Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ohio Digital Government Summit 2007 1 Laptop Disk Encryption Colorado’s Approach Presented to: Ohio Digital Government Summit October 16, 2007.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Ohio Digital Government Summit 2007 1 Laptop Disk Encryption Colorado’s Approach Presented to: Ohio Digital Government Summit October 16, 2007."— Presentation transcript:

1 Ohio Digital Government Summit 2007 1 Laptop Disk Encryption Colorado’s Approach Presented to: Ohio Digital Government Summit October 16, 2007

2 Ohio Digital Government Summit 20072 Overview  Colorado’s Data Security Environment  Acquisition Strategy  The State’s Acquisition Process Trade-Offs  Results  Current Status  What We’ve Learned

3 Ohio Digital Government Summit 20073 Colorado’s Data Security Environment  Background Appointment of CISO House Bill 1157 Laptop Related Incidents  Goals Pre-empt the Problem with a Solution Get It Done Fast Solve it for the Enterprise Make It Comprehensive Provide a Solution With Staying Power

4 Ohio Digital Government Summit 20074 Acquisition Strategy  What’s Available  What Does Gartner Think  What’s the Scope?  RFP?  Agency Collaboration/Communications  State Employee Teams

5 Ohio Digital Government Summit 20075 Requirements Tradeoffs Capability vs Price TechnicalRequirementsTechnicalRequirements Cost and Pricing Considerations Considerations Walking the tight rope

6 Capabilities Desired FULL DISK ENCRYPTION CENTRAL PRODUCT MANAGEMENT CENTRAL KEY MANAGEMENT PRE-BOOT AUTHENTICATION PRICEPRICE PROF. SERVICES SUPPORTSUPPORTTRAININGTRAINING LINUXLINUXMACMACW95W95W98W98WNTWNTWMEWMEW2KW2KWXPWXPVMVM REMOTE USER MGT. LOG MGT. SYSTEM MGT. FILE ENCRYPTION FOLDER ENCRYPTION USB / CD / DVD PHONE / PDA TOKEN SUPPORT SSOSSO PKI INTEGRATION DIGITAL SIGNATURE S/MIME ENCRYPTION CAPI COMPATIBLE IDENTITY MANAGEMENT

7 Ohio Digital Government Summit 20077 Capabilities “Proposed” FULL DISK ENCRYPTION CENTRAL PRODUCT MANAGEMENT CENTRAL KEY MANAGEMENT PRE-BOOT AUTHENTICATION PRICEPRICE PROF. SERVICES SUPPORTSUPPORTTRAININGTRAINING LINUXLINUXMACMAC W95W95W98W98WNTWNTWMEWMEW2KW2KWXPWXPVMVM REMOTE USER MGT. LOG MGT. SYSTEM MGT. FILE ENCRYPTION FOLDER ENCRYPTION USB / CD / DVD PHONE / PDA TOKEN SUPPORT SSOSSO PKI INTEGRATION DIGITAL SIGNATURE S/MIME ENCRYPTION CAPI COMPATIBLE IDENTITY MANAGEMENT

8 Ohio Digital Government Summit 20078 The Tight Rope  Technical Requirements Full disk encryption Password at boot Secure storage of keys Removable devices User transparency Multiple operating systems Network based solution Key backup/recovery Remote installation Central pass-phrase management Training  Cost and Pricing Considerations Firm-fixed-price initial buy Enterprise price agreement Mandatory price agreement Specified size of initial buy License mobility 4-year product support term Optional feature considerations Total bid price

9 Ohio Digital Government Summit 20079 The State’s Acquisition Process Trade-Offs  The Tradeoffs were made: IFB – 3 Months, Significant Risks RFP – 8 Months, Less Risk, Too Long  RFP Selected - We Had 5 Months  Adopted Accelerated Project Management Approach

10 Ohio Digital Government Summit 200710 LTE Project’s Approach - Acquisition  Write and Issue RFP  Respond to Bidder Questions  Evaluate Bidder Responses Step One – Technical Evaluation/Demo Step Two – Price Evaluation/Selection Step Three – Acceptance Testing  Negotiate Mandatory Price Agreement

11 Ohio Digital Government Summit 200711 LTE Project’s Approach – Leveraging A Solution  All Departments Funded by CISO ($450K)  6,700 Laptops in the Baseline  Executive Departments Must use the Mandatory Price Agreement for Future Product Purchases  Secretary of State, Attorney General, Higher Education, and Local Governments May Use Price Agreement  Coordination/Communications with Departmental CIO’s  Technical Evaluators from Executive Branch Departments  Acceptance Testing Involved Same Departments  Centralized Training Provided to All Agency Technical Personnel

12 Ohio Digital Government Summit 200712 Results  Pre-emptive Solution Accepted  Near On-Schedule Completion of Acquisition Component of the Project  Coordination/Communication with Departments – Beneficial  Technical Training of Agency IT Personnel Completed On-Schedule  Enterprise Solution Accepted  Implementation Rate - Acceptable

13 Ohio Digital Government Summit 200713 Current Status Estimated Completion: Feb 2008 Estimated Completion: Feb 2008 2007200720082008

14 Ohio Digital Government Summit 200714 What We Learned  Project Management Fundamentals Pay Off  Planning Project/Schedule Essential  Leveraging the State’s Buying Power Works!  Procurement Methods Vary in Terms of Time, Risk, and Effectiveness  Communications/Coordination with Agencies Vital  Funding Should Not an Issue  Making Trade-offs Up-Front Necessary  Acceptance Testing Involving Agency Technical Experts Leads to Buy-In  Training Up-Front Essential to Buy-In as Well  Following-Ups On Agency Implementation Necessary

15 Ohio Digital Government Summit 200715 Contact Information Bob Feingold bfeingold@centerdigitalgov.com 303-810-3215

Download ppt "Ohio Digital Government Summit 2007 1 Laptop Disk Encryption Colorado’s Approach Presented to: Ohio Digital Government Summit October 16, 2007."

Similar presentations

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Security for Mobile Devices

Security for Mobile Devices
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.

COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
PERSONALLY IDENTIFIABLE INFORMATION (PII) BRIEFING

PERSONALLY IDENTIFIABLE INFORMATION (PII) BRIEFING
How to commence the IT Modernization Process?

How to commence the IT Modernization Process?
E Bidding Log on Screen. Bid Details Search Criteria for Bid Details.

E Bidding Log on Screen. Bid Details Search Criteria for Bid Details.
Improving Connections for the Mobile Worker Theron Dodson Ascendent Systems August 9.

Improving Connections for the Mobile Worker Theron Dodson Ascendent Systems August 9.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Network Design and Implementation

Network Design and Implementation
© 2007 COPLAN AND COMPANY. All Rights Reserved. Permission granted for use by HIMSS membership. 1 Procurement Management Scott R. Coplan, PMP Educational.

© 2007 COPLAN AND COMPANY. All Rights Reserved. Permission granted for use by HIMSS membership. 1 Procurement Management Scott R. Coplan, PMP Educational.
Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.
Active Directory Production Pilot Project Department of Administration Enterprise Technology Services (ETS) ETS is a customer based team that provides.

Active Directory Production Pilot Project Department of Administration Enterprise Technology Services (ETS) ETS is a customer based team that provides.
 Windows 10 briefing Technical overview of the key new Windows 10 capabilities As a valued customer of Microsoft Services we’re excited to continue supporting.

 Windows 10 briefing Technical overview of the key new Windows 10 capabilities As a valued customer of Microsoft Services we’re excited to continue supporting.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
Data Encryption Overview South Seas Corporation Jared Owensby.

Data Encryption Overview South Seas Corporation Jared Owensby.
1 Purchasing and Procurement Processes Module Four Revision Date: 2/06/2015.

1 Purchasing and Procurement Processes Module Four Revision Date: 2/06/2015.
8 Systems Analysis and Design in a Changing World, Fifth Edition.

8 Systems Analysis and Design in a Changing World, Fifth Edition.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security

PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security
Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)

Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)

Similar presentations

Ads by Google