Project Updates
What is it? The first migrations from the eFORT Data Center scheduled for this month have been delayed due to an unexpected encounter with network file shares. Once a new date has been selected for the Governor’s Office and the Department of the Treasury, the project team will send out information to the affected agencies.
Why is this important to our customers? Moving out of eFORT and relocating all state resources to other state-operated sites will decrease the cost to operate enterprise services. This will help the state reduce tech debt, consolidate assets and expand Cloud infrastructure.
What do agencies need to do? Our project team will work with agency staff to evaluate server, application and hardware inventory at eFORT for migration to the Cloud or the Lakewood Data Center and decommission outdated equipment.
What is it? With just one more site left for router replacement, the Core Network Refresh team is excited to be nearing the finish line for this project. OIT began updating these core network routers and switches in June of 2022, targeting old ones that are no longer supported by the vendor.
Why is this important to our customers? OIT monitors and maintains the core network infrastructure at two data centers and the Capital Complex network (CCLAN) for 17 different agencies. The network refresh minimizes security risks associated with older and unsupported products that have reached end-of-life support, establishes a more reliable network and enables easier integration with newer technology.
What is it? The internet in our state buildings runs on aging technology and the Enterprise Wireless (Wi-Fi) program aims to replace Wi-Fi access points and controllers reaching the end of life to increase speed and stability.
Why is this important to our customers? OIT’s enterprise wireless solution was designed to allow customers instant access to agency resources while providing a separate network for business guests and mobile devices. Our customers and colleagues working in state-owned buildings will no longer need VPN when using Wi-Fi to access their agency’s network and resources.
What’s the plan? The project team will first replace end-of-life Wi-Fi access points (APs)* by the end of January and will install additional licenses to the Wi-Fi controller*. The project team will work with agencies to schedule a replacement for APs reaching the end of life at later dates. OIT’s wireless controller will be updated in February. The project team is working with IT Directors to communicate and get approval for the planned maintenance from impacted agencies.
*Access points create a wireless local area network (WLAN) in large buildings.
*Controllers are devices that manage the access points in a wireless network.
What is it? This project has gained momentum in the new year, with each impacted agency continuing the upgrade process, and creating detailed schedules and commitments to complete the work. At this time, most agencies plan to complete the tech debt remediation for Windows 2008 by the end of the 2023 calendar year.
Why is this important to our customers? The Windows 2008 Retirement program (WIN2008) aims to decommission, upgrade or modernize servers running the Windows Server 2008 Operating System (OS). Since Microsoft no longer supports Windows 2008 servers, outages may lead to business disruption and data loss. Critical security patches cannot be applied and now require special, yet inefficient, maintenance that is costly to the state.
When is this happening? We are approximately 30% complete. This includes servers in the decommissioning process, and those completely shut down.
What about Windows 2012 Servers? Although Windows 2008 is our priority, we know that Windows 2012 end of life is only nine months away and is no longer supported. This means that, like WIN2008, WIN2012 will soon be outdated and has been approved to be part of the R01 - Tech Debt Portfolio. More to come as we lay out the groundwork for this project.
We’re taking a new approach with our work to upgrade SQL Servers. Project work will start with upgrading or removing the SQL Server 2008/2012 databases. As we assess each system, we’ll determine the best way to reduce the SQL technical debt.
Here’s the plan:
- Map out the connections between the servers, applications and databases.
- Since all applications need to be upgraded, we will categorize based on work effort (low, medium or high).
- Review the list with IT Directors and agencies to gain approval to perform the upgrades for low-effort applications. Then develop a timeline with agencies to complete the approved upgrades.
- Perform those upgrades based on the agreed-upon timelines.
Why is this important to our customers? Microsoft SQL Server 2008 and 2012 are the databases that many of our applications access. Microsoft no longer supports SQL Server 2008 and does not provide server patching updates, which makes these servers vulnerable from a security perspective.
What do agencies need to do? We will be scheduling meetings with IT Directors to provide greater detail to agencies on the servers impacted, as well as how we will coordinate our activities and provide decisions/options to remove the technical debt.
The mainframe program and the projects are at various discovery stages, and vendors are being identified. Keep an eye out for more information and updates coming soon!
We’re excited to share that the IT Asset Management (ITAM) program is underway and has shown great progress! While the ITAM audit process will continue to ensure our valuable tech items (e.g., laptops, software, data) are accounted for, maintained, upgraded and disposed of when necessary, this Tech Debt Portfolio project has officially closed out (cue the fireworks!).
What the project accomplished:
- The statewide IT asset management process was initiated.
- 95.9% of the hardware assets across executive branch agencies were identified, a 1.8% increase over last month.
- Hardware refresh schedules were created to ensure that IT assets adhere to their lifecycle in order to avoid costs to fix them or with security issues.
Having IT asset management has set the standard for us to keep track of everything from laptops to state-owned applications, allowing OIT to help our agency partners avoid unnecessary spending and enable greater productivity. Having this single source of truth can prevent us from data breaches, lost assets, overprovisioning and wasted budgets.
What is it? Work to remediate security vulnerabilities within Salesforce applications is nearly 50% complete! The Salesforce team is currently working with the Governor’s Office, the Office of Economic Development and International Trade, the Colorado Department of Public Safety, and the Department of Personnel & Administration.
Why is this important to our customers? This project is estimated to save the state money by removing legacy technology that requires additional support. It will also update security and retire outdated interfaces and settings.
What do agencies need to do? The OIT team will coordinate with agencies on the timing for remediation work that must be performed in each affected Salesforce application. Once the window is determined, and high and medium vulnerabilities are remediated in a sandbox environment, the Salesforce applications will need to be tested by agency subject matters experts.
When is this happening? Right now! Currently, 48% of the impacted agencies have had their project kickoff calls with the team. Remediation has been completed for 28% of the affected agencies, and we have fully remediated 47% of the total known high and medium security vulnerabilities.
|