Tuesday, October 6, 2015 -
2:00am to 3:30am

Location Details: 

Information Technology Dept.
Room 208V
4201 Normandy Street North
Bismarck, ND 58503

Meeting Agenda:

  • Challenge Questions in Standard
  • Securing non-MS Browsers
  • Request Managers Roles
  • Final review of Standards

Meeting Recap:

  • News and updates from ITD:
    • A Password Management solution for agency use is now running and as soon as it is properly configured, it will be available at no cost.
    • The VPN now supports Windows 10
    • ITD is now using Multifactor Authentication for all employees when they connect via the VPN and the Tax Dept. and Bank of North Dakota are also using for VPN.
    • A Cyber Security Task Force has been announced by the Governor’s Office
    • ITD has done some research to look at alternative Anti-Virus solutions and trends. Analyst recommendations were to only migrate if it was a high priority or the current solution was causing problems. Agencies are not required to use the enterprise solution, but the cost is included in the existing Technology Fee
  • Challenge Questions in Standard
    • Beginning November 1st, ITD will be stricter about enforcing password resets when challenge questions are not answered correctly on the first try. The EA Security team discussed whether addressing that in an EA standard is needed to cover accounts that are not managed by the agency or ITD’s service desk. No conclusions were reached and the topic will be discussed further
  • Securing non-MS Browsers
    • The team discussed the concerns or issues with patching browsers. Chrome supports group policy but Firefox does not. We could push updates with SCCM but would need to manually create the packages. The team feels we still need to maintain that IE is the browser of choice for enterprise applications whenever possible. The team also discussed issues with ConnectND and IE or other browsers, although it may be a better topic to take to the Technology Architecture team.
  • Request Managers Roles
    • The team discussed the need to clean up WMS when people leave or change jobs. The lead request manager should have access to users questions and answers in WMS and should address:
      • Disabled accounts with questions/answers still intact
      • Enabled accounts without questions/answers
      • Enabled account with questions/answers