Tuesday, March 1, 2016 -
1:00pm to 2:30pm

Location Details: 

Information Technology Dept.
Room 208V
4201 Normandy Street North
Bismarck, ND 58503

Meeting Agenda:

  • News and Updates
  • Access Control Standard and Email SLA
  • WSI Extranet Project
  • Naming Scheme for Bang Accounts
  • New Public Access Standard
  • Open Discussion

Meeting Recap:

News and Updates
  • ITD has reestablished rules to block access to EA Security Standards from public access. So anyone not on the state network will get a 404 error when trying to access those standards. Vendors that need access to the security standards to respond to RFPs can contact the assigned procurement officer to request a document that contains all of the security standards.
  • Surveys for the three updated security standards are complete and those recommended changes were approved by CIO. Those three standards, which are now following the new EA 2.0 naming convention, include:
    • SS002 Remote Access
    • SS003 Employee Security Awareness
    • SS004 Access Control             

ITD is working on how best to implement the actual changes and will communicate those details before proceeding with implementation.

Active Directory SLA
  • ITD has drafted an Active Directory SLA which was reviewed by the team and will be reviewed by the ITCC. The SLA includes the addition for ITD to lock unlock accounts across the domain, which was vetted with agencies in previous meetings before being added. The SLA will also provide the option to remove some language from the Active Directory standard, Access Control standard, and Email standard that are more applicable in an SLA than a standard.
WSI Extranet Project
  • WSI is developing an Extranet with complex authentication requirements and the group discussed the possibility of developing a new directory service that would serve the needs of WSI for this project, and could also benefit other agencies and applications. The directory would federate with other external directories and provide a semi-managed business type of account that agencies could manage. This type of service is one that is lacking form the State Login ID and could fill that gap. More to come as WSI, ITD, and the EA Architecture teams move forward.
Naming scheme for privileged accounts
  • ITD will be changing its internal naming scheme for privileged accounts to address current issues with certain systems not supporting the current naming scheme, and to clarify the type of account. It is a work in progress, and at this point, would be internal only to ITD.