Cabinet for Health and Family Services Wins Award For Best IT Security Initiative
Sandeep Kapoor, second from left, Richard Chapman, center, and Melba Story, of the CHFS Office of Information Technology receive the award for 'Best Security Initiative'. Jack Mortimer, left, of Government Technology Magazine, and Steve Dooley, right, interim commissioner of COT presented the award.
A sweeping, two-pronged IT security project in the Cabinet for Health and Family Services (CHFS) received the 'Best Security Initiative' award at Kentucky's 2008 Digital Government Summit. The award was one of nine given out in conjunction with the Best of Kentucky technology awards at the annual IT summit, which took place in Lexington, Kentucky on April 22, 2008.
The 'Best Security Initiative' award was given to the CHFS Office of Information Technology (OIT) for its efforts in developing an innovative, unique and resourceful application of technology furthering the goal of security.
“Systems and data security are of the utmost importance to CHFS staff, clients and providers,” said Janie Miller, secretary of CHFS. “OIT has and continues to work tirelessly to create and sustain secure, reliable data and work processes through innovative security technology. I’m pleased OIT’s efforts have been recognized with this prestigious award.”
The OIT Enterprise Security Initiative involves two applications that greatly improve security controls throughout the cabinet. First, CHFS is in the midst of a rollout of Pointsec security software, from Check Point Software Technologies Ltd., to all desktops and laptops in the cabinet. This software provides encryption of the hard drive and removable media on all cabinet computers, thus offering additional security protection in the event that hardware is lost or stolen.
For its second major security application, the cabinet implemented the Medicaid End User Provisioning System (MEUPS), an automated system for provisioning authorized users of Kentucky's Medicaid system. MEUPS provides a single sign-on environment for both Medicaid staff and the large Medicaid provider community, automating the user authentication process for several Medicaid subsystems. Currently this system helps manage authorization on eight different applications hosted across organizational boundaries. The system is built upon Microsoft's Active Directory Federated Services (ADFS) and provides:
- A maintainable list of participating applications;
- A maintainable list of assignable roles;
- The ability for users to request application and role authorization;
- An approval process for authorization requests; and
- An audit trail of the approval process and authorizations.
"At CHFS, IT security is very important and we spend a great deal of time and resources planning and executing initiatives to improve security," said CHFS CIO Lorna Jones. "It's gratifying to see that our efforts are recognized and appreciated."