U.S. Attorney's and the Executive Office for the U. S. Attorneys

Lew Sanford Jr.
Chief Information Officer

June 6, 2005

Slide Notes

Personal bio
OODA Philosophy – Observe, Orient, Decide, Act per Col. John Byrd

High quality professional staff dedicated to serving USAs nation-wide

Slide 1

What does the CIO for the U.S. Attorneys do?

We provide technology services to aid United States Attorneys to prosecute criminals.
We work to advance the ability of U.S. Attorneys to efficiently and effectively use every technology available to capture and share information to aid rightful prosecution.

Slide 2

How does the CIO assist U.S. Attorneys?

We provide business applications, network services (WANS, LANS), the IT infrastructure (desktops to servers), telecommunications, information security, video conferencing services, and training support.
Essentially, we provide end-to-end computing experience for our offices.

Slide 3

OCIO Support Responsibility

We provide support services to:
- U.S. Attorneys
- 94 District Offices
- 16,000 users
- Executive Office
- NAC Training Facility
- System Managers. . .

Slide Notes

Your local support is a System Manager responsible for keeping you operational at the local level. They assist with break/fix, installing new equipment (such as blackberries) and install systems patches to ensure good server performance and security.

Slide 4

CIO Functions

Provide Information Technology Management, Resources and Services to USAO and EOUSA
- Provide Office Automation Services
  - HW/SW systems Acquisition Process
  - Test and Evaluation Process
  - HW/SW Deployment Process
  - Local Area Net Monitor and Support Process
  - Litigation Support Process
- Provide Telecom Infrastructure Services
  - Wide-Area Net Monitor and Support Process
  - Telecommunications/Telephony Support Process
  - Tele/Video Conferencing Support Processes
- Provide Applications Development Services
  - Case Management System (CMS) Development and Support Process
  - Data Management Processes
  - Statistical Reporting Process
  - Quality Assurance Process
- Provide Web Based Services
  - Web-based Services Support Process
  - Intranet and Internet Support Process
- Provide Info Security Services
  - Secure all SW Applications Process
  - Secure all systems, LAN, and WAN Process
  - Implement Secure Standard Operating Procedures Process
  - Evaluate Security Processes
  - VPN/IDS Security Support Process
- Provide IT Training and User Support
  - Centralized Help Desk Management Process
  - Formal and Self-Training Process
  - IT Professional Development and MS/Oracle/PMI Certification Process
- Plan and Manage EOUSA/ASAO IT Resources
  - IT Investment Planning Process
  - IT Services and Risk Management/Overnight Process
  - Special/Crosscutting IT Project Mgmt Process
  - DOJ CIO/ Working Group Participation Process
  - IT Communications/Marketing Process

Slide 5

1-3 year plans

CIO BUSINESS
- Establish/update Strategic Plan
- Establish EA Plan
- Provide Budget and budget management
- Review & update policies over 18 months old
- Establish routine major project review
- Establish Value Consulting Team
- Provide National Operations Center
  - Provide National Help Desk & Asset Management
  - Strategic: Asset Management Initiative
- Human Capital Strategy: Assist EOUSA HR implementing OPM eGov Initiative
- Financial Strategy: Assist EOUSA CFO implementing UFMS
- Administrative Strategy: Establish or enhance administrative systems at EOUSA
  - Tactical: Implement a facilities management software for EOUSA & US Attorneys
  - Tactical: Implement a contract management software for EOUSA
- E-Government: Promote use of PMA and eBusiness Initiatives to foster greater efficiencies across the department and throughout government (eTravel, IAE, OPM, etc.)
- Strategic: Establish district level process improvement effort
- Strategic: Establish Quality Assurance Program

Slide 6

1-3 year plans continued

INFRASTRUCTURE OPERATIONS & ENGINEERING
- Provide Integration & Engineering Services
- Provide National Operations Center (interim assignment)
- Provide support for Executive Office LAN
- Sustain Web Services & Design
- Sustain Automated Litigation Support Program
  - Provide training for ALS
- Technology Refreshment: Deploy Server Replacement, switch replacement, desktop & peripheral replacement
  - Provide SM training in support of refreshment
- Technology Improvement: Deploy JCONIIA Switches
- Technology Improvement: Establish high-speed RAS
- Technology Improvement: Analyze FY06 JCONIIA PC replacement reqmts and create plan
- Tactical Improvement: test & deploy wireless network [e.g. Strix Systems' Access/One Network or equal] (joint TTD)
- Business Improvement: Facilitate eTs deployment (eTravel)

Slide 7

1-3 year plans continued

NATIONAL OPERATIONS CENTER
- Provide National Help Desk & Asset Management
- Strategic: Asset Management Initiative
- Provide business application hosting services
- Host Security Operations Center
INFORMATION SYSTEMS SECURITY
- Provide Security Operations Center
- Provide Intrusion Detection Services
- Conduct Certifications & Accreditations Testing & Coordination
- Recommend Risk Management techniques
- Provide Incident Response support
- Strategic Initiative: Select & deploy eAuthentication Services to leverage PKI investment and use of single sign-on [look at RSA or other certified authentication providers] (joint w/IS)
- Tactical Improvement: Establish Audit capability
- Performance Improvement: Enterprise Systems Monitoring/logging capability

Slide 8

1-3 year plans continued

APPLICATIONS DEVELOPMENT
- Research & Evaluation
- Application Development
- Strategic: Portal Use Study
- Tactical: Provide training for key business applications
- Tactical Initiative: Centralize LIONS database & create integrated DD with debt
- Strategic: Leverage centralized data for widespread use (connect statistical, BI or other query tools to enhance USAs usage)
- Strategic: Establish a records management strategy considering needs of USAs around eFiling, internal case management and workflow
- Tactical: Establish special purpose (investigative/inquiry) database(s) to facilitate witness lookup, expert lookup, defendant lookup, etc. - consider access by PDA as well as typical
- Operation Automation: Document Management Initiative/ECF/ Business process automation

Slide 9

1-3 year plans continued

TECHNOLOGY & TELECOMMUNICATIONS DEVELOPMENT
- Voice/Data/Video
- Strategic: VoIP Initiative
- Strategic: Voice over WiFi (NSA sanctioned)
- Technology Improvement: Update Video Conferencing
- Technology Improvement: JUTNet Migration Initiative
- Technology Improvement: Deploy routers
- Technology Improvement: Establish and initiate replacement of aging phone systems
- Tactical: Bandwidth Management Initiative (VoIP, Video, busn data, more)
- Tactical: Unify PDA management to offer sound options at lowest cost (??)
- Tactical Improvement: test & deploy wireless network to stop relocation bleed
- Evaluation/study: Wireless hotspots
- Improvement: Apply "calling tree" system to COOP Emergency Communications
- Evaluation/study: Evaluate eliminating tape backup considering records management & offsite storage

Slide 10

Please feel free to contact me:
lew.sanford@usdoj.gov
202-616-6973

Slide 11

What services do we provide?

Program Management
- Strategic Planning, Budget & Policy, Security, Coordination with District System Managers
Business Application Development
- Case Management, Debt Collection and other Business Systems
Technology & Telecommunications
- Telephone/wireless services, National Wide Area Network, Video Teleconferencing, Voice, Data & Video Ordering, Natl Crime Info Ctr/Natl Law Enforcement Telecom System
Infrastructure Management
- Office Automation Software, Automated Litigation Support, Web Management, Help Desk, Executive Office Local Area Network, Equipment & Integration Support

Slide 12

Security in all things

The Information Systems Security staff provides key services to:
- Protect our networks
- Protect our data
- Test our software
- Training to ensure that we are security aware!

Slide Notes

Intrusion Detection
Certifications and Accreditations
Risk Management
Incident Response

Malware detections: We are holding steady at about 5000 per month.

Spam: This spreadsheet documents the volume of spam we return to JMD for tuning.

C&A: CY 2004: 9 systems C&A'd.

Defense: Translating these metrics to attacks is more of an art than a science. We see policy violations, malware activations, and malfunctioning systems routinely. We often lead systems managers to problems that they were not aware of yet.

Incidents: 130 incidents were documented last year, including theft/loss and NSI processing on SBU. (To make a pitch- last year I requested funds to implement an automated incident tracking and recordkeeping system. The request didn't make the 06 budget. Currently we do our best to manage incidents and produce metrics using paper-based processes. An automated system would improve resolution, efficiency, and metric quality.)

Miscellaneous: We review and respond to new cyber threats daily. We conduct contingency tests on all systems annually. We follow-up on IT Security EARS findings. We provide security awareness training. We advocate for US Attorneys at the Dept level. We coordinate compliance with federal statutes and regulations, including FISMA.

Slide 13

Applications Development

Case Management Staff provides USAOs end user, development and technical support for caseload and collections systems (LIONS, TALON & USA-5), central reporting systems, plus FOIA requests.

Slide Notes

We received 36 FOIA requests in FY04. 33 of these were made by TRAC. This number does not include the FOIA requests made by the Data Analysis Staff.
We field approximately 1217 calls a year (this number includes only those logged through Remedy. It does not include the ones where the user calls one of us directly).
TALON - 219 reports annually
USA-5 - 16 reports annually
LIONS - 12 annual reports for HIPDB; 12 CDs annually of our HIPDB extract
NLIONS - 396 reports annually; 26 ad hoc reports (as of FY05)

Slide 14

Communications Technology

Voice
Data
Video
Internet, wireless, networks, more.

Technology & Telecommunications team provides communications tools and management from phones to video conferencing linking our mobile and distributed U.S. Attorneys nationally.

Slide Notes

Telecom:
- TTD supports over 24,000 phones in USAOs nationwide.
- USAOs make an average of 260,000 long distance calls per month
- TTD installs or relocates an average 24 phone/voice mail systems a year.
- TTD manages approximately 7,000 FTS calling cards distributed to USAO employees.
- USAOs have approximately 140 toll-free lines installed nationwide for use by victims and witnesses, as well as employees, and average 33,000 inbound calls a month nationwide.
VTC:
- TTD installed and supports 270+ VTC systems for USAOs.
- TTD supports an average of 28,000+ VTC conferences a year.
USAO - Current Network
- 263 Total Offices (Network Sites)
- 469 Total Network Circuits (Sprint & AT&T)
- 2 NOCS (Rockville JDC – Columbia/EOUSA NOC) + 97 Headquarter Offices + 127 Branch Offices + 37 Annex Offices (Served by USAO LAN's - (Point-to-Point T1's, Wireless, Fiber) + 25 Point to Point T1 Sites + 9 Wireless Sites + 1 Fiber Site

Slide 15

Telecommunications Projects

FY05 Initiatives
- Establish redundancy for NOC (reliability)
- Enhance NAC guest services to include room broadband (saves $) and phone systems
- Pursue VoIP pilot and expand if possible
- Migrate to JUTNet – replace dated network, more secure and capable, save $
- Continue national support and management for voice, data and telecommunication services.

Slide Notes

Latest Sprint Data Network (JCN) Upgrade (2004 - 2003)
- Conversion to Frame Relay – Last 18 Months; 140 - Sites Converted to Frame Relay Service – (124 in the last 6 months)
- 24 - Sites Have Doubled Bandwidth (From 1.5 up to 3.0 MB for data)
- Latest Project is 100% Completed – Expect to fully complete by 2/05
Relocation & New Offices (Last 12 Months)
- 19 - Office Relocations (Both Data and Video)
- 8 - New Offices Installed
- Full Columbia/NOC Network Integration (All New Data & Video Connections)
JCONII Compliant Network & VPN System
- All USAO Owned Cisco LAN Equipment Compliant with DOJ CERT Requirements at all 263 Sites (Routers, Altiga VPNs, PIX Firewalls, Switches)

Slide 16

Infrastructure Management

Office Automation provides nationwide infrastructure support including: hardware, commercial software, general integration services, help desk and local area network for EOUSA national offices.

Slide Notes

TechOne NATIONWIDE HOTLINE
- FY04 - 15,271 Calls
- FY05 (4 Months) - 3,269 Calls
NATIONWIDE MAINTENANCE CONTRACT
- FY04 - 3,084 Calls
- FY05 (4 months) - 884 Calls
RELOCATIONS
- FY04 - 31 Relocations/Expansions completed, including establishment of 3 new branches
- FY05 - 32 identified projects, including establishment of 2 new branches

Slide 17