march 8, 2017 room 438 - itd · march 8, 2017 –room 438 - itd. agenda 2 1:00 update on ea...
TRANSCRIPT
ITCCMarch 8, 2017 – Room 438 - ITD
Agenda
2
1:00 Update on EA Activity Jeff Quast
1:20 Update on ITD Activity Gary Vetter
1:30 Update on Agency Activities Jeff Quast
1:40 Skype Server Update Kory Hellman
1:50 AD Sync to Azure Kory Hellman
2:00 Iterative Development WSI and ITD
2:40 Oracle Update Kory Hellman
2:50 Statewide IT Plan Follow Up Justin Data
2:55 Future Agenda Items
EA Activity
3
Surveys completed
• Waiver – DOCR – Zip Files• Likely to be withdrawn
• Best Practices - E-Services Privacy Policy – Rescind
• Standard – Record Migration – Updated
• Guidelines – Data Classification – Creation• Concerns about open records and definitions
• Will be revised and posted as a second survey
• Survey process was successful
• Standard – Email – Updated
• Standard – Electronic Data Backup – Changed to Best Practices• Some comments recommending continuation as a Standard
EA Activity
4
• Data Architecture• Data Visualization Tools
• The group had an initial but detailed discussion about data visualization tools, such as Power BI and Tableau. Fundamental requirements for data visualization include:
• A solid business case
• Agencies having thorough knowledge about their data
• Data completeness and accuracy
• Standards for sharing, including format and APIs
• The topic appeared to validate the increasing need for a Chief Data Officer in NDGOV
• Data Licensing• Bob Nutsch provided a summary about how the state addresses licensing of GIS data
and the topic will be discussed in detail at the April meeting
EA Activity
5
• Security Architecture• Access Control Standard
Content removed for security reasons
EA Activity
6
• Security Architecture• Annual Review of standards
• Encryption and Remote User Access standards - The group reviewed the standards and agreed that no changes were needed
• Windows Vista End of Support 4/11/17
• Measurement of Agency Workstation Management• Emphasis on Security – OS Patching, 3rd Party App Patching,
Baseline Config, Endpoint Protection
• Survey pending to agencies from ITD
EA Activity
7
Technology Architecture (February)• February 2018 is now the end of life for updates for Office 2013, so agencies should have
their users on Office 2016 before then
• Microsoft has reverted from the recent move to cumulative inclusive monthly patches
• Chad Gumeringer presented an overview of the ADFS service. Proposed changes to the Access Control standard would require the use of ADFS (via the SAML protocol) for all SaaS solutions
• ITD and Game and Fish have reviewed Microsoft LAPS and found it inadequate as a tool to manage administrative account credentials. Other solution will continue to be reviewed.
• Cloud print services such as Google print, Apple Air Print, and HP ePrint may be addressed with a new or existing EA standard
Application Architecture (February cancelled)
ITD Activity
8
• Brown Bag Lunch – Review• Cliff Heyne and Rusty Dahlin – “The Technology Behind the
Response”
• Email SLA• Now using a new Secure Content type
• New DKAN-based GIS Hub Data Portal is live• Could be foundational to a broader open data presence
• NASCIO State Recognition nominations due May 4
Skype Server Update
10
• Upgrade from Lync to Skype for Business
• Requires a client newer than OCS 2007 R2
• A free Skype for Business Basic client is available for download if agencies on old client versions are not budgeted for an upgrade
• Supports IM and Presence
• Supports Desktop Sharing
• Compatible with the Avaya ACA Plug-in for “Click-to-Call”
• Tentatively scheduled for last weekend in May (after session)• Agencies can migrate sooner
• Mobile Skype for Business client works well after migration
AD Sync to Azure
11
•Azure AD Connect integrates ND.GOV
with Azure AD
• Provides a common ID for
integration with on premise and
cloud (Office365, Azure and SaaS
applications) solutions.
•Replicates UserID’s only – No passwords
•Authentication remains on premise
WSI Claims and Policy System (CAPS) - Agile
Project ApproachMarch 8, 2017
ITCC Meeting
Business Need
Improve customer service (both internal and external), meet WSI’s anticipated demand for growth, and enable WSI to remain current with technology
• Improve upon existing functionality with no loss of current efficiencies
• Enhance customer and staff accessibility to applications
• Improve system navigation and ease of use for staff
• Improve ability to respond to customer and staff requests
Background
Feb. 2013 – Dec. 2014
• Completed lessons learned, business process review, market research, architecture review, new Charter and requirements review
• The ESC approved moving forward with an “Evolutionary Approach” for WSI’s core system replacement/upgrade
Jan. – June 2015
• Performed comprehensive project planning (Phase 1) for a database consolidation, a product roadmap (release plans), program plan, and procurements
CAPS Approach
The CAPS program replaces core WSI business applications (Work Manager, Claims, Policy systems) through an evolutionary approach
The user interface is incrementally re-faced into one system, CAPS
20 ‘Releases’ (Projects) over approximately seven years
Each Release is planned, baselined, managed, and closed as a ‘major IT project’ (each is approx. 6-10 months and $1-2M)
Each Release delivers functionality into Production
ServiceLogix provides the leadership and team for the application re-facing along with WSI staff. ITD, Intertech, and TEKsystems also support WSI with resources for project management, infrastructure, and database consolidation services.
How we Apply Agile Practices within ND PM Standards
Foundation: the Release Plans (Product Roadmap)
Foundation for scope
Roadmap for each phase• Shared Components Re-facing
• Policy System Re-facing
• Claims System Re-facing
Use Cases defined
Releases defined
Sprint Plans for each Release
Overview of a Typical Release (Project) - Planning
Release planning begins while the current release is underway, led by the primary PM
The Release Plan is the basis for scope
The team develops a sprint summary plan, baseline schedule, budget, and updates to the overall Program Plan
A new amendment and SOW is developed with ServiceLogix for the Release, as well as other procurement revisions
The ESC approves all planning documents for the Release; Iterative Start-up Report submitted to LITC
The team begins prototyping while the current release is underway
The Release is kicked off within a week of go-live of the previous Release
Overview of a Typical Release (Project) - Execution
Agile and Project Management Techniques during Execution
Each Release is comprised of two-week Sprints
Each Sprint has a kickoff with Sprint Planning• Effort hours are estimated for each task of the sprint
ServiceLogix PM leads daily 15-30 minute SCRUM meetings• Each team member reports what they accomplished yesterday and
what’s on their plate today; issues are discussed after SCRUM• A Burn-down chart is calculated daily, shows effort remaining against
time
The Planning Team (Primary PM, Agency/Vendor PM’s, Sponsor, other key WSI Managers)
• Meet weekly to review status of the current release and plan the upcoming release
Agile and Project Management Techniques at Go-Live and during
ClosingAt each Release Go-Live, the new functionality is migrated to Production and previous functionality is no longer available in the legacy system
CAPS connects seamlessly to the legacy system, so the user continues to use older functionality for the majority of their work and uses CAPS for areas that have been re-faced
Closing• Release Retrospective – lessons learned are gathered from the main
team (ServiceLogix PM), but Sprint Retrospectives are also performed throughout
• Project Closeout - Primary PM performs Post-Implementation Survey, Report, and Closeout Report
Best Practices
State PM standards/practices can work well with this Agile approach
Vendor has solid processes throughout, including quality code development and configuration management approach
Comprehensive QA and UAT Testing
Solid requirements built through prototyping and comprehensive use cases
Comprehensive tool for task, workflow, artifact, issue/CR/defect management - enCorps
Weekly Tech Touch-base meetings between WSI, ITD, and ServiceLogix team members have been valuable
• Plan for and manage infrastructure, security, and hardware upgrades• Strong architect presence on vendor team is important
WSI Communications Team and SharePoint Team Site – key communications to all agency staff
ITD - Iterative Development
24
ITD - Iterative Development Approach for DPI NDFoods Enhancements
Purpose: Allow large scope of work to be distributed into small manageable iterations. Emphasis on providing continuous functionality to the customers in a predictable manner.
• Iteration length approximately six weeks
• Iteration scope determined by priority and effort required
• SDLC phases may have transcended several iteration boundaries
• I.E. Analysis required two iterations, design one iteration and development and testing two iterations
• Every iteration included a UAT and production deployment
• ITD Resources included Business Analyst, Technical Analyst and Developer
• Agency Resources included various Subject Matter Experts (SME)
• ITD and Agency resources actively involved during each iteration
• Allowed flexibility with iteration scope due to changing priorities
• Fixed budget with high-level fixed scope (Grant)
• Allowed to add future scope to current project due based on the adaptive schedule
Database Upgrades & Migrations
Database migrations are usually done in 18-24 months cycles.
Typical Process: • Environment Buildout: Test & Production
• Migrate existing test databases to new test environment
• Agency Notification & Consultation• Grouping and scheduling of agencies
• App Certification• Is the application compatible with the new database release?
• Agency Acceptance Testing & Sign-off
Oracle 12c Environment
26
• End of life for Oracle 10g/11g has passed:• Old releases no longer supported and patched
• New Hardware: • Replacing a 3 node Real Application Cluster (RAC) with a 2 node
RAC
• Environment:• Highly Consolidated• 50 Oracle databases and over 160 applications
• Majority of applications are maintained by ITD Software Development• 3rd Party Vendor Supported Applications
• Preliminary Testing Completed. DHS Eligibility/SPACES Upgrade• Don’t anticipate any major problems with most apps.
Oracle 12c Migration
27
Agency Notice & Consultation:• Agency letters will be going out to ITCC coordinators in Q2 2017. • Agency migration schedule to be published:
ITD Software Development Maintained Apps:• Agencies will need to submit a Software Development Service Request for each
application(s)
3rd Party Vendor Supported Apps:• Agencies will need to submit a Database Change Service Request for each vendor
supported application • Agencies are responsible for contacting their vendors to determine an upgrade plan
for each application• ITD DBAs are available to participate in any agency/vendor conversations.
• Point of contact: Callie Wachendorf, PM. [email protected]
performed preliminary testing and based on this testing ITD does not expect any major problems. ITD has successfully completed the upgrade of DHS Eligibility SPACES databases.
Oracle 12c Migration - Testing
• The Zero Trust architecture approach, currently being implemented by ITD is intended to promotes a "never trust, always verify" as its guiding principle.
• By establishing Zero Trust boundaries that effectively compartmentalize different segments of the network, agencies can protect critical intellectual property from unauthorized applications or users, reduce the exposure of vulnerable systems, and prevent the lateral movement of malware throughout the network.
• Adoption of the Zero Trust architecture impacts the Oracle 12 Upgrade by requiring more extensive agency testing. Because development, test and production regions must be in separate VLANs agency testing efforts must be closely coordinated with ITD.
• Managed and controlled access to the application from outside the data center requires testing. This means that clients who are not authorized to access an application / service will not be able to see it. Agency testing plans need to account for external test scenarios and allow additional time in the testing schedule
Statewide IT Plan Follow UP
29
• 2017-19 Statewide IT Plan Supplemental Information
Future Agenda Items
30