Capitol Fax.com - Your Illinois News Radar


Latest Post | Last 10 Posts | Archives


Previous Post: *** UPDATED x1 *** School assignments during closure won’t count toward grades
Next Post: Alivio Medical Center Supports The Illinois Kidney Care Alliance

DoIT implementing “new security feature”

Posted in:

* Hannah Meisel yesterday

State agencies are currently implementing plans for “a temporary reduction of government functions and workforce while maintaining core functions and essential operations,” the governor’s office said, but those plans will not be available for a few days.

Marjani Williams, a spokesperson for the Department of Central Management Services, which handles some human resources functions for every state agency, told The Daily Line last week that CMS is “in the process” of finalizing updates to the state’s work-from-home policy and would soon have concrete changes to respond to COVID-19. […]

Meanwhile, the state’s Department of Innovation and Technology is implementing new security measures for state employees who access state data “while away from the office,” according to an internal memo to some state employees obtained by The Daily Line on Friday.

State employees who received the memo have until Monday to complete enrollment in multi-factor authentication, which will allow remote access to state Outlook email.

“Strengthening our state cybersecurity is a top priority for both DoIT and Governor Pritzker,” the memo said. “As our workforce becomes more accustomed to accessing state data when away from the office, the risk of a security breach increases. To reduce this risk, the Department of Innovation and Technology (DoIT) with support from the Governor’s office, is implementing a new security feature to help ensure our state accounts are better protected from external threats.”

Oh, I’m sure this is all going to come off without a hitch. /s

posted by Rich Miller
Tuesday, Mar 17, 20 @ 11:38 am

Comments

  1. They may or may not roll out before July 1 after the Dorset I’d over.

    Comment by Annon Tuesday, Mar 17, 20 @ 11:41 am

  2. The wife has been using MFA for her email, she said she hasn’t had any problems with it

    Comment by Lester Holt’s Mustache Tuesday, Mar 17, 20 @ 11:43 am

  3. This will be bungled.

    Comment by ;) Tuesday, Mar 17, 20 @ 11:47 am

  4. I could login through Microsoft Outlook anytime I want. No one has ever told me not to and there are instructions on DHS website to do so.

    Comment by Sue Tuesday, Mar 17, 20 @ 11:52 am

  5. The MFA process started months ago for those of us with state cell phones. We were cut off from remote email access until we completed the MFA sign-up process. Alas, only the people with cell phones (at least in my agency) were instructed to complete the process and now they are trying to roll it out to everyone else. You know, the staff that can’t access their emails without . . . MFA.

    Comment by Sangamo Girl Tuesday, Mar 17, 20 @ 12:04 pm

  6. Literally everyone reading this blog right now should have multi-factor enabled for anything important. If you don’t, use this opportunity to do it.

    Comment by Ok Tuesday, Mar 17, 20 @ 12:05 pm

  7. Was testing it for my agency, total cluster…

    Comment by Unionman Tuesday, Mar 17, 20 @ 12:11 pm

  8. HFS rolled MFA out in February thru agency wide email notifications with instructions attached. Very simple process, set up your personal cell phone # to receive code via text when accessing state email system away from state offices on non-state equipment.

    Comment by PublicServant Tuesday, Mar 17, 20 @ 12:16 pm

  9. You can log into your state email address from Microsoft outlook- it’s been on DHS website for years. Many have been doing it for years.

    Comment by Sue Tuesday, Mar 17, 20 @ 12:18 pm

  10. MFA was implemented several weeks ago. It works fine — so long as you’re set up.

    I know several folks from our agency didn’t bother to set it up. Internally, you don’t need it. But as soon as you get outside the agency — state — network, you need it.

    The issue isn’t the implementation — DoIT’s MFA works great. It’s the folks that ignored the deadline.

    Comment by Mr. K. Tuesday, Mar 17, 20 @ 12:23 pm

  11. - instructions on DHS website -

    You work for DHS?

    Comment by Excitable Boy Tuesday, Mar 17, 20 @ 12:24 pm

  12. Sue, same here. I have a link on my personal cell to access Outlook remotely. We’ve never been told we couldn’t.

    Comment by ??? Tuesday, Mar 17, 20 @ 12:29 pm

  13. If they need to tighten things up, it has gotten looser from when I worked remotely.

    Admittedly, the Internet has changed things, but back then we had a physical digital card with a randomized / synchronized clock code tied to only our ID. The physical token alone was a 2 factor verification that was hard to break unless the physical token was lost or stolen. Add user / password and physical or network address, and you have pretty robust security. Yes, you can spoof those attributes but you need a certain level of knowledge. The downside was the cost of acquiring and managing the physical tokens.

    Comment by RNUG Tuesday, Mar 17, 20 @ 1:24 pm

  14. I have remote access to my desktop as of this afternoon. It works surprisingly well so far and was easy to set up. It may change as the number of people ramp up accessing remotely and bogging down the state’s network.

    MFA was started about a month ago so for everyone, in our agency at least, so I already had it set up.

    I figured it would take Doit a couple weeks to get it up and going so I’ll give them credit for a fairly quick turn around.

    We’ve always had remote access to our email since Office365 was implemented.

    Comment by Saul Tuesday, Mar 17, 20 @ 2:06 pm

  15. This entire thing is a mess. FCRCs were promised basic sanitation supplies over a week ago and nothing. One FCRC is down because a worker tested positive, but that workers managers were at a meeting let week with managers from every other Chicago office and DHS refuses to acknowledge the risk that places every office in.

    Meanwhile doors are still open for anyone to walk in and infect us all. Gov Pritzker and Secretary Hou have made it clear: DHS workers and their family’s lives mean nothing and are expendable if it saves them some bad pr.

    Comment by ScaredatDHS Tuesday, Mar 17, 20 @ 2:15 pm

  16. It’s true, the FCRCs are s huge problem that everyone is ignoring. There are hundreds of people, many elderly without medical coverage in these places. Many are there to apply for medical. It’s bad and they should have already been shut down.

    Comment by Rick Tuesday, Mar 17, 20 @ 2:28 pm

  17. The MFA was announced by my agency about a month ago. If you wanted to access your email remotely going forward, you needed to sign up for MFA (and if you didn’t want to or weren’t in a position where you were required to you just wouldn’t have that remote email access anymore). With Citrix I can access my desktop remotely and see everything just like I was at work (kinda makes me wonder why I couldn’t work remotely before) :P

    Comment by Ferris Bueller Tuesday, Mar 17, 20 @ 6:35 pm

  18. I’d have to say, the very quick rollout has worked quite well at my agency.

    Comment by Ferris Bueller Tuesday, Mar 17, 20 @ 6:36 pm

Add a comment

Sorry, comments are closed at this time.

Previous Post: *** UPDATED x1 *** School assignments during closure won’t count toward grades
Next Post: Alivio Medical Center Supports The Illinois Kidney Care Alliance


Last 10 posts:

more Posts (Archives)

WordPress Mobile Edition available at alexking.org.

powered by WordPress.