DTS’s goal is to direct its efforts toward the satisfaction of the County Executive’s mission statement. DTS supports all County’s Departments in achieving their defined objectives. The purpose of this blog is to provide yet another communications channel to respond to business and technical ideas, challenges and direction. DTS leadership and staff are determined to promote innovation, improvements and seize any technology opportunities by aligning both DTS and Departmental IT resources and long term implementation initiatives that will support the missions of the County Executive.
County Employees: The following announcement was made today by the CAO.
As you know, County Executive Leggett and I are very supportive of innovation at all levels and in all aspects of County operations and services. We believe our well educated and highly informed residents and businesses are anticipating more advancement in government innovation and transparency, and easier access to government services, information, and data. A growing number of County residents are utilizing mobile device technology to access County services and information. To better respond to the needs of the community, we plan to leverage and exploit this mobile device proliferation to provide better access and service to our residents and improve internal business processes. A key component of this effort is the creation of applications used by mobile devices (mobile apps).
As a follow up to the March 13, 2013 CountyStat session on mobile apps, and consistent with our newly launched openMontgomery initiative (http://montgomerycountymd.gov/open) and Digital Government Strategy (Digital Government Strategy (pdf)), we have developed the attached Mobile Application Policy. The policy provides guidance for the selection, acquisition, and support of applications designed for use on mobile devices of any kind regardless of whether they are intended for use by the public or internally by the County.
Many of you have identified and demonstrated exemplary ways to successfully extend County services to mobile devices owned by residents, County partners, and employees. We want to make even more of these innovations available to our residents and partners, thereby improving customer service and County efficiency, and reducing costs. The development of new apps will enable our residents to use their smart phones and tablets to connect to more County services at high speeds, from anywhere, at any time via simple, easy-to-use interfaces.
This policy provides guidance and establishes standard enterprise processes your organization can follow to cost effectively deliver mobile apps for public and in-house use while ensuring that the apps are sustainable.
The Department of Technology Services and the Office of the County Attorney have created contract templates for mobile app acquisitions in support of this policy. These templates and additional guidance can be found on DTS’ Intranet page at the following link:
The County is in the process of negotiating County-wide accounts on both the iTunes and Google Play app stores, and we expect to publish the first set of County mobile apps there soon, making them conveniently available to consumers.
I have directed DTS and the Office of the County Attorney to work with your staff to ensure that new app opportunities are reviewed and high value solutions are approved expeditiously. I am requesting your cooperation with the policy and the outlined processes to help us provide the best and most sustainable mobile apps for our residents and employees.
If you have any questions regarding this policy, please contact Assistant Chief Administrative Officer Fariba Kassiri at Fariba.email@example.com or (240) 777-2512, or Sonny Segal, Chief Information Officer, at Sonny.Segal@montgomerycountymd.gov or (240) 777-2822.
Thank you for your participation and support.
County Chief Information Officer (CIO) Harash "Sonny" Segal just wrapped up his interactive on-line “Ask the County CIO” discussion.
Please visit: http://portal.mcgov.org/askthecio to view the full transcript.
Montgomery County's Desktop Computer Modernization (DCM) program recently passed its SEVENTH annual recertification audit by the NSF-ISR International Auditing body. In 2007 Montgomery County was the 8th operation in all of North America to receive ISO 20000 certification and the first Public Sector organization to do so. DCM is now the 5th longest standing certification in North America.
The IT Help Desk has moved to Remedyforce effective this morning, Friday, February 1st. All NEW IT INCIDENTS MUST BE CREATED IN REMEDYFORCE. Note that the work queue/group names are the same as THEY WERE IN SDE.
You can also send an email to HELPIT to have an incident opened in Remedyforce. Additional training (video on the web site and live training) will be available for Remedyforce in the near future.
Note that you are NO LONGER able to create new incidents in Service Desk Express (SDE). However, YOU WILL be able to continue updating and closing existing SDE incidents.
The IT Help Desk will be migrating remaining open SDE incidents into Remedyforce over the next several weeks. The SDE tickets will be cross-referenced to the new Remedyforce ticket then closed in SDE.
Please contact the IT Help Desk at 240-777-2828, option 1 if you have any questions or problems with Remedyforce.
The County’s Department of Technology Services (DTS), in partnership with the Public Information Office (PIO), Department of Transportation (DOT) and many other County Departments, recently launched mobile versions of the County’s award-winning County website, MC311 website, and Storm operations website. For more information, including how to access and bookmark these mobile websites, please visit: http://montgomerycountymd.gov/open/mobile.html.
Media ID: 12-084
Contact: Donna Bigler, 240-777-6507
County Executive Ike Leggett and Councilmember Hans Riemer to Announce New Open Government Efforts
Will Ensure Even Better Government Transparency, Accessibility and Efficiency
Wednesday, December 5, 2012, 11 a.m.
Executive Office Building, 101 Monroe Street
County Executive Isiah Leggett and Councilmember Hans Riemer will announce a major advance in the County’s open government efforts that will significantly improve government transparency, accessibility and efficiency.
The efforts include the launch of a new website, a social media platform to encourage participation, a digital roadmap to guide service improvements using new technologies, and Council legislation.
The Enterprise Information Security Office's "Enterprise Cloud Security Service and Architecture Project" was named a Finalist in 2012 Information Security Executive (ISE) North America Award. It was the only state or local government project named as a Finalist. The award was accepted at the ISE North America Leadership Summit and Awards 2012 on Nov. 6-7, 2012. The ISE North America Award in the Project category showcases an outstanding range of information security projects that were deployed and completed in the last 12-18 months and have had the greatest positive impact within their organization. Judges evaluate projects based on scope, defined goals, ability to execute and overall results achieved for the organization.
October is Cybersecurity Awareness Month. Montgomery County Government is participating in a series of Cybersecurity webinars sponsored by the National Association of Counties (NACo). You are encouraged to attend the webinars live or view the recorded sessions by registering at http://www.naco.org/meetings/webinars/Pages/CybersecurityWebinarSeries.aspx.
Keith Young, Montgomery County’s Enterprise Information Security Officer in DTS will be leading the webinar on cloud computing and mobile technologies on Wednesday, Oct 17, from 2:00-3:00pm ET. While cloud computing and mobile technologies provide the ability to conduct business from any location, they also introduce a need for new information security measures. To attend this live session or to view the recorded session afterwards, please click on this link: https://www2.gotomeeting.com/register/614595202.
Harash (Sonny) Segal was recently appointed as the new Montgomery County’s Chief Information Officer (CIO). Sonny has over 35 years of information technology management experience including executive level positions in the private and public sectors in technology governance, planning and operations management. Most recently he has served as an independent IT consultant for small businesses. Prior to that, Sonny was the Vice President of IT Professional Services for AINS, Inc. a privately held company based in Montgomery County with over 100 IT services professionals.
The latest generation entering the job market has grown up with a wide array of portable devices available to them, such as laptop computers, smartphones and tablets. In turn, they have progressively integrated many of their daily living activities with the use of this technology, essentially blurring the traditional lines between work time and personal time. As this concept takes hold, a natural workplace progression appears to be occurring, as employees are more frequently requesting to use their personal devices for work applications.
While there are many pros to this arrangement, there are also many security considerations that need to be addressed before adapting a carte blanche approach toward policies governing the use of personal devices in the workplace.
Best Practice Cyber-Security Guidelines
While some companies hire a cyber security expert consultant, typically holding an M.S. in Information Technology and several years of experience in cyber security, many companies simply follow general best practice guidelines regarding policies that regulate the use of personal devices for work-related application.
In smaller and startup companies, establishing and following common-sense procedures is often the first step in establishing a quality cyber security policy. Here are some positive “Do’s” when establishing cyber security protocol:
·Password protect the company Intranet; require employees to password protect their devices.
·Coordinate level of access with employee title and job duties.
·Clearly articulate guidelines and expectations for use of personal devices at work in writing; generally speaking, employees should sign an agreement.
·Be clear about privacy issues (i.e. are all applications subject to monitoring).
·Offer periodic training to keep cyber security at the forefront of employee awareness; establish an open dialogue; be clear about employees’ roles and responsibilities related to cyber security.
·Establish clear protocol for reporting, documenting, and following through on a security breach.
When the company culture underscores the importance of cyber security and involves all team members in an active role toward protecting business assets, team engagement is generally more comprehensive. Fostering an open learning environment where ongoing dialogue related to policy is encouraged, employees become invested in the process of keeping company information safe and secure. The more a company’s employees understand cyber threats, the more empowered they will be to recognize possible breaches in security.
Trust and Team-building in the Workplace
While allowing employees to bring their own devices to work can save money and may increase worker productivity, there are still those that may take advantage of that trust. Companies should test out smart policies that are high in proactivity and light on discipline. However, strict action should always be taken in situations of outright and purposeful policy violation.
Many employees today are accustomed to blending the personal and professional; smart employees want to do their job efficiently and effectively. The vast majority of employees shouldn’t be considered outright threats to cyber security, but they still need the best practice knowledge to recognize and avoid the threats. Creating policies that are comprehensive, but not cumbersome is an essential component of best practice when it comes to promoting cyber security. In general the most common workplace threats fall into the following categories:
·Undetected phishing and/or malware
·Loss/theft of property that was not password protected or data that was not encrypted, such as a lap-top or a USB drive
·Accidental intrusion from sources that, at first, appear legitimate (such as fraudulent, phony virus protection update notification)
·Lack of updated virus protection/firewall protection – updates should install automatically on these devices
While no policy or piece of information can prevent all cyber attacks, creating a corporate culture with clear guidelines, expectations, and shared responsibility can go a long way toward creating a strong and unified team when it comes to protecting sensitive information. Investing in training that brings all team members up to speed and offers the tools to identify and react appropriately toward cyber security threats can create a unified front. Effective training may be a company’s best strategy when it comes to bolstering cyber security, especially as the use of personal devices in the workplace continues to expand as a cost-saving business conception.
This article was contributed by Jonathan Azares, who works for University Alliance and writes about various cyber security topics. He’s currently enrolled in a master’s program in cyber security.
When most people think of cyber attacks, large multinational companies or government agencies come to mind, but small business are targeted, too. Often small businesses underestimate their own vulnerability or underestimate what is really at risk. Spending time and resources to put a preventative plan in place can help prevent a cyber attack. When cyber criminals attack small businesses it can be devastating to both reputation and revenue. Here are some considerations to minimize the threat of a cyber attack on your small business.
Why a Cyber Attack on a Small Business?
As larger companies invest in more sophisticated security, smaller businesses that have not taken adequate measures to prevent an attack end up being a path of least resistance into data that cyber criminals can use easily. Other factors that lead to a cyber attack on a small business include a:
·culture that feels immune to attack.
·less than adequate investment in even the most simple security measures.
·lack of training know the signs of a threat.
·lack of awareness of newer threats like social phishing.
Even the government recognizes the increasing risk to small businesses. According to the House Small Business Committee “The threat of hackers and data loss could get even worse for small businesses in the new year.”
What’s at Risk in a Small Business Cyber Attack?
Many small business owners think they are flying under the radar of a cyber criminal and may think that the data at the company isn’t worth the risk. Think again. Cyber attacks can come from the outside or from the inside, a disgruntled employee who knows how vulnerable the system is can do great damage. Whether the risk is from outside or within, some of the most common results of a cyber attack include:
·breach of confidentiality involving customer secure data resulting in a ruined reputation.
·a significant blow to the company’s credit rating after the attack is made public.
·website is unavailable interrupting revenue and other vital company communication.
How to Prevent Security Lapses That Could Leave You Vulnerable
Many small business owners can minimize threats by recognizing that they do exist even in a small business setting and then putting a plan in place that details how to reduce the threat. Investing in simple measures like the latest version of security software, locking laptops up at night, and creating a culture with ongoing training about security topics can help minimize the risks of a cyber attack.
Additionally taking advantage of free or low cost Internet resources on the topic can help pinpoint a plan of action that is right for your company. The Federal Communication Commission’s Small Biz Cyber Planner is one such tool that can help you get dialogue going regarding better cyber protection. Other ways to reduce the threat of a cyber attack in a small business setting include:
Øcreating documents that detail security measures that all employees will adhere to, even when working at home (such as not leaving a work laptop on the seat of a car in plain view).
Øadditional training to familiarize yourself with the most up to date cyber security information.
Øinstall anti-virus software and ensure it is set to auto-update.
Ømodify your operating system settings so that important updates are applied automatically. If you can automate important updates like that you’ll be better protected since less manual attention is required.
While even the largest companies with the best prevention get hacked from time to time, there is no reason why your small business has to be an easy target. Cyber criminals more often than not are looking for a path of least resistance when stealing important data; take the extremely affordable steps to make sure your data is less accessible. Creating a culture that makes security everyone’s business can promote a more secure handling of company data. Additionally, making improvements in the software and hardware used to support cyber security can help prevent cyber attacks. As a small business, doing everything within your means to protect your company against cyber attack is part of an effective plan to keep ahead of the competition and secure your advantage especially in cut throat economic times.
This article was provided by Joe Schembri and VillanovaUniversity’s online security training program. Villanova helps security professionals earn designations such as the CISSP certification which is a globally recognized credential.
To assist employees in making effective business use of their mobile devices, the Department of Technology Services (DTS) will be hosting several Mobile Support “Kiosks”. Examples of services offered are:
a. Connecting a device to the County’s e-mail system
b. Connecting to the County’s VPN (must have current VPN account)
c. Securing the device with a password
d. Other assistance as needed regarding your device’s operating system or general use
Staff from DTS and the County’s IT Service Desk will be made available on the following dates and times, and at the following locations. You do not need an appointment. Simply drop by with your mobile device, and the DTS team will assist you.
1. Wednesday, January 11th EOB Lobby (old Reception Desk) 9AM – 1PM
2. Wednesday, January 18th COB Cafeteria area 9AM – 1PM
3. Wednesday, February 8th HHS (401 Hungerford – Lobby Conference Room) 9AM – 1PM
Today is DTS Director Steve Emanuel's last day with Montgomery County Government. Steve has accepted a position with the State of New Jersey to be their new CIO. Congratulations Steve and thank you for your service to Montgomery County.
Are you interested in learning more about Cloud Computing? Want more information about the County new Desktop computer and operating system standards? Have questions about the County’s new telephone system? Nervous about using Facebook and other social media tools? Which mobile device is right for you? Join County Chief Information Officer (CIO) E. Steven Emanuel in an informative and interactive discussion entitled “Ask the County CIO.” This on-line event will take place on Wednesday, October 12th, from 12:30PM – 1:30PM. County employees will be able to send questions directly to the CIO. Employees may submit questions anytime prior to, or during, the discussion. Answered questions will be available at the beginning of the live session and selected questions will be answered during the scheduled discussion time. To learn more about this on-line discussion, and to participate, please visit: http://portal.mcgov.org/apps/News/Discussion/IntraGenericDisc.asp?discID=4. Employees are encouraged to ask questions regarding workplace technologies as well as emerging consumer technology issues and trends. Steve will share his experience and insights to make this a useful experience for employees. Steve joined the County in 2007 after a nine-year career with Amtrak. Before coming to Amtrak, Steve worked for GPU Companies, serving as IT Site Support Manager at the Oyster Creek Nuclear Generating Station in Forked River, NJ and as Network Coordinator for Jersey Central Power & Light Headquarters in Morristown, NJ. He was also a Network Analyst for GPU Nuclear and Corporate Headquarters in Parsippany, NJ.
The Center for Digital Government and Public CIO recently issued a report entitled "A Guide to Mobility in Government." Click http://www.govtech.com/pcio/special_reports/Government-Mobility-Guide.html to read the report.
“I am pleased with the survey outcome for the County. Our ability to achieve third place, at a time of significant fiscal reductions and increase in delivery challenges clearly demonstrates that MontgomeryCounty's commitment to technology for business process improvement is paramount,” said Montgomery County Chief Information Officer E. Steve Emanuel. “This award and recognition goes to the combined efforts from all County departments and exemplifies the model of a collaborative and enterprise thinking organization.”
Are you worried about the security of your data? Do your kids know more about social media than you? Are you having a hard time choosing between an Android and an iPad? Is “the Cloud” over your head?
JoinCounty Chief Information Officer (CIO) E. Steven Emanuel in an informative and interactive discussion entitled “Ask the CountyCIO.” This on-line event will take place on Wednesday, May 11th, from 12PM – 1PM.
County employees will be able to send questions directly to the CIO. Employees may submit questions anytime prior to, or during, the discussion. Answered questions will be available at the beginning of the live session and selected questions will be answered during the scheduled discussion time. To learn more about this on-line discussion, and to participate, please visit: http://portal.mcgov.org/apps/News/Discussion/IntraGenericDisc.asp?discID=4.
Employees are encouraged to ask questions regarding workplace technologies as well as emerging consumer technology issues and trends. Steve will share his experience and insights to make this a useful experience for employees. Steve joined the County in 2007 after a nine-year career with Amtrak. Before coming to Amtrak, Steve worked for GPU Companies, serving as IT Site Support Manager at the Oyster Creek Nuclear Generating Station in Forked River, NJ and as Network Coordinator for Jersey Central Power & Light Headquarters in Morristown, NJ. He was also a Network Analyst for GPU Nuclear and Corporate Headquarters in Parsippany, NJ.
Montgomery County’s Information Technology Service Desk ranks among the tops in the nation, according to the recently released Desktop Support Practices Report by the Help Desk Institute (HDI). Among the key findings: 1. 3% of County service tickets are assigned to a desk-side support technician. Most organizations assign between 11% and 20% of tickets to desk-side support. County helpdesk analysts are equipped with remote diagnostics tools that allow them to resolve most incidents without the need for a desk-side visit. 2. County service tickets are resolved in an average of 32 minutes. In other organizations, average resolution time falls between 1 hour and 4 hours. In many organizations, average resolution time is 1-2 days. 3. 97% of County service tickets are resolved on the first attempt. Nationwide, most organizations first call resolution falls between 71% and 90%. The County’s Department of Technology Services (DTS) manages the IT Help Desk under the Desktop Computer Modernization (DCM) program. County employees may contact the County’s IT Service Desk at 240-777-2828.
DTS's Geographic Information Systems (GIS) team recently hosted a group of students from West Virginia University for a briefing on GIS. This is the 9th consecutive year that the WVU students have made the trip to Montgomery County's GIS program!
The Public Technology Institute (PTI) has honored Montgomery County’s Department of Technology Services (DTS) with two Technology Solutions and Innovations awards. The awards are for the following programs: first, in the Public Safety Technology award category, “A GIS Platform for Emergency Management & Response: Common Operational Pictures (COP)”; and, second, in the Web and e-Government award category, “Vehicle Accident Report Purchase System.” The County also received an honorable mention award for its “H1N1 Flu Vaccine On-line Appointment Booking System.” Read the County press release at: http://www.montgomerycountymd.gov/apps/News/press/PR_details.asp?PrID=7402.
This is a reminder that beginning tomorrow, Friday, October 1st, Maryland’s new cell phone law will go into effect. While the laws changed last year this time to make “texting” illegal while driving, this year’s change now makes it illegal to hold and talk on a cell phone while driving. The Communications Traffic Safety Act of 2010 now states:
“Prohibiting a driver of a motor vehicle that is in motion from using the driver's hands to use a handheld telephone except to initiate or terminate a wireless call or to turn on or off the handheld phone; providing that a violation of the Act may be enforced only as a secondary violation; establishing penalties of $40 for a first offense and $100 for a second offense; prohibiting a driver of a school vehicle or a holder of an instructional permit or provisional driver's license from using a handheld phone while driving; etc”.
Remember, NO “texting” or “holding and talking on a cell phone” while driving. This law begins this Friday, October 1, 2010.
For more information, several news links are available: