COT Town Hall

Thursday, Aug. 27, 2015

AgendaOpening remarks CIO Jim Fowler

Employee of the Month recognition AwardsSoftware SunsetWindows FutureFY 17/18 Billing philosophy and rates

•Office 365 – Rick Woodruff, Jim Barnhart and Tamara Pigeon

•I.3 Status Update – Andrew Smith

•KECC Drive – Liz Rodgers

•GIS Award Presentation

•Service Development Lifecycle (SDLC) Presentation – James Koontz

•Strategic Plan Update – Glenn Thomas

•Security Roadmap – David Carter / Elwyn Rainer

•Service Catalog Overview – Liz Rodgers •Getting Ready for the Cloud – Stuart Johnston

•Questions & Answers – Jim Fowler

Jim FowlerChief Information Officer

Employee of the Month recognition Awards

Software SunsetWindows Future

FY 17/18 Billing philosophy and rates

Employee of the Month

Winners

JanuaryFebruary

MarchAprilMay

JuneJuly

Tary FullerNeil HamiltonBarrett Richardson Michael Powell John Modlin Matt Lewis Sessani Withers

Office 365 Proof of ConceptRick WoodruffJim Barnhart

Tamara Pigeon

Why Office 365

Considerations for moving to the Office 365 platform•New features in Office 365

– Native encryption for email: Type a word in the subject line like “Secure” and the system will see the word and automatically encrypt the email

– Data Loss Prevention: Control what happens to an email after you’ve sent it. If you only want it to go to your intended audience you can prevent it from being forwarded.

– Automatically encrypt emails that have certain types of private information: Policies scan content that looks like social security numbers or protected data and automatically encrypts emails.

– License users and not machines: Users can have Office 365 on up to 5 different devices•Projected Cost savings over the next 6 years

– $600k -$1.2 Million

•A step to becoming a true service delivery organization– Allows COT to be spending time on higher value service delivery activities

How are we going to do it?

• Proof of Concept– Identify candidates \ migrate 100 users email and personal network drives into

the cloud– Perform normal day to day operations and get feedback from users– COT members to execute test scripts

• Solicit feedback from agencies– Explain the baseline security of Office 365 via the BRMs– Identify exceptions\agency requirements on what else they need to be

compliant in the cloud with email or personal files • Create a plan on how to execute a large Enterprise rollout

– What agencies first?– Do we need to upgrade any existing systems before rolling out?– Establish training and communication plans for large audiences

• Evaluate the feedback from all items. Make a decision…do we take the Enterprise to Office 365?

Town Hall Meeting Review

8-27-2015

Goals

9

Program Goals

10

I.3 Program Implementation Roadmap (Initial)

FY14T

ran

sfo

rmat

ion

Man

agem

ent

Tec

hn

olo

gy

Tra

nsf

orm

atio

n

Facilities Transformation

Technology Services (Server, Storage,

Databases, Tools)

Security

Program Management

Financing & Sourcing

IT Service Management

(ITSM)

Workforce Transformation

Organizational Development &

Training

Develop Program

Financial ModelManage & Update Program Financial Model (Continuous Improvement)

Document COT Service

Descriptions & Rates

Document Detailed

Application / Infrastructure

Mapping

Create Enterprise

Architecture -

Develop Upgrade

Plans

Develop Security Framework Update

Security Req. & Plan

Review Current IT

Service Management

Organization, Policy,

Processes, & Tools

Review Current Services & Service

Level Requirements

Begin Service Management (ITSM) Upgrade Program

Implement & Manage Security Projects (Continuous Improvement)Update Security

Policy & Processes

Program Charter Executive Management & Oversight

Cabinet Transitioned InfrastructureLocation/Space Selection

Facility Design/Upgrade Upgrade Data Center Facilities for Cabinet Transitioned InfrastructureAnalyze Requirements

Measure & Refine

Workforce Organization

Develop Transition

PlanExecute Workforce Transition, transitions occur with Cabinet Infrastructure Transition

Implement / Refine / Update Service Catalog & Rates (Continuous Improvement)

Develop Process to Capture Financials (Current &

Future)

Analyze COTTechnology

Upgrade Requirements

Implement New Operations Model(ITSM Phase 1 Projects)

Develop Training Content

Execute Training

Develop Workforce Training

Plans

Identify Implementation Team (roles &

responsibilities)

Select Implementation Teams Members

Monitor and Update I.3 Program Plan

Commit Milestones

Provide Ongoing COT IT Operations Management

Decommission Cabinet IT Infrastructure Operations & Assets – Post Transition

Tra

ns

form

ati

on

Pro

gra

mO

p s

Work Threads FY15 FY16

Migrate CPE Data Center

FY13

POC(OSBD)

Migration

Business Continuity &

Disaster Recovery

Update BC & DR Architecture and

Services

Review Cabinet BC & DR

Requirements Implement & Manage BC & DR ArchitectureUpdate DR

Infrastructure Develop Cabinet

BC & DR Plans

Service DeskUpdate Service

Desk Processes & Front Range Tool

Review Service Desk Req.(Tools & Process)

Develop Service Desk Upgrade Plan

Service Desk Transitions occurs with Cabinet Infrastructure TransitionsDevelop Service Desk

Training Program

Execute Service Desk

Begin Infrastructure Transition

Execute Security Architecture

Design Program Governance

Implement Program Governance Manage Program Governance (i.e., TAC, CAB, Configuration Mgmt, Change Control, Release Mgmt, etc.)

Create Implementation

Processes, Metrics & Templates

Migrate EDU Data Center

Migrate GAPS Data Center

Migrate Justice Data Center

Develop Cabinet/Agen

cyDetailed

Transition & Test Plans

Migrate CHFS Data Center

Migrate FIN Data

Center

Migrate KYTC Data Center

Migrate CED

Data Center

Migrate Labor Data

Center

Migrate General Gov. Data Center

Stabilize COT

Environments-

Review Infrastructure Architecture Performance

Optimize COTEnvironments

-Develop

Optimization Plans & Future

Architecture Revisions

Service Level Baseline Period occurs with Cabinet Infrastructure Transitions Service Level Optimization & Continuous Improvement

Migrate Personnel Data Center

Document POC

Lessons Learned

Program Plan

Test Cabinet BC & DR Plans

Monitor & Report COT Service Level (Baseline Review)

Infrastructure TransitionCompleted

Security Access Mgt. Installed

Manage Cabinet IT Infrastructure Operations & Assets – Pre-transition

Ongoing Training & Development

Implement New Operations Model (ITSM Phase X Projects)

(Continuous Improvement)

POC(OSBD) Network

Document POC LLs

Network Services

(Data & Voice)

Stabilize COT

Network Environments

Review Network Performance

Optimize NetworkDevelop

Optimization Plans Future Architecture

Develop Desktop Implementation

PlanDesktop Services

Optimize Desktop Refresh Program(Continuous Improvement)

Continuous Improvements

Analyze Network

Requirements

Create Enterprise Network

Architecture

Develop Cabinet/AgencyDetailed Network

Transition & Test Plans

Develop COT Network and Toolset Upgrade

Plans

Define IT Service Management

(ITSM) Architecture

Define Process, Roles, Tools

Service Level Monitoring & Reporting occurs with Cabinet Infrastructure Transitions

Migrate Tourism

Data Center

Migrate CPE Network

Migrate EDU Network

Migrate GAPS Network

Migrate Justice Network

Migrate CHFS Network

Migrate FIN Network

Migrate KYTC Network

Migrate CED

Network

Migrate Labor

Network

Migrate General Gov.

Network

Migrate Personnel

Network

Migrate Tourism Network

Ser

vice

s T

ran

sfo

rmat

ion

Organization

Change Manageme

ntCabinet Communications

Identify Business

Relationship Managers

Deploy Business Relationship Managers

Executive Leadership / Stakeholder Workshops

Define & Implement Proof of Concept

Define & ImplementCampaign Initiatives

Define & ImplementCompliance & Audit Reviews

Stabilize Service Desk Delivery

Optimize Service Desk

Delivery Performance

Continuous Improvements

Upgrade Desktop Support

Processes

Ongoing Security & Compliance Assessments

Ch

ang

e L

ead

ers

hip

Quarterly Desktop Refresh

Quarterly Desktop Refresh

Quarterly Desktop Refresh

Quarterly Desktop Refresh

Perform Infrastructure and Tool Set Upgrades

Update Rates FY15/16Implement COT Service Descriptions & Rates

Implement Service Desk Training Program occurs with Cabinet Infrastructure Transitions

Where are we now?

• Majority of desktops in the executive branch are managed by COT (n>90%)

• Majority of servers in the executive branch are managed by COT and (if possible) located at the CDC (n>90%)

• Majority of Network systems are managed by COT (n>90%)

• Most agencies are either integrated into COT Operations or preparing to transition to COT Operations

Where are we now?

• Database Administration is in transition to COT • Storage has been centralized allowing more

effective provisioning and use of the Commonwealths storage arrays

• Disaster recovery is now handled by COT via the ADC (as requested) with TSM backups by default replicated to the ADC for high protection

What is left?

Status of Core Technology by 8-15-2015*

* Based on completion schedule current in progress

Working Schedule

TRANSFORMATION AND LESSONS LEARNED

COT Techical Transformation

COT Technical Transformation

240% increase

COT Technical Transformation

214% increase

COT Organizational Transformation?

What have we learned?

• COT departments and agencies need to collaborate more successfully and to be successful

• Self reported data is misleading in many cases• The level of application documentation for many

Commonwealth applications is not consistent• Foundation processes are not available in most

agencies, too many relied purely on “tribal” knowledge

• Backup, virus protection, inventory and other foundation items were not always being done

What have we learned?

• Active Directory processes were not consistent among agencies, some agencies had never deleted older employees making cleanup longer

• Multiple Windows 2000 servers and older made virtualization difficult to impossible

• With no SDLC (Software Development Life Cycle), many agencies did not consider long term solutions for application delivery, causing issues with out of date software, equipment and processes

Ongoing Risks/Blockers

The Future

As I.3 ends we will need to continue to foster a culture where collaboration and

cooperation (Inside of COT and with our customers) continues to take advantage of

the tools and experience across the Commonwealth. We have seen the ability for all areas of COT and agencies to be great partners and need to capitalize on these positives to continue to succeed.

KECCLiz Rodgers

Special Achievement in GIS

Office of Application DevelopmentDivision of Geographic Information

Award Presentation

Enterprise Systems Development Life-Cycle

(SDLC)

Presentation at COT Town HallAugust 27, 2015

Workgroup Charge

It is the purpose of this committee to consider a Systems Development Life Cycle (SDLC) for adoption by

all cabinets to include all project phases (initiation, planning, execution, installation instructions, release

management, and change management).

Workgroup Representatives• Jim Fisher, Co-Chair (KYTC)• James Koontz, Co-Chair (COT)

• Matt Burberry (CHFS)• Stephanie Clay (COT)• Michele Kays (Personnel)• Steve King (Personnel)• Tim McClain (CHFS)• Daniel Miller (Education-WF)• Charles Robb (COT)• Phil St. John (PPC)• Steven Vest (CED)

Workgroup Activities• Conducted weekly meetings to complete SDLC

guidelines

• Created base content for the five phases

• Project Management processes were separated from the technical tasks documented in the guideline

SDLC Guideline Overview

• Document Overview• Five Phases

o Phase Description, Objectives, Inputs, Deliverables, Key Tasks, Roles

• Appendices (A-D)o Glossary and Acronyms, Role Descriptions, SDLC Process Flow,

Acknowledgements

SDLC Guideline Document

SDLC• Outstanding Tasks

o Complete remaining two templateso Finalize for publishing purposes

• Key Takeaways o Multiple agencies working together to accomplish a

common goalo Flexible process designed to accommodate multiple

development methodologieso Material used from existing states SDLC processes

Strategic Plan Update Glenn Thomas

Strategic Plan Update

Strategic Plan Update

• Our Mission – to provide an enterprise technology framework and services supporting the current and future needs of the Commonwealth.

• Our Vision – to enable a proficient government and support a 21st century economy by being a national leader in public sector information technology that is a trusted and valued business partner.

Strategic Plan Update

Goal 1: Customer Service ExcellenceStrategy 1: Provide timely, accurate & consistent service delivery

Strategy 2: Establish a comprehensive & transparent process for customer service education & response

Strategy 3: Improve ongoing COT/customer communication

HEAT project underway to replace Front RangeUpdated CIO-085 Authorized Agency Contacts

Including authorized agency contacts in GovDelivery systemAlerts, ACMs and Calendar events posted to COT website

Integration of BRMs with the agencies and ongoing meetings with CIOCustomer Survey planned in 2016

Strategic Plan Update

Goal 2: Effective, Efficient & Innovative Government through the use of Enterprise Information Technology

Strategy 1: Optimize infrastructure service delivery within Executive BranchStrategy 2 : Leverage opportunities afforded by new technologies to enhance

service delivery

I.3 program – 90+% consolidated with support transitioned to CSDOnce completed COT will begin process to optimize consolidated infrastructure

New Technologies:Cloud – O365 POC; RFP development for IT “as a Service”

Strategic Plan Update

Goal 3: Collaborative & Participatory Information Technology Governance

Strategy 1: Refine the enterprise governance modelStrategy 2: Prioritization of agency legacy system modernization

Strategy 3: Develop a technology life cycle model

TAC subcommittees established for: Strategic Plan, Enterprise SLA template, Web standards, SDLC standard, Enterprise Document Management, Legacy System

Identification, Capital IT Project ReviewEASC now ITSC and is a TAC subcommittee

LSI established a Risk Modernization Assessment for inclusion in Capital IT project scoring criteria. Multiple systems recommended for funding.

Strategic Plan Update

Goal 4: Highly Skilled, Motivated & Effective WorkforceStrategy 1: Coordinate & streamline COT HR & staffing functions

Strategy 2: Build a skilled, cohesive workforce w/ increased understanding of COT operations

Strategy 3: Explore alternatives to the current staffing model

Becky Joyce – COT Human Resource coordinatorStaff Augmentation approval process

Employee of the Month programSkills Assessment coming 2016

SDS contract – under review/rebid early 2016

Strategic Plan Update

Goal 5: Security Focused Information Technology Environment & Culture

Strategy 1: Enhance and continually improve IT securityStrategy 2: Raise awareness of the significance of security threats

and vulnerabilities

CIO-091 Enterprise Information Security ProgramUpdates to existing CIO security policies underway

Annual security training program for COT staffEnd user security training video being used by all agencies

and promoted by Personnel CabinetNew Security Roadmap kicked off in 2015. Work continues.

COT Service Catalog Overview

“Delivering services, rather than servers”

Liz Rodgers

August 27, 2015

Purpose• COT’s service model has changed, but catalog hasn’t

Purpose• Customers cannot and should not build their

own solutions for infrastructure

– Expertise lives in COT

– Opportunities for using economies of scale and pooled resources are overlooked

– Undue cost and complexity

Purpose• Customers want services, but don’t always

know what we offer or how to get it

– Centralize

– Simplify

– Standardize

Objectives

• Design an intuitive, customer-friendly interface• Manage access to ensure requests are authorized• Standardize service offerings • Streamline and simplify request procedures• Communicate the new service delivery strategy to

customers• Secure internal buy-in to reinforce the message

ApproachWhat is a service?

•A service is a means of delivering value to the customer by facilitating outcomes.

•A service is a combination of technology , people and processes.

•A service is an action, not a thing.

Approach• What services does COT provide?

– Began with rated services

– Brainstorming session with teams

– Weeded out incident response, maintenance and back-office processes

Approach• Hybrid approach to bridge the gap

– Give savvy customers and frequent flyers a direct route to specific items

– Gradually introduce the concept of holistic service delivery to improve buy-in

– Allow COT to mature

Approach• Keep supporting processes in the back office

These are part and parcel to the services that use them, not services themselves

• Procurement • Billing• Incident Management• Change Management

Approach• Services should be bundled

– Make processes modular– Standardize– Avoid over-bundling

Approach• Align resources with service delivery

– Service Owner will be responsible for design, scope, cost and delivery strategy

– Service Delivery Manager will be responsible for ensuring the service is delivered timely and as designed

– Teams built around service delivery activities, not necessarily the org chart

Next Steps• Meet with teams to make sure all services

have been identified• Ensure service descriptions are accurate and

include deliverables• Map processes from customer to completion • Estimate times to deliver

Getting Ready for the CloudStuart Johnston

Kentucky Education Cabinet

Definition

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

3 Service Models: 5 Essential Characteristics:Software as a Service (SaaS) On Demand Self-servicePlatform as a Service (PaaS) Broad Network AccessInfrastructure as a Service (IaaS) Resource Pooling

Rapid Elasticity4 Deployment models: Measured ServicePublic, Private, Community, Hybrid

COT Strategic Plan

Core Values for IT across the enterprise:

Being Forward Thinking Enterprise-wide IT strategic direction:

Cloud

COT Strategic Plan Goals:

1. Customer service excellence 2. Effective, efficient and innovative government through the use of enterprise IT 3. Collaborative and participatory IT governance

4. Highly skilled, motivated and effective workforce

5. Security-focused IT environment and culture

COT Strategic PlanGoal 2:

Effective, efficient and innovative government through the use of enterprise IT

Objective 2.1- To optimize infrastructure service delivery within the Executive Branch

Objective 2.2- To leverage opportunities afforded by new technologies to enhance service delivery.

Strategy

Pre-qualify vendor(s) in the areas of IaaS, PaaS and SaaS in order to procure cloud services in a secure, reliable, and measurable manner that will support the business & technical requirements of the enterprise.

Activities to Date

1. Cloud models and services2. Review Storage as a Service RFP3. NASCIO documentation 4. Review GSA and NASPO (WSCA) websites 5. Gartner conference call - Cloud Best Practices6. Cloud Computing & FedRAMP Security Workshop 7. RFP Team kickoff meeting8. Gartner Catalyst Conference

Next Steps

1. Ongoing strategy discussions 2. Review cloud policy3. Inventory cloud applications 4. Procurement

Potential modification(s) Explore alternate options

5. Gartner visit September 2, 2015 6. RFP Team meeting September 3, 2015 7. RFP - third party review

Questions & AnswersJim Fowler, CIO