ISD: IT Security (1850P)

Program Outcome Statement

Protect the County's network, data, and connected devices from malicious activities and ensure the County workforce follows IT best practices, standards, and policies.

Program Services

  • Centrally-managed anti-virus and anti-spam services for workstations and servers
  • Centrally-managed patch management environment for workstations and servers
  • Centrally-managed e-mail security and encryption services
  • Centrally-managed desktop and laptop encryption services
  • Identity Management (Single Sign On) services
  • Log Management services
  • Vulnerability Management services
  • Annual IT Security Awareness training and reporting
  • Periodic Security newsletters and e-mail
  • Expert Witness services
  • Incident Response services
  • Security investigations and reports
  • Information Technology Standards, Policies, and Guidelines
  • Cardkey services

Overview

ISD’s Security Program provides Countywide services and support in the areas of information technology and security. The primary function of this program is to protect County information resources. The program is responsible for identity and access management, remote access, investigations, information technology auditing, information technology security policies, information technology security training, and cardkey access.
At the start of FY 2017-18, the IT Security Program was created, and the following three measures were established to monitor its performance: Completion of Annual Information Technology Security Training Countywide, Median Number of Minutes to Respond to High Priority Incidents, and Usage of Multi-Factor Authentication Countywide. The expectation is that these three measures will increase security awareness among County users as well as assist in making County resources more secure.

Completion of Annual Information Technology Security Training Countywide

Median Number of Minutes to Respond to High Priority Incidents

Usage of Multi-Factor Authentication Countywide

FY 2017-18 Year-End Story Behind Performance

Completion of Annual Information Technology Security Training Countywide
This measure demonstrates 92% of the County’s workforce has completed annual IT security training. This exceeds the target of 90%.
Security awareness training is a top priority for all organizations due to the continued increase in security threats, phishing, and other types of attacks. The County uses its annual IT security training requirement to develop awareness of threats and educate personnel on the importance of IT security.
This measure is calculated monthly by comparing the number of County staff assigned security training to the number of staff who have completed it. ISD has been working with all County departments to encourage completion of this training through reminders and reports. Training was assigned Countywide and the target of 90% completion was met in January 2018.
Median Number of Minutes to Respond to High Priority Incidents
ISD Security Program staff responded to high priority incidents in an average of 12.5 minutes. This well exceeds the target of responding within 60 minutes.
This measure demonstrates the program’s commitment to monitoring systems and responding appropriately to address urgent incidents. A rapid response time helps meet ISD’s broader goal of minimizing downtime for customers. In addition to responding to incidents quickly, the Security Program also reviews high priority incidents on a monthly basis. This provides insight on ways to better track performance and proactively plan responses to future high priority incidents.
Usage of Multi-Factor Authentication Countywide
Security Program data shows 63% of County employees utilize multi-factor authentication. This falls short of the target of 73%.
ISD’s Security Program rolled out multi-factor authentication (MFA) Countywide in 2017. The goal was to help secure County resources, applications, and data by requiring users to provide more than one type of credential when logging in to County systems from outside the County’s network. For example, instead of only providing a password, users ideally prove their identities by providing a password and performing a cell phone verification.
This performance measure tracks the percentage of users utilizing MFA technology on a regular basis. It compares the number of users who have registered at least one form of multi-factor authentication on their employee accounts against the number of users actively accessing secured County resources outside the County's network. At a peak so far of 63%, this measure falls just below the annual target of 73%. ISD continues to work with County departments and end users to increase MFA compliance. The department actively encourages employees to use resources that trigger MFA activation and urges new applications to use the County’s Identity and Access Management system, which automatically includes MFA functionality.

Future Priorities

  • Active Directory: The Security Program plans to assess the Countywide requirements and initiatives related to the Active Directory service. It will then implement a simplified design that incorporates the County's future strategy for managing identity and access.
  • Remote Access: The program will implement a new remote access solution to enhance security and offer a simpler way for County employees, contractors, and vendors to access the County’s network.
  • Auditing and Compliance: The program will continue to enforce County IT security policies with regards to network access, controls, and administration will be reviewed and enhanced.

Author: Stormy Maddux     Contact Email: SMaddux@smcgov.org     Date Updated: 08-27-2018