Capitals in the Clouds Part V: Advice from the Trenches on Managing the Risk of Free File Sharing Cloud Services

/in , , /by

Cloud-based file sharing solutions have become very popular and certainly a growing and significant part of day-to-day computing. It is easy to see why these services are attractive to state government users after using them in many facets of their personal life. With a wide variety of choices in the market, these solutions are easy to access, configure and use. They support multiple devices (especially mobile), and data in multiple formats. The most important consideration for state employee users – these file sharing services are free. Since the release of the 2012 NASCIO and Deloitte Cybersecurity Study, more security and policy questions have been raised on the use of free cloud services by states. In addition to the May 2012 Capitals in the Clouds IV guidance on rogue cloud users, states have continued to seek out leading practices on how to put the proper controls in place, meet security standards, craft acceptable use policies, and identify the open records and legal concerns regarding terms of service. This brief helps to provide real experience from Commonwealth of Pennsylvania on free cloud services.

Download

The Changing Roles of the Chief Architect and the CIO

/in , /by

Three important findings have combined to motivate this topic:

  • #1 Poor data management performance to date (requires additional or difference effort)
  • #2 Recognition that data is not a project (requires a difference approach)
  • #3 Lack of domain expertise (requires different career preparation)

Combined these three findings require a new look at these roles.  This webinar will explore the role of a Chief Data Officer (CDO) as a function needed by organizations (especially state governments).  While we don’t yet have all the answers, we can at least lay out three necessary but insufficient prerequisites to making progress faster than we have achieved to date.

Host:
Eric Sweden,
Program Director, Enterprise Architecture & Governance
NASCIO

Presenter:
Dr. Peter Aiken
Associate Professor
Department of Information Systems/VCU
President:  DAMA-International  http://dama.org

Peter Aiken, Ph. D. is widely acclaimed as one of the top ten data management authorities in the world.  In addition to examining the data management practices of more than 500 organizations, he has spent multi-year immersions with organizations as diverse as the U.S. Department of Defense, Deutsche Bank, Nokia, Wells Fargo, the Commonwealth of Virginia, and numerous other high profile clients.  As President of DAMA International, his expertise in the practice is unquestioned.  He has been an Associate Professor at Virginia Commonwealth University’s School of Business Information Systems Department since 1993 and owns Data Blueprint, an award-winning data management and IT consulting firm.
Files:
Download Presentation

 

 

 

Download Audio

 

 

 

Driving Efficiency and Innovation by Consistently Managing Complexity and Change

/in , /by

This presentation outlines the four pillars of a Holistic Enterprise Architecture: architectural models, framework, methodology, and implementation/solution models. It also explains the business and technology gains, and demystifies the practice of implementing a successful Holistic Enterprise Architecture.

Agenda:

  • The Four Pillars of Holistic Enterprise Architecture
  • Business and Technology Gains Achieved through Enterprise Architecture
  • How to Implement Successful Holistic Enterprise Architecture

Host:
Eric Sweden,
Program Director, Enterprise Architecture & Governance
NASCIO

Presenter:
Samuel B Holcman
Pinnacle Business Group, Inc.
Enterprise Architecture Center Of Excellence (EACOE)
Business Architecture Center Of Excellence (BACOE)

Summary:
This presentation outlines the four pillars of a Holistic Enterprise Architecture: architectural models, framework, methodology, and implementation/solution models. It also explains the business and technology gains, and demystifies the practice of implementing a successful Holistic Enterprise Architecture.

It is only within the past 20 years that we have begun to develop an art and science for identifying and defining the graphical and textual descriptions of whole enterprises. Until this time, any art or science that we had related to this endeavor pertained to parts of enterprises – for example, organizational design and/or systems development. Because the focus of this presentation is on Enterprise Architecture, have there been successful enterprises that were never architected?

Yes. However, they were successful in relation to other non-architected enterprises. Moreover, the pace of change was slower in the industrial age, compared with the information age of today. Contemporary enterprises have to be able to adjust much more rapidly to meet changing demands in the face of global competition. This makes it critical to have readily available descriptive representations of one’s enterprise to use as a basis for making change.

The age-old question now arises in enterprises:

  • How can one change something that one cannot “see”?
  • How does one “see” an enterprise?

This is Holistic Enterprise Architecture.

DISCLAIMER
NASCIO makes no endorsement, express or implied, of any products, services, or websites contained herein, nor is NASCIO responsible for the content or the activities of any linked websites. Any questions should be directed to the administrators of the specific sites to which this publication provides links. All critical information should be independently verified.

This project was supported by Grant No. 2010-DJ-BX-K046 awarded by the Bureau of Justice Assistance. The Bureau of Justice Assistance is a component of the Department of Justice’s Office of Justice Programs, which also includes the Bureau of Justice Statistics, the National Institute of Justice, the Office of Juvenile Justice and Delinquency Prevention, the Office for Victims of Crime, and the SMART Office. Points of view or opinions in this document are those of the author and do not necessarily represent the official position or policies of the U.S. Department of Justice.

Files:
Download Audio

Limitations on Liability Infographic

/in /by

NASCIO’s 2004 publication NASCIO on Unlimited Liability – Gaining Traction on the Road to “Win-Win” recommended changes to the state IT procurement policy regarding limitations on liability, and research from 2010 and 2012 show subtle changes have occurred in the states. This infographic indicates which states have limitations on liability in statute, which states have none, and which states are able to negotiate limitations on a case by case basis, and compares the current situation to previous NASCIO research.

Download

Hawaii Integrated Information Sharing and the Open Justice Broker Consortium

/in , /by

Join us to learn how the state of Hawaii has partnered with state and local government to share justice information using NIEM, and the Global Reference Architecture (GRA).

The presentation will focus on the Hawaii Integrated Justice Information Sharing (HIJIS) program, the state of Maine Incident Reporting Service, and the Open Justice Broker Consortium (OJBC).  The HIJIS program involves Hawaii’s state, county, and federal justice and related non-justice agencies for timely sharing of justice-related information.  The state of Maine has also joined the consortium as a contributing partner.  The OJBC is a consortium of state and local justice information sharing partnerships that is developing and supporting an open source, standards-based platform to enable information sharing services for HIJIS and its other member jurisdictions.  More information on the OJBC and how to join as a partner is provided at www.ojbc.org.

Host:
Eric Sweden,
Program Director, Enterprise Architecture & Governance
NASCIO

Presenters:
Clay A. Sato
Data Processing Systems Manager
Hawaii Criminal Justice Data Center
Department of the Attorney General

Glenda Winn
Systems Analyst
Office of Information Technology
Maine State Police

Scott Came
Deputy Executive Directo

Files:

Download Presentation

 

Download Audio

NASCIO Call-to-Action: The Necessity for Maturing Identity and Access Management in State Government

/in , /by

As state leaders act to streamline services, consolidate IT infrastructure and perform more efficiently, trusted digital identities and their authentication becomes a critical enabler with the digital ecosystem. All levels of government and the private sector, are confronted by this challenge and are working together to create common policy, guidelines, standards, and responsibilities to protect cyber assets and ensure appropriate mechanisms are in place for a coordinated identity ecosystem. This guidance presents the value proposition along with key factors for establishing an enterprise-wide approach to identity management.

 

Download

What Makes Collaborative Initiatives Work?

/in , , , /by

Collaboration is a major part of the solution to sustaining and thriving government organizations and services. But it has to be done correctly so it is effective, can sustain through the life of the initiative’s intent, and can adapt with changing environmental circumstances. No matter what service area, mode of delivery, management area, or technology, collaborative arrangements should be considered as an alternative that may deliver the most effective outcomes.

NASCIO is actively investigating existing collaboratives in order to promote collaborative arrangements across government and to uncover operating discipline and best practices that make for successful collaboratives. These best practices support strategy, governance, program and project management, organization, operations and effective application of technology.Collectively these best practices are imbedded in the enterprise architecture of successful collaboratives.

 

Download

NASCIO Cyber Security Awareness Resource Guide

/in /by

For the 2012 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

 

Download

2012 Deloitte-NASCIO Cybersecurity Study – State Governments at Risk: A Call for Collaboration and Compliance

/in , /by

This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers conducted by NASCIO in partnership with Deloitte in July and August of 2012. Both a repeat and extension of a Deloitte-NASCIO survey originally conducted in 2010, it documents the relative strengths and weaknesses of the security programs that protect state governments’ vital systems and data. The study identifies areas of concern expressed by state CISOs, and provides a call to action for state CIOs and policy officials on the critical need to support and enhance cybersecurity programs.

Download