Call for Procurement Project in the Spotlight
IOT Active Directory Project in 2018
Emergency Change Management Requests (ECMR) Decline
What's interesting from 2017
IOT 24x7x365 Support
Call for Procurement Project in the Spotlight
Robert Paglia, IOT’s Chief Administrative Officer, was recently interviewed about the State of Indiana's IOT’s Call for Projects and Procurement (CFPP). The portal allows for the collection, analysis and reporting on planned IT activities, including projects and on-going operations. Placing all this information in one location facilitates IOT’s ability to forecast demand on IT services and resources, leverages shared services opportunities and assess IT project risk, complexity and priority to ensure consistency with statewide project management practices.
To create this portal, IOT collaborated with IDOA and other agencies by using the Salesforce platform and leveraging Persistent Systems to assist with the implementation.
Robert Paglia, Chief Administrative Officer, the Indiana Office of Technology
“This implementation is a win-win not just for our centralized departments, but also for our agencies and of course all Hoosiers. The power and flexibility of the Salesforce Platform combined with Persistent Systems’ expertise in understanding our business needs allowed the project to be delivered on time and on budget despite various changes to the project. 98% of our requirements could be done through configuration and only two small items needed any level of customization or coding."
Persistent Systems was very enthusiastic about the project and created a summary video, which can be viewed at https://youtu.be/ep17_BFSJDc (users will need to have YouTube permissions to view).
IOT Active Directory Project in 2018
As many know, the cybersecurity threat landscape continues to grow and change rapidly. With devastating global ransomware outbreaks such as WannaCry and Petya and the impact on companies such as Merck, IOT and the State need to anticipate and address key threats facing IT environments. Results from cybersecurity assessments continually show gaps in the area of Identity and Access Management (IAM). With lateral movement capabilities such as pass-the-hash, it is imperative that we recognize the risk and address it appropriately.
With that, Executive Leadership has determined IOT will embark on a formalized project: Active Directory/AD Hardening. 
This project is designed to greatly enhance the State’s IAM approach and infrastructure. Over the next 12 months, one of IOT’s top priorities is to build and create a world-class IAM infrastructure that is secured against credential theft and resilient to broad compromise.
The largest impact will be on operational teams that use privileged accounts and our domain admins. There will also be agency impact where the Active Directory domain security needs to be enhanced using the latest protocols (i.e. 2003 Servers and other down-level clients using deprecated protocols cannot exist). IOT will be introducing concepts such as tiered administration, privileged account workstations and more. It is an exciting project and one that requires an intensive lift from the Operations Team. Multiple areas may have some impact, we ask that if you are called upon during the course of the project, that the work needed becomes a priority.
Emergency Change Management Requests (ECMR) Decline
One of IOT's goals is to reduce the number of emergency change management requests (ECMRs). To that end, IOT created the Change Management Advisory Board (CAB), which meets weekly, to review all change requests. Limiting the amount of ECMRs helps reduce the risk of having systems break by allowing IOT and agencies to properly test.
During the third quarter this year there were 341 CMRs reviewed by the CAB. Of these, 61 were classified as ECMRs, which accounts for 17.9% of the total that were submitted during this period. This represents an 8.6% improvement from Q2 2017, where the percentage was reduced down to 26% from our starting number of 31% for Q1 2017.
CMR | ECMR | %ECMR | |
Q1 2017 | 247 | 77 | 31.1% |
Q2 2017 | 336 | 89 | 26.5% |
Q3 2017 | 341 | 61 | 17.9% |
What's interesting from 2017
IN.gov provides a variety of tools for use by agencies and separately-elected offices to better digitally communicate, including Siteimprove analytics and GovDelivery.
One of those tools is an analytics suite, to know how citizens are using the website. Let’s examine some data from 2017.
* 64,510,748 – visits (23% increase over 2016)
* 8,152,026 – number of searches (average of 22,334 per day)
* license, bmv, jobs – the top three most frequently searched terms
* 1,294,793 – visits coming from either GovDelivery or Facebook
* 1,224,020 – number of FAQ views (average of 3,354 per day)
GovDelivery, a mass email service, is another tool provided by IN.gov. GovDelivery comes in two versions, regular and Network. The GovDelivery Networks costs $1,000 per year for an account, which provides more branding control and access to the Network.
Accounts in the Network are promoted across GovDelivery services, providing more organic subscribers. For example, when a user completes signing up for an INDOT subscription, they are shown a list of other subscriptions which they may have interest. One of the ways how this is derived is that people who subscribed to INDOT, in this example, also subscribed to the following topics. Think Amazon; people who bought X, also bought Y.
* 30 – agencies, separately-elected offices or branches of government with GovDelivery Network accounts
* 60.6% – percent of all new subscribers attributable to the Network
* 14,335 – total emails sent (18% increase over 2016)
* 76,563 – subscribers added because of the Network
* 6,863,131 – total amount of subscribers
* 52,722,233 – total email recipients (25% increase over 2016)
If you have a GovDelivery Network account, you can check your stats by logging into GovDelivery, clicking Reports and then Account Performance.
IOT 24x7x365 Support
IOT offers a fully-staffed help desk from 6:00 a.m.-6:00 p.m. Monday through Friday, but did you know if you have an emergency you can still speak with a live representative after those hours? After the main help desk closes at 6:00 p.m., all calls to 234-HELP (4357) go to the IOT Operations Center.
With an emergency, IOT Operations will attempt to solve the problem. If they are unable to succeed, Operations has a phone tree for each IOT Department to begin resolution on any emergency.
Register for self-service password reset today and you won't need to call the helpdesk if you forget your password.
Go to https://password.IN.gov