You Are Here: 2003-2004 Best Practices Award Winners
TECHNICAL IMPLEMENTATION
Office of the State Comptroller
Secure 4 Tier Network Infrastructure
Over the past several years, the Office of the State Comptroller (OSC) has been engaged in implementing a network and security infrastructure which would allow us to conduct business over the Web. We believe OSC's implementation of a Secure 4-Tier Network Infrastructure merits consideration for a 2004 NYSFIRM Best Practices Award in the Technical Implementation category. In order to implement this new infrastructure; OSC not only demonstrated the types of inter-divisional and cross-agency collaborations necessary to achieve success in a project of this magnitude but employed a best practices approach to the selection and use of technology never before utilized in the State to this degree.
The impetus for this project came from the necessity of upgrading the Statewide Payroll System to a browser based application and the need to position OSC to conduct e-Government in the future.
OSC hosts the Statewide Payroll System, know as PayServ, and produces paychecks and advices for almost 250,000 employees every two weeks. First housed on an IBM mainframe, it was re-engineered onto a client/server Citrix environment in 1998 and most recently to a browser based system in August 2003. Upgrading the payroll system to a browsed-based system, eliminated the need for client-side software and increased accessibility from anywhere within the State.
Simultaneously, OSC's executive management began to examine the use of the Internet for communicating and transacting business with OSC's employees, business partners and constituents. e-Government (e-Gov) was determined to be a strategic direction for OSC to provide high quality services and information. To enable this strategic direction and support the new statewide payroll initiative a secure and robust Internet infrastructure was necessary.
Since some of the reasons that make the Internet a desirable platform for delivering services - availability, ease of use, and accessibility - are also the reasons that applications are more vulnerable to attack, use of the Internet for delivery of services necessitates a well thought out, sophisticated enterprise-wide approach to security. The OSC approach emphasized the adoption of standards and reusability. It addressed our present needs while providing a foundation to support expected expansion of business use of the OSC e-Gov framework. Consequently, in the fall of 2001, OSC began a multi-year project to implement a secure 4-Tier network infrastructure built upon accepted industry standards.
The backbone of this infrastructure is our Public Key Infrastructure (PKI) which positions OSC to take advantage of New York State's Electronic Signatures and Records Act. OSC's in-house Certificate Authority issues digital credentials to our customers, empowering them to conduct true e-Gov business. The upgraded payroll system became the first major, mission critical application to use this new infrastructure, including PKI.
Accomplishing this task required the cooperation of a number and variety of OSC technical and functional staff, business partners and sister State agencies. The project team consisting of agency technical staff and consultants began an iterative exercise to: eliminate bureaucratic boundaries, establish trust among team members, revisit the plan to recognize opportunities for improvement, and find new ways to collaborate. Functional teams from our business units helped communicate progress to our customers in other agencies and train new users of the infrastructure. Weekly meetings helped foster communication and troubleshooting throughout the design and implementation process. OSC technical and functional staff also held several 'town meetings' to meet with our customers.
OSC began benchmarking and stress testing the new infrastructure in January 2003. A test system became available to OSC users and external pilot agencies on May 19. OSC met the promised production rollout date of June 16 when on-line report-viewing via a Web browser became available to all of our customers. We believe this new infrastructure delivers functionality and ease of use to our agency payroll customers while increasing overall security. With the implementation for the Payroll System, users went from four (4) UserID and password combinations to only one (1) UserID and password. Over the first six months of this year we have seen requests for re-issuance of passwords drop by nearly 50%. This has not only increased the productivity of the users and decreased the administrative overhead of our security staff but substantially strengthened the security of the Payroll System as well.
OSC is extremely proud of its new secure and robust Secure 4 Tier Network Infrastructure. This new infrastructure fully supports the mission of OSC; specifically, "To continuously improve our operations by fostering innovation, better use of technology, a wise alignment of our resources and a well trained, diverse and professionally developed workforce."
Contact:
- Jean A. Moore
- Office of the State Comptroller
- 110 State Street
- Albany, NY 12236
- (518) 402-4049
- jmoore@osc.state.ny.us