Wednesday, November 9, 2016 -
1:00pm to 3:00pm

Location Details: 

Information Technology Dept.
Room 438
4201 Normandy Street North
Bismarck, ND 58503

Meeting Agenda:

 

Time Topic Presenter
1:00 Update on EA Activity Jeff Quast
1:20 Update on ITD Activity Gary Vetter
1:40 Update on Agency Activities Jeff Quast
1:50 2017 IT Vendor Pool Schedule Pam Schafer
2:00

Standards Reviews

  • Acceptable Use of Electronic Communication Devices
  • E-Services Privacy
  • Email
  • Web Domain Name
Jeff Quast
2:55 Future Agenda Items  

 

Meeting Recap:

 

Update on EA Activity
  • The Security Architecture team Password Management and ITD’s enterprise solution was demoed by Josh Patrick. Agencies interested can submit a WMS to use the service at no cost. Adding a Warning Banner to all external email was also discussed and the group is recommending that the Email standard be updated to require it for the enterprise. Finally, the group discussed the minimum password length for the State Login ID and will revisit the topic at a future meeting.
  • The Data Architecture team met and reviewed several standards. Minor changes were proposed for the Electronic Data Backup standard, but there was also discussion about whether the need was more about data recovery and less about backup. The group will discuss further. The Record Migration standard was updated and an EA survey will be posted to gather feedback on the proposed changes.
  • The Application Architecture team met and discussed Application Inventory, with focus on a unique identifier for each application and deployable unit of code. There was also continued discussion about the scope and role of the Application Architecture team, and the possibility of combining it with the Data Architecture team. The group will continue discussion about how best to proceed at the December meeting.
  • The Technology Architecture is scheduled to meet 1/10/16) to discuss OneDrive usage and experience, the new Microsoft monthly update, Android device support, and the Server Operating Systems standard.

 

Update on ITD Activity
  • Gary Vetter reviewed the presentation at the Brown Bag Lunch by Bert Jacobs, titled “Life is Good" Optimism Can Take You Anywhere. He also reminded the attendees that anyone is welcome to join ITD for the Brown Bag Lunches preceding the monthly ITCC meetings.
  • State Login enhancements were reviewed, including the Capability of sending text messages and support for a second email account. Phase two will include prompting users of old accounts to update their profile upon next login.
  • The Cybersecurity Task Force report has been sent to the task force members for review and will be published soon. The next administration will determine if the task force will be continued or reestablished.
  • A recent Assurance NM notification was not received by some end users/agencies even though call lists, which are managed by the agencies, appeared to be current. Jeff Quast agreed to follow up with OMB Risk Management and report at the next meeting or have someone from OMB attend and report.

 

Update on agency activity
  • OMB has now moved Assurance CM into production, replacing LDRPS for Continuum of Operations planning.

 

Vendor pool
  • Pam Schafer reviewed the vendor pool plans and timelines. The process has become more streamlined and is paired down from previous iterations.

 

Standards Review
  • The group reviewed the Acceptable Use of Electronic Communications Devices standard and felt there no changes needed. The needs are addressed by Chapter 16 of OMB’s Human Resource Policy Manual.
  • The E-Services Privacy standard was reviewed, and some felt the reference to E-services security represented an opportunity to improve and simplify that message by possibly using one NDGOV privacy policy with an agency specific addendum if needed. The group also discussed how the standard applied to mobile applications, and agreed that privacy should be addressed during the installation process of the app on the mobile device. Several agencies indicated that they addressed it by linking from the app store to the privacy policy on the agency’s web site.
  • The E-Services Best Practices document was reviewed and the group felt it was no longer relevant or needed. An EA survey will be published to gather feedback regarding rescinding the Best Practices document.
  • The Email standard was reviewed and the group discussed the recent initiative to add a Warning Banner to external email. The group agreed that language to address the Warning Banner was more appropriated in the Email SLA instead of the standard. ITD Security agreed to draft some default options to review at the next meeting. Some agencies already using a similar banner have had some complaints about the banner language filling the description of the email in certain views, but felt the inconvenience was outweighed by measurable improvements in user awareness.
  • The Web Domain Names and Web Domain Best Practices were tabled due to lack of time and ongoing research from ITD regarding domain naming options for cloud computing.
Attachments: 
PDF icon itcc-20161109-presentation