While IT Optimization provided the standardization necessary to drive economies of scale through infrastructure consolidation (server, storage, mainframe, and network), the State of Ohio is now focused on the next step – IT innovation.
With the signing of Executive Order 2019-15D, Governor Mike DeWine established the statewide focus on IT innovation. The goal is to make State government a more effective and efficient leader in using technology to improve customer service and save tax dollars. The governor, lieutenant governor, and state chief information officer (CIO) are working together to make IT innovation a top priority. They are committed to improving the lives of citizens and state service delivery through innovative technologies.
While great progress has been made since the signing of the executive order, there is more to be done. The IT Innovation Technology Strategic Plan for 2020-2022 continues to build on the successes of the past, supporting the vision of the DeWine-Husted Administration. IT Innovation will streamline and modernize State IT through a focus on digital experience, data analytics, enterprise shared services, on premise or in public clouds, and collaboration.
The strategy focuses on one team, with one goal - to leverage technology to better serve the people of Ohio.
Ohio Attends NASCIO’s Annual Conference & Receives State IT Recognition Award - 11.8.2021
The 2021 NASCIO (National Association of State Chief Information Officers) Annual Conference was recently held in Seattle, Washington on October 10th through 13th. State CIO Katrina Flory attended and participated in a panel discussion on states accelerated deployment of digital public services during COVID-19. State CIO Flory discussed Ohio’s ability to quickly collaborate across agencies to rapidly deliver the necessary IT support during the pandemic. This included activities such as the deployment of coronavirus.ohio.gov; providing timely data analysis, reporting, and visualizations; leveraging OH|ID technology to quickly grant customized access and permissions to the State’s COVID-19 patient-contact tracing system; and delivering JobSearch.ohio.gov within one week, to help those displaced from their current jobs due to COVID-related layoffs.
State CIO Flory also shared her perspective on this year’s State CIO Survey, emphasizing the value of the information sharing tool, which allows states to benchmark their efforts against initiatives nationwide. The survey covers a variety of topics, including: COVID-19 pandemic impact and transformation, cybersecurity, digital services, emerging technologies, broadband and wireless connectivity, cloud, budget and cost control, identity and access management, and legacy modernization.
Another highlight of the conference included NASCIO’s announcement that Ohio received a State IT Recognition Award in the Cybersecurity category for its OH|ID Next Brings Power to the People submission.
OH|ID accounts let citizens and businesses interact with multiple State agencies and access a variety of services. OH|ID Next enhances self-service account tools and features for State agencies, citizens and businesses.
The OH|ID release included Audience Manager, a simple, secure interface to manage user access and account permissions. It allows agencies to ensure users only have access to the content they are authorized to see. Citizens and the State workforce are also empowered to control the security surrounding their accounts.
Ohio’s submission, Advancing Ohio Data Transparency and Access through the DataOhio Portal, was also a finalist in the Digital Services: Government to Citizen category. Lt. Governor Jon Husted and InnovateOhio launched the DataOhio Portal in December in partnership with the Ohio Department of Administrative Services Office of Information Technology InnovateOhio Platform.
The public-facing portal contains some of the most-requested public and secure data allowing for unprecedented transparency and access. Today, the portal includes 257 datasets from 80 agency programs contributing data, and 146 interactive visualizations to inform data-driven decision-making for state agencies and their partners.
Sponsored by NASCIO, the annual State IT Recognition Awards honor the innovative use of information technology in state government to address critical business problems, more easily connect citizens to their government, improve business processes and create new opportunities that improve the lives of citizens.
October is National Cybersecurity Awareness Month - 10.1.2021
“[M]aintaining the security of cyberspace is a shared responsibility in which each of us has a critical role, and awareness of computer security essentials will improve the security of Ohio’s information infrastructures and economy,” say Governor Mike DeWine and Lieutenant Governor Jon Husted. Because of that critical role, Governor DeWine and Lt. Governor Husted have designated October as Cybersecurity Awareness Month!
A critical component in securing data is providing security training to the State’s workforce. Training helps to ensure that policies to protect critical data and systems are followed. It is also important that people who work with State data are aware of information security standards and practices that can help prevent data loss, system interference and misuse, and business interruptions.
The DAS Office of Information Security and Privacy (OISP) conducts annual Securing Ohio training, hosts the Ohio Cybersecurity Day, and provides security and privacy tips and information throughout the year. In addition, every month phishing email tests are performed statewide. Thirty-one agencies, boards and commissions are working with DAS OISP to exercise the security awareness skills of State users and to evaluate the effectiveness of security and privacy awareness training. The monthly phishing tests, which are simulations of phishing emails, do not actually expose data or compromise the recipient’s computer.
Ohio Cybersecurity Day Reminder
In recognition of Cybersecurity Awareness Month, the 2021 Ohio Cybersecurity Day virtual event will be held on October 26th from 9:00 a.m. – 1:00 p.m. The topics covered during this year’s event include:
• Updates from the Multi-State Information Sharing and Analysis Center (MS-ISAC), Homeland Security, and the Cybersecurity and Infrastructure Security Agency (CISA) • Privacy • Role of Breach Counsel • Risk Management
Registration is free and open to state and local government employees. Register now at: infosec.ohio.gov url.
Coming Soon - Multifactor Authentication for Microsoft Office 365 Applications - 9.8.2021
As you may have already heard, a project is currently underway within DAS to rollout multifactor authentication (MFA) for Microsoft Office 365 applications (O365 applications) to agency users. The MFA service is for all O365 applications. This includes, but is not limited to: Outlook, Teams, OneDrive, Word, Excel, PowerPoint, and SharePoint.
MFA takes authentication (proving that you are who you say you are to an information system) a step beyond the traditional user ID and password process. This additional step protects State data by using a second source of validation to verify user identity before granting access. Specifically, DAS users will be required to enroll a device (phone line or mobile device) in Duo Security to complete the O365 application authentication process. Once enrolled, daily identity verification will be accomplished via a push notification, phone call or passcode entry, as selected by the user.
To help facilitate the verification process, users will have the option to download the Duo Mobile app onto an iOS or Android device (e.g., mobile phone). The app offers an easy way to receive a push notification or passcode to complete the authentication process. However, users can also receive phone calls or text messages to authenticate.
Implementing MFA for the State’s O365 offerings will substantially reduce enterprise risk to the State. According to the National Security Agency, "MFA has evolved as one of the most effective controls to protect an enterprise. MFA presents a significant obstacle to attackers trying to gain or maintain access to an organization's network.”1
The DAS MFA rollout is expected to be completed in mid-September. Upon successful completion, the objective is to extend the use of MFA for O365 applications to all State agencies, boards, and commissions to further safeguard State data. If you have any questions regarding this effort, contact the Customer Service Center (CSC) by email, csc@ohio.gov, or by phone, (614) 644-6860 or (877) 644-6860.
1National Security Agency Cybersecurity Information, “Transition to Multi-Factor Authentication, A Common Tactic.” National Security Agency August 2019. < https://media.defense.gov/2019/Sep/09/2002180346/-1/-1/0/TRANSITION%20TO%20MULTI-FACTOR%20AUTHENTICATION.PDF>.
State CIO and CPO Discuss IT Procurement in Ohio - 8.6.2021
State Chief Information Officer (CIO) Katrina Flory and Chief Procurement Officer (CPO) Kelly Sanders recently lead a State of Ohio Strategic Discussion on Tech Procurement at an event hosted by the Ohio Innovation Technology Association (OITA). They discussed the strong partnership and strategic alignment between IT and procurement that results in leveraging the State’s buying power to create efficiencies and savings for the State of Ohio.
CPO Sanders emphasized that procurement is continually looking for ways to simplify and modernize IT procurement, while ensuring a fair and competitive selection process. State CIO Flory explained that IT plays a critical role, providing feedback regarding the agency and vendor IT procurement experience. In addition, the State’s IT strategy and agency IT requirements are shared with procurement to help identify enterprise purchasing and contracting opportunities.
CPO Sanders and State CIO Flory agreed that one way to achieve efficiencies is by focusing on the establishment of pre-qualification contracts. These contracts allow for the purchase of IT services through a statement of work, as opposed to each agency having to create a competitive solicitation each time they want to make a purchase within a certain technology category.
Finally, CPO Sanders and State CIO Flory discussed the implementation of Ohio|Buys, the State’s online purchasing solution that empowers both government buyers and interested suppliers. Ohio|Buys leverages innovative technologies to increase efficiency, opportunities, and participation with businesses in Ohio.
ODNR Launches Fish Stocking Dataset - 7.6.2021
On June 16, 2021, the Ohio Department of Natural Resources (ODNR) was the most recent agency to join the DataOhio Portal (DOP) with the addition of a new fish stocking dataset and visualization.
About the DataOhio Portal
The DataOhio Portal is a public-facing portal that provides 220+ datasets and 100+ interactive visualizations to inform data-driven decision making for state agencies and their partners. The DOP is a first of its kind state technology, enabling data collaboration and sharing while also featuring enhanced security and privacy.
The DOP illustrates the State of Ohio’s commitment to become more customer-centric and data-driven, ultimately allowing state agencies, programs, and entities to better serve Ohioans. The DOP offers significant value drivers for Ohio:
More information about the InnovateOhio Platform is available on the InnovateOhio website. For general inquiries, please contact the InnovateOhio Platform team.
With a focus on IT innovation and in support of the 2020 IT Innovation Technology Strategic Plan, the Department of Administrative Services (DAS) Office of Information Technology (OIT) established an IT Engagement model that includes the Technology Advisory Council (TAC) and Technology Advisory Groups (TAG).
The IT engagement process will facilitate the identification of various DAS OIT and agency supported Innovation Committees (IC) that will assist in realizing the principles and goals of the TAC and TAG.
Technology Advisory Council (TAC):
The TAC membership includes a core group of DAS OIT leadership and six agency chief information officers (CIOs).
The guiding principles of the TAC include: innovation, enterprise perspective, economy of scale (cost containment), collaboration, strategic alignment, business value, and customer service.
Technology Advisory Groups (TAG):
The TAG consists of six groups to champion the top technology priorities, each group is supported by a DAS OIT subject matter expert. These priorities include: Cybersecurity & Risk Management, Digital Services/Digital Government, Cloud Services, Data Management & Analytics, Identity & Access Management, and Workforce.
The guiding principles of the TAG include: enterprise perspective, collaboration, actionable engagement, efficiency/reduction of redundancy, innovation, and value.
The TAG, associated chairs, and partner agencies are organized as follows:
Adjutant General Administrative Services Higher Education Lottery Public Safety Secretary of State
Michelle Burk Opportunities for Ohioans with Disabilities
Administrative Services Agriculture Bureau of Workers’ Compensation Insurance Transportation
Scott Brock Development Services Agency
Administrative Services Commerce Environmental Protection Agency Ohio Facilities Construction Commission Inspector General Mental Health & Addiction Services
Nate Huskey Health
Administrative Services Attorney General Auditor of State Developmental Disabilities Education Medicaid Treasurer of State
Venu Pallerla Public Utilities Commission of Ohio
Administrative Services Aging Budget and Management Public Defender Taxation Ohio Turnpike and Infrastructure Commission
Mark Smith Job and Family Services
Administrative Services Industrial Commission Legislative Information Systems Rehabilitation & Correction Veterans Services Youth Services
IT Innovation Information Center
InnovateOhio Platform
IT Application Center
Customer Service
Service Catalog
IT Enterprise Services portal
IT Strategy and Investment Management
MARCS
9-1-1 Program Office
Telecommunications Contracts and Cloud Services Agreements
Ohio Geographically Referenced Information Program (OGRIP)
Enterprise Project Management Office
Ohio IT Statutes and Administrative Rules
Governor's IT-Related Orders and Directives
State of Ohio IT Policies
State of Ohio IT Standards
State of Ohio IT Bulletins
Enterprise IT Procedures
Statewide Enterprise Buys
Next Generation Telephony Service Virtual Meeting Guidance Local Governments and Political Subdivisions State Agencies, Boards, and Commissions
