines whether it goes to the IT Board but also wanted to make sure the policy has flexibility for everyone involved, both present and future.
Mr. Clark noted the current City-County IT Strategic Plan goes through 2019 and ISA is currently working on the one for 2020. It will be important to get agency and department input to ensure the plan works well for everyone and by documenting it, the IT Board and functional groups can hold ISA accountable. It is expected by early November to be given to the functional groups for discussion.
Mr. Clark and Mr. Patrick then provided updates on the Bell Techlogix transition, noting there are 27 days left until full transition takes place. There has been good retention of employees for the service teams and the Bell team has been on-site, shadowing people and learning the environment. Bell has also been a part of the cultural immersion visits to 11 different locations to understand specific needs of separate City-County agencies. The new ticketing system, ServiceNow, is having the knowledge based continually reviewed and updated. Presently, there is internal training and testing occurring with a focus on getting more people to use the portal on a regular basis. ISA is also working on a standards and procedures manual and ensuring the work being done has written policies around it to ensure clear understanding of expectations on both sides. The refresh project is on-going. Currently, ISA is down 3,600 devices. Bell has stepped in and is assisting in completing it within the next year. This will set up a more efficient steady state process relating to enterprise refresh. There are renovations occurring on the 9th floor with plans for a walk-up depot, like the one currently at Public Safety Communications. The City-County depot, the PSC depot and the one slated
IT Contract Review and Approval Policy (cont.)
City-County IT Strategic Plan 2020
Bell Techlogix/Infrastructure Services Transition
to be at the new Criminal Justice Center will mean there are three locations for IT assistance when it is needed. ISA will also be piloting Smart Lockers, specifically focused on IMPD. These lockers will allow officers who have issues with their laptops overnight to swap their device out for a new one without much down time.
There being no further business to discuss, Mr. David Schwartz made a motion to adjourn the meeting. The motion was seconded by Ms. Ann Sutton and the motion passed unanimously.
Bell Techlogix/Infrastructure Services Transition (cont.)
Adjournment
Summary of Action Items
Action Item Owner
1 Development of Notice Process Mr. Ed Klaunig/Mr. Sean Dean
2 Development of Emergency Situation Clause Mr. Ed Klaunig/Mr. Sean Dean
3
4
2019 Customer
Satisfaction Survey
January 28, 2020
2019 Customer Satisfaction Survey
• Provided 11/1/19 – 12/6/19 (Five Weeks)
• 415 Completed Responses
• 523 Total Responses
Answer Choices Responses
Management (Agency & Department Heads,
Deputies and C-Level Leadership)16.25% 85
Supervisors 18.36% 96
Staff Members 65.39% 342
Answered 100.00% 523
Management Questions
Strongly
AgreeAgree Disagree
Strongly
Disagree
% Sat
2019
% Sat
2018
% Sat
2017
% Sat
2016
% Sat
2015
I am made aware of the strategic direction of ISA and its impact
on my agency or department.33% 47% 14% 6% 80% 73% 77% 78% 47%
I have a voice in prioritizing what projects ISA focuses their efforts
on.28% 41% 20% 11% 69% 54% 59% 61% 24%
The desktop/laptop refresh program is a great value for my
agency or department.22% 67% 8% 3% 89% 84% 89% 79% 72%
The IT charge back process helps me understand the IT costs of
my agency or department.17% 64% 17% 2% 81% 79% 68% 71% 38%
The IT charge back process allows for IT solutions in a fair and
equitable manner for my agency or department.11% 72% 16% 2% 83% 73% 67% 64% 38%
The services provided by my Business Services Consultant (BSC)
are essential to the operations of my agency or department.56% 33% 8% 3% 89% 87% 77% 84% 57%
ISA provides a good value for the services they provide. 28% 59% 11% 2% 88% 77% 75% 78% 46%
ISA understands the needs of my agency or department. 31% 58% 11% 0% 89% 79% 66% 73% 42%
Management Questions
I am made awareof the strategicdirection of ISA
and its impact onmy agency ordepartment.
I have a voice inprioritizing what
projects ISAfocuses their
efforts on.
The desktop/laptoprefresh program isa great value for
my agency ordepartment.
The IT chargeback process helpsme understand the
IT costs of myagency or
department.
The IT chargeback processallows for IT
solutions in a fairand equitablemanner for my
agency ordepartment.
The servicesprovided by my
Business ServicesConsultant (BSC)
are essential to theoperations of my
agency ordepartment.
ISA provides agood value for the
services theyprovide.
ISA understandsthe needs of my
agency ordepartment.
0%
10%
20%
30%
40%
50%
60%
70%
80%
Strongly Agree Agree Disagree Strongly Disagree
All Participant Questions
Strongly
AgreeAgree Disagree
Strongly
Disagree
% Sat
2019
% Sat
2018
% Sat
2017
% Sat
2016
% Sat
2015
ISA is organized in a way that makes it easy for me to get
what I need.32% 56% 10% 2% 88% 87% 85% 81% 71%
ISA is knowledgeable of, educates me about, and
provides access to emerging technologies.28% 54% 16% 3% 82% 83% 78% 71% 63%
The public-facing website meets the business needs of
my agency or department26% 60% 11% 3% 86% 83% 82% 74% 73%
I receive timely and appropriate communication from ISA. 43% 49% 7% 2% 91% 93% 89% 88% 79%
All Participant Questions
ISA is organized in a way thatmakes it easy for me to get what I
need.
ISA is knowledgeable of, educatesme about, and provides access to
emerging technologies.
The public-facing website meetsthe business needs of my agency
or department
I receive timely and appropriatecommunication from ISA.
0%
10%
20%
30%
40%
50%
60%
70%
Strongly Agree Agree Disagree Strongly Disagree
All Participant Questions
Strongly
AgreeAgree Disagree
Strongly
Disagree
% Sat
2019
% Sat
2018
% Sat
2017
% Sat
2016
% Sat
2015
When I call the ISA Service Desk (x3075 or 317-327-3075), I am
satisfied with the service I receive.44% 47% 7% 2% 91% 91% 91% 89% 83%
When I email the ISA Service Desk ([email protected]), I am
satisfied with the service I receive.39% 52% 8% 1% 90% 92% 91% 89% 80%
When I open a ticket using the ISA Service Desk Portal
(RequestIT) I am satisfied with the service I receive.41% 49% 7% 3% 90% 90% 91% 88% 79%
When I contact the ISA Service Desk outside of normal business
hours, I am satisfied with the service I receive.42% 47% 8% 3% 89% 90% 88% 87% 78%
The technical knowledge of the ISA Service Desk staff is
adequate for my needs.38% 53% 7% 2% 91% 89% 88% 86% 78%
The ISA Service Desk staff is able to understand my needs and
solve my problem upon my first request (No Repeat Tickets).36% 48% 13% 2% 85% 85% 84% 80% 69%
All Participant Questions
When I call the ISAService Desk (x3075 or
317-327-3075), I amsatisfied with the service I
receive.
When I email the ISAService Desk
([email protected]), Iam satisfied with the
service I receive.
When I open a ticketusing the ISA Service
Desk Portal (RequestIT•),I am satisfied with the
service I receive.
When I contact the ISAService Desk outside ofnormal business hours, I
am satisfied with theservice I receive.
The technical knowledgeof the ISA Service Deskstaff is adequate for my
needs.
The ISA Service Deskstaff is able to understandmy needs and solve myproblem upon my firstrequest (No Repeat
Tickets).
0%
10%
20%
30%
40%
50%
60%
Strongly Agree Agree Disagree Strongly Disagree
All Participant Questions
Strongly
AgreeAgree Disagree
Strongly
Disagree
% Sat
2019
% Sat
2018% Sat 2017
% Sat
2016% Sat 2015
The desktop/laptop provided by ISA meets the
needs of my job functions.32% 56% 8% 4% 88% 86% 91% 89% 83%
Applications on my City/County device are well
maintained and supported.30% 56% 12% 2% 86% 88% 91% 89% 80%
The network speed and performance is adequate
to perform my job functions.28% 56% 13% 3% 84% 80% 91% 88% 79%
I have adequate file storage options for my job
functions (H:Drive, S:Drive, etc.).38% 58% 4% 0% 96% 95% 88% 87% 78%
All Participant Questions
The desktop/laptop provided by ISAmeets the needs of my job functions.
Applications on my City/Countydevice are well maintained and
supported.
The network speed and performanceis adequate to perform my job
functions.
I have adequate file storage optionsfor my job functions (H:Drive, S:Drive,
etc.).
0%
10%
20%
30%
40%
50%
60%
70%
Strongly Agree Agree Disagree Strongly Disagree
All Participant Questions
Strongly
AgreeAgree Disagree
Strongly
Disagree
% Sat
2019
% Sat
2018
% Sat
2017
% Sat
2016
% Sat
2015
When working away from my desk, the City/County Wi-Fi (not
public) supports my job function.28% 57% 11% 4% 85% 76% - - -
When working away from my desk, I can easily access my
critical applications and documents.25% 54% 18% 4% 78% 74% - - -
When working away from my desk, I can appropriately
communicate with my team.31% 62% 7% 1% 93% 93% - - -
When working away from my desk, Remote.indy.gov allows me
to easily access necessary tools for my job function.28% 54% 14% 3% 82% 76% 78% 68% 72%
The provided public Wi-Fi is adequate for my visitor's needs. 24% 50% 16% 10% 74% 70% - - -
All Participant Questions
When working away from mydesk, the City/County Wi-Fi(not public) supports my job
function.
When working away from mydesk, I can easily access my
critical applications anddocuments.
When working away from mydesk, I can appropriately
communicate with my team.
When working away from mydesk, Remote.indy.gov allows
me to easily accessnecessary tools for my job
function.
The provided public Wi-Fi isadequate for my visitor's
needs.
0%
10%
20%
30%
40%
50%
60%
70%
Strongly Agree Agree Disagree Strongly Disagree
Open Feedback: Dissatisfied Users
• “Sometimes it is cumbersome or not possible to add apps or even, for example, print when I do work at home. Would also like a more user friendly interface for remote access.”
• “I have not been able to connect to the IMC network since starting my position.”
• “When you have to call ISA they usually can't fix the problem and your complaint has to be forwarded to someone that can fix the problem which can take a while and it results in a loss of productivity especially for those that work in the field.”
• “Hard to find information.” [Indy.gov website]
Open Feedback: Satisfied Users
• “Everyone who I've contacted has been immensely helpful &
kind, especially Ian. I think ISA does good work.”
• “Friendly and Funny Staff! Love that constant attention to
detail!”
• “Website for sure! The process of editing and updating the
website is MILES ahead of where we were at the beginning
of administration.”
• “Consistency is the name of the game. I have no complaints
at all with the ISA team and their level of service to us.”
Overall Satisfaction
92% of the respondents are overall “Satisfied” or
“Very Satisfied” with the services provided by ISA
2018: 90%2017: 89%2016: 84% 2015: 73%
Very Satisfied Satisfied Dissatisfied Very Dissatisfied
0%
10%
20%
30%
40%
50%
60%
Answer Choices Responses
Very Satisfied 37% 155
Satisfied 55% 226
Dissatisfied 7% 28
Very Dissatisfied 1% 6
2020 - 2024
IT Strategic Plan2020 - 2023
As of January 2020
To provide our partners with
exceptional technology services
To lead government transformation through
collaborative partnerships and modern
technology
Service Provider + Trusted Advisor
Collaborative Driver
VISION
MISSION
Technology Strategic Plan | 1
VALUES
GUIDING
PRINCIPLES
Advance internal and external partnerships
Maintain our fundamental focus, while promoting enterprise growth
Revere the responsibility of tax payer dollars
Focus on opportunities for equitable government service
Preserve the security and stability of our environment
The following values serve as the standard by
which ISA operates. These are key tenants for the way we interact and serve our partners.
The following guiding principles allow ISA to
navigate and prioritize projects and initiatives, regardless of size or scope.
Expand access to government services
Capture legally-mandated revenue
Increase efficiency and reduce the cost of operations
Foster health and safety in our community
Comply with relevant legal regulations and standards
Technology Strategic Plan | 2
CY 2020 CY 2021 CY 2022 CY 2023
Building Enterprise
Architecture
Advance Digital
Workplace
Expand Constituent
Service
Enhance Data
Capabilities
Process Automation Pilot Process Automation Implementation
Business Architecture
Technical Architecture
Disaster Recovery/Business Continuity
Partner IT Roadmap
Identity & Access Management
Enterprise Security Program
Enterprise Phone System
Video Conferencing
AP Automation
Call Center
Enterprise Content Collaboration
Remote Work Program
Kiosk Pilot
Enterprise Workflow Management
Business Portal
Multi-Channel Service Platforms
Satellite Sites
Data Dashboard Program
Intelligence-led Policing
Data Architecture
Data Warehouse Program
Document Management Program
Transparency Portal
Technology Strategic Plan | 4
Project Roadmap
ISA SECURITY UPDATEFEBRUARY 2020
NEW FEATURE: SELF-SERVICE PASSWORD RESET
2
SELF-SERVICE PASSWORD RESET
• Azure Active Directory (Azure AD) self-service password reset (SSPR) gives users the ability to change or reset their password, with no administrator or help desk involvement.
• This ability reduces help desk calls and loss of productivity when a user can't sign in to their device or an application.
3
REGISTRATION
• All users with an indy.gov email are eligible
• Link is available anywhere, from any device
• Help Desk is still available if you need help
• Pre-registration required to use tool
1. Visit https://aka.ms/ssprsetup
2. Enter credentials and click next
4
REGISTRATION
• 3. click “Set it up now” next to Phone.
• 4. Enter your personal or office phone number (personal is highly recommended for ease-of-use).
• 5. Click one of the verification options
• 6. Enter the code that is given to you to finish registering that method.
• 7. Go back and complete the same steps for email. DO NOT use your indy.gov email. A personal email is recommended.
5
REGISTRATION
• Once you’ve successfully registered, both options will show green.
6
NEW FEATURE: PHISH ALARM FEATURE
7
PHISHALARM
• Proofpoint PhishAlarm allows users to easily report suspicious mail to ISA for investigation.
• If the email is malicious it will be removed from everyone’s mailbox automatically, protecting other users from falling victim.
• The tool will close the loop with the user, letting them know if the email was clean and what to do next, thus removing the ambiguity from security incident reporting.
8
PHISHALARM
• Button in Outlook• Sends email to InfoSec team and
Proofpoint for review
• Usage• Click “Report Phish” button
• Then if you’re sure, click “Report Phish” in the pop-up window
• Pop-up prevents users from reporting important emails that have been whitelisted by ISA.
9
PHISHALARM
• Message will automatically be moved to your junk mail.
• A pop-up will explain what happens next.
• You will receive another response once the email has been reviewed:
• Malicious/Suspicious• Mail will be automatically removed
from all mailboxes
• Clean• No further action
• Bulk• For SPAM that poses no threat
• Unknown• User judgement, however, ISA does
provide some guidance. See screenshot.
10
PHISHALARM
• The process is similar on Mobile OWA
• Tap the … icon
• Select “Mark as phishing”
• No pop-up on mobile
• Outlook apps for iOS and Android have this option as well
11
PHISHALARM
• Currently a pilot group of 300+ users
• Rolling out to everyone this week
12
NEW FEATURE: WIN 7 END-OF-LIFE
13
WINDOWS 7 - END-OF-LIFE
• Microsoft has retired Windows 7 as of January 14, 2020
• What are the risks?• Security
• Compatibility
• Compliance
• Stability / Performance
• Cost
14