IPMA News : August 2004

Edited By Mary Ellen Bradley and Dennis Jones

IPMA logo

Contents

L&I's Patch Management for Desktops Project

News from the Past

Summary of July 8, 2004 IPMA Board Meeting

 

"Sponsor's Corner"

(Editor's Note: No contributions were provided for theSponsor's Corner this month.)


L&I's Patch Management for Desktops Project

-- by Marjorie Dausener, Department of Labor and Industries

Photo of L&I Patch Management Team (left to right): Evelyn Hinken, James Dolliver, Marjorie Dausener, Dave Roberts, Andy Galloway, Mike Buss, Donna Edwards, Scott Rehm, Russ Kalista.  Not pictured are:  Tim Suttle, Charlene Williams, Cass Lehinger, Jim Ryan, Gary Epp.The Department of Labor and Industries recently adopted a new Patch Management process in response to the large numbers of patches released by Microsoft to fix vulnerabilities in the XP operating system. While XP is a very stable desktop operating system with great functionality, it has become a target for hackers. These hackers seek to exploit any operating system vulnerabilities by creating viruses and worms. Microsoft writes patches that fix the code the virus is trying to exploit.

The problem for any business is how do we learn about, assess, test, verify, and deploy all the patches that are released? And how can we do this rapidly when the threat is high?

To answer these questions, a Patch Management project team (see photo) was formed. The process below was developed.

  1. Patch rollouts occur on a monthly cycle and are set up to coincide with Microsoft's release of its patches.

  2. A Risk Analysis model was developed by IT Security for assessing security patches. The patches are rated 1 through 5, with 5 being the most critical.

  3. A Technical Review Team was created. This team includes network technicians, application developers and desktop support staff. They evaluate the patches against the applications they support. Typically, they test the patches as well.

  4. Once the patch has gone through the Technical Review Team, assuming there are no errors found, it is rolled to groups of business area customers that receive the patch before the rest of the agency. These testing groups are called "IceBreakers" as they are "plowing the way" for the rest of the agency. The formation of these groups was the last piece to put in place to complete the project.

The project team piloted the new process this past spring, and based on its success, the new process was officially adopted.

Return to Top


News from the Past

5 Years Ago -- August 1999 IPMA Newsletter

10 Years Ago -- August 1994 IPMA Newsletter was not published

15 Years Ago -- August 1989 IPMA Newsletter was not published

20 Years Ago -- August 1984 Association of Data Processing Managers Newsletter

25 Years Ago -- August 1979 Association of Data Processing Managers Newsletter

30 Years Ago -- August 1974 Association of Data Processing Managers Newsletter

Return to Top


Summary of July 8, 2004 IPMA Board Meeting

Members Present: Jim Albert, Thomas Bynum, Phil Grigg, Sheryl Hall, Dennis Jones, Dennis Laine, and Shelagh Taylor. Phil Coates, CFO, and Jim Andersen, Forum Events Manager, were also present.

Thomas Bynum, IPMA Vice-Chair, opened the July 2004 meeting of the IPMA Board of Directors at 7:30 a.m.

Secretary/Treasurer: The minutes from the June 2004 Board meeting were approved.

The Board approved the June 2004 financial status and activities reports.

COMMITTEE REPORTS

Forum 2004: Jim Andersen presented the final 2004 Forum status report.

  1. Vendors: All 47 vendors have paid for their 2004 booths
  2. Corporate Sponsors:
  3. Forum Attendance: We had 650 attendees register on Tuesday and 237 register on Wednesday for a total of 887. After clean up of the data, we ended up with 774 registered attendees, 166 were new in that they hadn't registered at a forum for the past four years. The number of state employees was 665 or 85% of the total. The following is a breakdown of attendees by classification:
  4. Forum post-event review: Listed are some suggested changes for Forum 2005:
  5. Tax Facts flyer from Department of Revenue: The June 2004 Tax Facts notice state the following: "Special event promoters and vendor verification - SB 6663 (Chapter 253, Laws of 2004) requires that special events promoters make a "good faith effort" to verify that vendors at their events are registered to do business with the Department of Revenue. It also requires that such promoters make a good faith effort to keep and preserve specific vendor information records for a period of one year from the date of the event. "Effective June 10, 2004." The board directed Phil Coates to work with Jim Andersen to ensure that we are in compliance for the 2005 Forum.

Communications: No Report

Professional Development: Sheryl Hall presented the following committee report:

  1. June 23, 2004, IPMA Seminar Update: "VoIP - Voice Applications on the Network" with Right! Systems and Seitel Leeds and Associates
  2. August 12, 2004, Seminar, "Tools for Managers Faced with Change Management Issues," is on track.
  3. Allen Schmidt and Sheryl met this month to start planning the October seminar. They will meet again in August to match topics with the 2005 dates reserved with Saint Martin's for facilities.
  4. Sheryl also noted that there had been requests from speakers at various seminars about getting the copies of the attendee lists. The board decided that consistent with Forum policy, names and mailing addresses could be provided. However, telephone numbers and/or e-mail addresses will not be provided until an "opt out" mechanism is developed. This will be a discussion item at the 2005 board planning retreat.

Executive Seminar 2004: Phil Grigg reported that they are on schedule for this year's Executive Seminar. Thus far there are 30 people registered to attend. The target is 70. Phil encouraged the board to expedite the registrations for their respective agencies. He also noted that the registration isn't official till the payment is received.

Business Planning: No Report

Management Development Program: Dennis Jones distributed and discussed several high quality handouts that detailed the results of the June 22, 2004 Mid-Manager Focus Group Session.

Purpose: The purpose of this focus group session was to seek input from a group of IT mid-managers on the development opportunities they need in order to progress into senior IP leadership positions in the state, and how they would like those development opportunities packaged and delivered.

In Attendance: Nine mid-managers, two CIO's and two facilitators.

Results: The managers reviewed the "Business Management Competency Framework" provided by the facilitators and indicated through a show of hands their interest in having a particular competency area included within the scope of the proposed manager development program. High scores indicated high interest. Low scores and interest did not necessarily indicate that the subject was not important, but rather that it was not needed as part of this proposed program because it could be easily attained elsewhere, was not something that could be "taught," or should already be a competency of people engaged in the proposed program. Fifty-seven topic areas were weighted and ranked. The top ten of those are as follows:

  1. Organizational transformation (managing cultural change) 92.16%
  2. Partnering 90.2%
  3. Negotiating/influencing 90.2%
  4. Portfolio Management 90.2%
  5. Networking 88.24%
  6. Decisiveness 88.24%
  7. Performance measurement and improvement 88.24%
  8. External awareness 86.27%
  9. Labor Relations 86.27%
  10. Delivering competitive services 86.27%

Other Comments:

Delivery method

Who should attend

Costs

Other Content

OTHER BUSINESS: None

The next board meeting will be held August 12, 2004, at the Shipwreck Café. The meeting was adjourned at 8:34 a.m.

Return to Top


IPMA, P.O. Box 1943, Olympia, WA 98507-1943