Blog

Outlook 2010 Photo Feature

Outlook 2010 gives users the ability to associate images with user contacts, so that each time an email is received from another co-worker or client, their image will appear at the bottom of the email or in the corner of the email on an iOS device.  Our internal BIT email administrators are able to associate each state employee’s photo with their information in the Global Address List.

Beginning in June 2012, BIT implemented the Outlook 2010 Photo Feature for all BIT employees to use as a reference and customer service tool for the organization. To test this feature, Data Center managers along with the integration team helped to upload staff pictures into Active Directory and made them visible through the state email system.  
BIT is a servicing organization and staff images help to transform our organization from a faceless company to people that our customers can relate to. The personal connection and technology services BIT has to offer our clients is an advantage we have over outsourcing similar services to a private vendor. Photos of our staff will help to reinforce this. 
This is an easy way for new hires to figure out “who is who” within the organization, rather than using the ever-so-informal organization chart, without putting their image in an online directory for the entire world to access. It also works well for meetings with other co-workers and clients, helping to associate a name with a face.
A tremendous amount of positive feedback has been received regarding this feature, both internally within BIT and with other state agencies. It helps assimilate new staff into the agency community faster than before. It provides staff with a welcomed feeling and promotes face to face communication among employees. 
If you are a state agency and are interested in pursuing this feature further, please connect with your Point of Contact.


I/T Definition: Malware

I/T language can be confusing. BIT can help!

Malware – Malware is short for Malicious Software.  Malware is any type of software that is designed to damage data or systems, to steal data, or to take control of the computer.

Social Networking Sites: Security and Privacy Issues

Recent hacks involving several high-profile social networking accounts once again highlight the potential vulnerability of social media. The sheer volume of users and the information that gets posted on social media sites create plenty of opportunity for an attacker to use social engineering or other methods to gain access to the accounts of individuals and organizations. The more information you post, the more your security and privacy are at risk.

Precautions to Take
Below are some helpful tips regarding security and privacy while using social networking sites:
  • Ensure that any computer you use to connect to a social media site has proper security measures in place. Use and maintain anti-virus software, anti-spyware software, and a firewall.

  • Be cautious when clicking on links. If a link seems suspicious, or too good to be true, do not click on it…even if the link is on your most trusted friend’s page. Your friend’s account may have been hijacked or infected and is now spreading malware.

  • If you are going to request that your account be deleted, first remove all of the data. Request that the account be deleted, rather than deactivated.

  • Type the address of your social networking site directly into your browser or use your personal bookmarks. If you click a link to your site through email or another website, you might be entering your account name and password into a fake site where your personal information could be stolen.
  • Be cautious about installing applications. Some social networking sites provide the ability to add or install third party applications, such as games. Keep in mind there is sometimes little or no quality control or review of these applications and they may have full access to your account and the data you share. Malicious applications can use this access to interact with your friends on your behalf and to steal and misuse personal data. Only install applications that come from trusted, well-known sites. If you are no longer using the app, remove it. Also, please note that installing some applications may modify your security and privacy settings.

  • Use strong and unique passwords. Using the same password on all accounts increases the vulnerability of these accounts if one becomes compromised. Use different passwords for different accounts, and do not use a password you use to access your organizations network on any personal sites you access.
  • Be careful whom you add as a “friend,” or what groups or pages you join. The more “friends” you have or groups/pages you join, the more people who have access to your information.

  • Do not assume privacy on a social networking site. For both business and personal use, confidential information should not be shared. You should only post information you are comfortable disclosing to a complete stranger.

  • Use discretion before posting information or comments. Once information is posted online, it can potentially be viewed by anyone and may not be able to be retracted afterwards. Keep in mind that content or communications on government-related social networking pages may be considered public records.
  • When posting pictures, delete the meta data, which includes the date and time of the picture.

  • Do not announce that you are on vacation or away for an extended period of time.

  • Configure privacy settings to allow only those people you trust to have access to the information you post, and your profile. Also, restrict the ability for others to post information to your page. The default settings for some sites may allow anyone to see your information or post information to your page.

  • Review a site’s privacy policy. Some sites may share information, such as email addresses or user preferences, with other parties. If a site’s privacy policy is vague or does not properly protect your information, do not use the site.

Stay tuned to our blog for more on cyber security tips throughout the year. For additional information, please visit cybersecurity.sd.gov.

I/T Definition: Phishing

I/T language can be confusing. BIT can help!

Phishing – Malicious emails disguised as work-related email, business/financial email, or other types of emails designed to entice the user to enter in personal information, network, or banking account information.  This information will be secretly sent to the attacker who will use it to steal the user’s identity and their money or to access the state network using the user’s network log-in information to steal data.

Mobile Development

Mobile devices have transformed the way we live and do business. Tablets outsell laptops and over half of American adults own smartphones. People are able to browse the Internet from anywhere, at any time, on a variety of different devices. That means customers and other users are able to access your agency’s information more conveniently than ever before. However, this also means that your agency website needs to be “mobile ready” to make the user experience the best it can be.

Not only do you want a website that looks and navigates well on a desktop, but you also want the same goal for most mobile devices. Websites not mobile ready may not display correctly on a tablet or smartphone; which makes it harder for users to navigate your site using their mobile devices due to the smaller screen size. BIT can give you a quality website that looks good across different devices and screen sizes; which in the end will allow users to easily browse your website, no matter what device they are using.

A mobile ready site should be developed in addition to your desktop version. BIT has a team of web designers and developers with the skills and experience to create one for your agency. Even if you are not looking for a new site design at the time, this team can still make your current site friendlier for the mobile world.

To learn more about mobile development, check out these other blog articles:

I/T Definition: Web Server Attacks

I/T language can be confusing. BIT can help!

Web Server attacks – Attacks against the servers that connect the state network to the Internet as well as servers that host (store and run) websites.  These attacks can be to access data that is not meant to be accessible through the websites.  They can also be meant to prevent users from accessing the websites or the servers.

Malicious Office Documents

Most state employees work with Office documents every day.  One class of Office capabilities that most state employees rarely use is macros.  What is a macro? A macro is an automated way to perform calculations, tasks, or even something as simple as recording a chain of keystrokes. Macros provide the means for taking long repetitive tasks and automating them with a simple click. Unfortunately there are ways that macros can be used maliciously.

Things to watch out for are:

  • Blank documents;
  • Documents that contain random characters or symbols; and
  • Documents from an untrusted source that prompt you to enable content/macros.

The following is a malicious Excel document with the suspicious objects marked in red (CLICK to enlarge image):

The following is a malicious Word document with the suspicious objects marked in red (CLICK to enlarge image):
Simply running a malicious macro will set off a chain reaction that will have your computer download malicious files behind the scenes, hiding everything as it infects your computer. Once the computer is infected, the sky is the limit for what malicious activities could be performed. Sometimes the infections will perform a variety of malicious tasks that could slow down your machine to a crawl affecting work performance. Other times the infection could be controlled by a human to retrieve sensitive files while watching your every move.
To prevent these activities, do not click on “Enable Content” when Macros are involved in the Security Warning (CLICK to enlarge image):
If you are unsure about the email please forward the message to both: Report Spam email and Nicholas Penning
Summary:
  • Don’t open documents from unknown users.
  • Watch out for suspicious file names.
  • Do not click on “Enable Content” unless you are certain the document is from a trusted sender and are confident of the document’s contents.
*A special thanks goes out to Nic Penning for providing the BIT Blog with this informational article!

BIT Staff Assist at SkillsUSA

SkillsUSA is an industry sponsored organization to promote technical skills for high school and postsecondary/college students that will help them be successful in their chosen careers.  There are a multitude of competitions across diverse disciplines of study.  For a complete list of the competitions please visit: http://skillsusa.org/competitions/skillsusa-championships/contest-descriptions/.  This year’s SkillsUSA state competition was held in Watertown, SD at Lake Area Technical Institute (LATI).  BIT staff assisted as two of three judges for the Internetworking competition.

There were a total of six students competing in the Internetworking competition, two first year students and four second year students, all from LATI.  The competition challenged students in four distinct disciplines necessary for success in an Internetworking career: network cabling, configuring network devices for end-to-end connectivity, taking a call as a remote technical support agent (referred to as the TAC call), and an online multiple choice exam.

Wayne Wayt of the BIT Network Technologies team judged the network cabling portion.  Students were tasked with constructing three common types of network cabling used in industry in 30 minutes, and all cables needed to pass both visual and technical inspections.  Two of the six students managed to complete all three cables, but only one did so successfully.

Andy Ogan, also of Network Technologies, returned to judge his fifth SkillsUSA competition, participating in the TAC call as the frustrated end-user seeking assistance.  In ten minutes, students needed to listen to the user describe the issue within the network, look at the network documentation provided, and guide the user through a series of diagnostic tests and troubleshooting steps to resolve the issue.  Students were judged on not only their ability to solve the technical components of the challenge, but their customer service skills, speaking and listening skills, poise, and handling of the call.  Most students scored well in the customer service portion of the task, but only one student successfully solved the issue in the allotted time.

At the end of the competition, medalists were announced.  The final scores gave the Gold to Dylan Hanten, Silver to Eric Wise, and Bronze to Devin Bagaus.  Dylan will be traveling to Louisville, Kentucky to compete at the national level of SkillsUSA, and we wish him the best of luck.

Apple Watch

There have been a lot of headlines and discussions centering around Apple’s upcoming watch.  Of course Apple isn’t the first company to enter the emerging smartwatch market.  Samsung, Motorola and Asus have released smartwatches in the past year while Apple’s version, called the Apple Watch, went on sale April 15th.

Besides the standards you would expect from any smartwatch—a choice of watch faces, keeping time within 50 milliseconds—Apple promises other features to make their watch useful.  For example when communicating with friends or family, you’ll be able to send direct messages, send taps which they’ll feel, drawings you make, or even send your heartbeat.  In fact, like other recent smart fitness-tracking devices, Apple tells us that their watch will be able to track your daily routines and suggest life-style changes based on what it learns over time.

Of course beyond fun and fitness, Apple is planning multiple decorative and personalization options to suit each owner’s style.  Business partners will assuredly line up to make custom accessories as well. Other features that are expected include: Bluetooth technology, retina (or high definition) display, wi-fi connectivity, motion detection via a gyroscope, and a microphone to make or receive calls.  Additionally, the display will feature what Apple is calling a ‘Force Touch’ screen which is currently not available elsewhere in the smart device market—something new and interesting the market is eager to test out.  Lastly, the watch will be water resistant, assuring that no one sees their new investment ruined by the next rainstorm.

In staying with their historical use of third party vendors to develop custom applications to take their devices beyond their base functions and options, no doubt the new Apple Watch will see its most impactful and exciting uses emerge as the development community figures out what its mix of sensors and functions can do to make our lives easier and more fun.  It’s likely that only after these third-party applications are created, purchased, and fully vetted by an intrigued public will we truly know if the iWatch is something which will live past its initial release.

According to some, wearable technology is just a passing fad; they point to how “Google Glass—computerized eye wear” came and went as proof that wearable tech’s time has not yet come.  However, in the near term it appears there’s more than enough interest in the Apple Watch’s features for a lot of people to make the initial investment.  We are watching to see if, as the iPod broke the mold for music players and captured the hearts—and ears—of millions, and the iPad broke open the tablet market to usher in a new era in portability and functionality, whether Apple’s new gem will prove that the smartwatch’s time has finally come.  If so, perhaps another Apple product will be the one to set the bar for an industry—Apple has done it before and millions are watching to see if they can do it again.  So, here’s to you, Dick Tracey, consumer reality may be finally catching up to the amazing abilities of your comic book wrist watch.

*A special thanks goes out to Tony Rae for providing the BIT blog with this article!*

Employees of the Quarter Announced at BIT

In honor of these individuals’ outstanding performance and dedication to the Bureau of Information and Telecommunications, state government and the citizens of South Dakota, we gladly recognize them for their high standards of excellence in their duties.

Kristina, Ki, Carrie and Nic, we thank you for all you do to improve state technology services – you all make a difference!

Ki Weingart, Data Center (top left); Nick Penning, Telecommunications (top right);
Carrie Tschetter, Administration (bottom left); Kristina Cottingham, Development (bottom right)

Kristina Cottingham – Development 

Kristina is a Software Engineer II for the Bureau of Information and Telecommunications Development Team 2.  She has 16 months of service with the State of South Dakota in this field.  Kristina graduated from Dakota State University with a Bachelor of Science in Computer Science.

She has been completing her Master’s Degree online and will be graduating with it this May.  Kristina has been assigned the project lead on several technology upgrade projects.  She successfully completed the AG40 Campfire Database system for the Department of Agriculture WildLand Fire Division and received praise from the clients on her work.  Kristina has also been working on the PS16 Video Request system for the Department of Public Safety that will streamline the processing of Highway Patrol videos.

In addition, Kristina is working on multiple systems within the Department of Environment and Natural Resources FoxPro conversion project.  She has excellent organizational skills and always likes to have a full plate of tasks to stay busy.  Kristina possesses excellent communication and people skills to go along with her outstanding technical skills.  She collaborates and interacts well with co-workers in team environments to insure the success of projects. She also has the unique ability of understanding and meeting client needs when interacting with them while efficiently meeting the objectives and goals of BIT.

Ki Weingart – Data Center

Ki is a technology engineer for BIT and has worked for the State of South Dakota helping to satisfy our clients’ needs for 36 years!  He came to Pierre in 1978 to work for a private firm. Eventually Ki started working with Alan Peterson and Jim Dickson as the first DBA’s for BIT back when it was called: Central Data Processing.

Ki has worked on a lot of projects during his career. He’s supported every mainframe disaster recovery drill, countless client application walkthroughs and implementations, trouble-shooting events, and countless late night calls from Operators calling him to fix Abends after hours. His current duties include ADABAS, Natural, Trim, Auditre, and backup support for WebMethods, EntireX and Natural Engineer.

Over his years with the state Ki has been a positive, helpful team player always willing to assist anyone with a need he can support.

Carrie Tschetter – Administration 

Carrie has been recognized for her high standards of excellence in project management and customer advocacy.

Carrie is a member of the Project Management Office.  She is the Point of Contact for four state government agencies:  Department of Revenue, Department of Military, Department of Veterans Affairs, and Public Utilities Commission.  Carrie is able to provide her top notch customer service to state agencies due to her previous experience as a client of BIT.  She came to BIT about a year ago from the Department of Revenue (DOR) bringing with her twenty years of service to the State of South Dakota.

Since joining BIT, Carrie has actively participated in several activities to learn about the services BIT provides our client agencies.  As a Point of Contact, Carrie has taken an active role in project meetings for her assigned state agencies.  The DVA is in the process of building a new VA home in Hot Springs.  To address DVA I/T concerns, Carrie participated in two trips to visit the new VA Home with BIT LAN Services and Network Technology staff.  Through working on the VA home project, she found that the State Engineers’ Office was not including the recommended I/T clauses in their contracts. She has also assumed a more active project leader role for several DOR projects.  During a recent cyber security tabletop exercise with DOR, Carrie was instrumental with assisting in the planning and successful execution of the joint project.

Carrie can translate the technology jargon for agency clients.  She also has become an asset to the PMO team by contributing her past experience and her current research on specific topics.  She has added a dimension to BIT workgroup discussions by providing her input based upon an agency client’s viewpoint.  When the PMO team needed assistance to manage a few projects, Carrie volunteered to manage the BIT SDPB Audio Webcasting project, serve as the PMO representative on the Classic .asp rewrite work group, and participate in an incident notification review.

Nic Penning – Telecommunications

Nic is a Technology Engineer and a valued member of BIT’s security team. He spends a majority of his time analyzing information security threats which aids in hardening the defense of the State of South Dakota’s network infrastructure.

“What I find most interesting about information security is malware and everything in its related nature. I find it fun reversing binaries and trying to figure what the malicious applications do.”

Nic is originally from Hulett, Wyoming just 10 miles from the Devils Tower National monument. He grew up building and fixing computers starting at the age of 10 for his father’s company, Double Star Computing. After high school he attended Gillette College in Wyoming and received his associates in Computer Information Systems, while competing on the collegiate cross country and track team. Nic continued his education at Dakota State University with the opportunity to not only obtain a fun Computer and Network Security Degree, but also competed in the full marathon at the national collegiate level. His second year at Dakota State yielded many accomplishments such as the Cyber Corp Scholarship for Service opportunity and a summer internship working for BIT.

“After my first ever day in Pierre, I knew right away that this was a great place to live. The first thing I did once I arrived was went for a 10 mile run by the river, and I knew that if the people here were as nice as the run I had, then this was going to be a great summer, in which it ultimately was.”

Nic completed his education at Dakota State University graduating with a Master’s Degree in Information Assurance with a Specialization in Cyber Security.

Some of Nic’s recent accomplishments include statewide Nessus vulnerability scanning; this is part of a larger project to map out the security vulnerabilities statewide and put together a more comprehensive plan to reduce the attack surface. He also worked on the IDS upgrade, including hardware and system software upgrade. This allows the state to support 10Gbps throughput at the IDS level. It brings additional capabilities like the ability to check files for malware on the wire. Finally, Nic has had a part in the installation of a security sandbox to reverse malicious code, engineering a solution to shut down automatically executing office files, and volunteering to present to the point of contacts regarding security.

Again, congratulations and thank you all for your efforts and for all the years of dedication of service to the State—BIT looks forward to many more!

BIT’s Strategic Plan Overview

The Bureau of Information and Telecommunications (BIT) strives to partner and collaborate with clients in support of their missions through innovative information technology consulting, systems and solutions.  BIT is made up of the following divisions: Administration, Data Center, Development, Telecommunications and South Dakota Public Broadcasting (SDPB). Each division is committed to providing quality customer services to ensure the state’s I/T organization is responsive, reliable and well-aligned to support the business needs of the State of South Dakota.

BIT is working toward three common goals focused on intended outcomes/results. BIT’s Strategic Plan shapes and guides what BIT is, who we serve, what we do and why we do it, with a focus on the future.  Visit http://bit.sd.gov/about/BIT-Strategic-Plan for a complete look at BIT’s strategic plan including the goals, strategies, tactics and projects that make it up.

The following are BIT’s Strategic Plan goals:

  1. Provide a Reliable, Secure and Modern Infrastructure.Provide a well-designed and architected, secure computing and communications environment to ensure optimal service delivery to our business partners. Architecture and process will be optimized to support agile and reliable computing and communication services.

    Technology assets must be high-performing and dependable to ensure services are available whenever needed. Centralization, standardization, and collaboration are vital to efficiently leverage investments. To maintain public trust, we must secure data and technology assets through leading security tools, policies, and practices.

  2. Deliver Valuable Services at Economical Costs.Develop innovative and cost-effective solutions through collaboration, cooperation, and in partnership with our clients. The solution sets include developing customized business solutions, efficient project management services and productive relationships with clients.

    “People should be online, not waiting in line.”

  3. Build and Retain a Highly Skilled Workforce. Improve the effectiveness, productivity and satisfaction of employees in order to attract (and retain) a highly qualified workforce to foster individual innovation and professional growth. Appropriate training and tools will be provided to enhance and improve career skills in the workforce.

BIT’s Strategic Plan Overview

The Bureau of Information and Telecommunications (BIT) strives to partner and collaborate with clients in support of their missions through innovative information technology consulting, systems and solutions.  BIT is made up of the following divisions: Administration, Data Center, Development, Telecommunications and South Dakota Public Broadcasting (SDPB). Each division is committed to providing quality customer services to ensure the state’s I/T organization is responsive, reliable and well-aligned to support the business needs of the State of South Dakota.

BIT is working toward three common goals focused on intended outcomes/results. BIT’s Strategic Plan shapes and guides what BIT is, who we serve, what we do and why we do it, with a focus on the future.  Visit http://bit.sd.gov/about/BIT-Strategic-Plan for a complete look at BIT’s strategic plan including the goals, strategies, tactics and projects that make it up.

The following are BIT’s Strategic Plan goals:

  1. Provide a Reliable, Secure and Modern Infrastructure.Provide a well-designed and architected, secure computing and communications environment to ensure optimal service delivery to our business partners. Architecture and process will be optimized to support agile and reliable computing and communication services.

    Technology assets must be high-performing and dependable to ensure services are available whenever needed. Centralization, standardization, and collaboration are vital to efficiently leverage investments. To maintain public trust, we must secure data and technology assets through leading security tools, policies, and practices.

  2. Deliver Valuable Services at Economical Costs.Develop innovative and cost-effective solutions through collaboration, cooperation, and in partnership with our clients. The solution sets include developing customized business solutions, efficient project management services and productive relationships with clients.

    “People should be online, not waiting in line.”

  3. Build and Retain a Highly Skilled Workforce. Improve the effectiveness, productivity and satisfaction of employees in order to attract (and retain) a highly qualified workforce to foster individual innovation and professional growth. Appropriate training and tools will be provided to enhance and improve career skills in the workforce.

I/T Definition: Geo-Blocking

I/T language can be confusing. BIT can help!

Geo-Blocking – Using software to prevent access to content from specific countries/regions based on IP addressing. Agencies determine the geographical scope of their web site accessibility.

New Aquatic Invasive Species Website Launches

The South Dakota Department of Game, Fish and Parks (GFP) launched a new website this month! The intention of the new website is to help inform anglers and boaters about the new statewide, invasive aquatic species rules.

GFP partnered with BIT to design and implement the new SD Least Wanted website. BIT worked with communications staff of GFP to create the site using responsive web design so it will allow users to easily use it on any smartphone or tablet device.  SD Least Wanted allows users to access information on: new laws and regulations; species information, including locations; boat washing techniques; maps; how to report an invasive species; news; a media gallery; easy access to social networking platforms; and other frequently asked questions.

You can check out the new site at http://sdleastwanted.com/.

* BIT strives to help agencies meet the growing needs of all their digital customers. If your agency would like more information on website construction, redesign, mobile-ready and responsive website services and applications BIT provides, please contact your BIT Point of Contact. 

The below press release was released by GFP to inform the public of the new website they launched along with a new hashtag campaign #sdleastwanted.

New Aquatic Invasive Species Website Launches

PIERRE, S.D. –With spring well underway, so is this year’s fishing season. The South Dakota Game, Fish and Parks (GFP) launched a new website today to help inform anglers and boaters about the new statewide aquatic invasive species rules; expected to take effect the middle of May.

“In an effort to slow the spread of aquatic invasive species in South Dakota, anglers and boaters, residents and nonresidents, will soon be required to change their old ways of transporting bait and fish and comply with newly established regulations,” stated Kelly Hepler, GFP Secretary. “With that, we have launched a new website that serves as the hub of all information related to aquatic invasive species in our state.”

The website, http://sdleastwanted.com/, features information on the new laws and regulations; species information related to zebra and quagga mussels, Asian carp and invasive plants; boat washing techniques and locations; a map depicting water bodies and any invasive species it may contain; frequently asked questions related to the new laws; how to report an invasive species; a news section; and a media gallery with images and videos. The website is also designed to be responsive; meaning that it will render on any smartphone or tablet device in an effort to meet the growing needs of digital customers.

In addition to this website, a new hashtag campaign called #sdleastwanted has also been implemented allowing anglers and boaters, along with their friends and family, an opportunity to share what they are doing to help slow the spread of aquatic invasive species in South Dakota. Digital users can share their images using #sdleastwanted via Facebook, Twitter and Instagram.
New laws will require boaters and anglers to:

1. Clean all vegetation and aquatic invasive species from a boat, trailer or other watercraft.

2. Open or remove all drain plugs or similar devices; except when in the boat ramp parking lot or when the boat is being launched or loaded. A boat may have these devices closed or in place while in route to a fish cleaning station immediately adjacent to where the boat was loaded, but they must be opened or removed before leaving the fish cleaning station.

3. Not transport bait or fish in water taken from a lake, river or stream. Bait may be transported in water taken from a lake, river or stream only while in route to a fish cleaning station located immediately adjacent to the lake, river or stream, but must be drained prior to leaving the fish cleaning station.

“Fishing, boating and other outdoor recreational activities are deeply engrained in the culture of this state. If each of us takes responsibility to do what we can to protect our resources today, these outdoor activities will continue to be enjoyed by future generations for years to come. Many thanks to South Dakota’s anglers and boaters for their patience and cooperation with the implementation of these new regulations,” concluded Hepler.

The South Dakota Game, Fish and Parks will continue to keep anglers, boaters and other outdoor enthusiasts informed as to the exact date of when the new laws take effect.

For more information on aquatic invasive species and how to help slow their spread in South Dakota water bodies, please visit http://sdleastwanted.com/.

-GFP-