Webinar will start soon

Transcription

1 OME Webinar: Migrant Student Information Exchange (MSIX) ISA / MOU 2017 Update Webinar will start soon Audio for this webinar will be provided through WebEx. Please test your computer audio speakers. The Webinar will be recorded and posted to RESULTS. The mission of the Office of Migrant Education is to provide excellent leadership, technical assistance, and financial support to improve the educational opportunities and academic success of migratory children, youth, agricultural workers, fishers, and their families.

2 Migrant Student Information Exchange (MSIX) ISA / MOU 2017 Update November 16, 2017 Maria Hishikawa MSIX Technical Lead Office of Migrant Education US Department of Education The mission of the Office of Migrant Education is to provide excellent leadership, technical assistance, and financial support to improve the educational opportunities and academic success of migratory children, youth, agricultural workers, fishers, and their families.

3 Agenda Legal References Acronyms and Definitions Background Key MSIX Changes Memorandum of Understanding (MOU) Interconnection Security Agreement (ISA) Next Steps & Timelines Questions 3

4 Statute Sections 1304(b)(3) and 1308(b) of the Elementary and Secondary Education Act (ESEA) of 1965, as amended by Every Student Succeeds Act (ESSA) of 2015 Code of Federal Regulations 34 CFR , (c) and Guidance Legal References Non-Regulatory Guidance for Title I, Part C, Education of Migratory Children: Chapter VI, D (2010) 4

5 Federal Cyber Security Laws and Standards Federal Information Security Modernization Act of 2014 (FISMA) Privacy Act of 1974 Unauthorized Access Act (18 U.S. Code 2701) Office of Management and Budget (OMB) Circular A-130 Management of Federal Information Resources Appendix III Security of Federal Automated Information Resources National Institute of Standards and Technology (NIST) Special Publications (SP) and Federal Information Processing Standards (FIPS) SP Security Guide for Interconnecting Information Technology Systems SP Revision 4 Security and Privacy Controls for Federal Information Systems And Organizations FIPS 200 Minimum Security Requirements for Federal Information and Information ED s Handbook for Information Assurance Security Policy 5

6 Cloud Computing: Acronyms & Definitions Definition AWS: Amazon Web Services: provides cloud computing services to MSIX system as of July 24, Cloud computing services is a model for enabling ubiquitous, convenient, ondemand access to a pool of computing resources. (Federal Definition of Cloud Computing) DAA: Designated Approving Authority: US Department of Education authority who is ultimately responsible for the operation and management of MSIX. FISMA: Federal Information Security Modernization Act of 2014 which governs how Federal information systems are secured, operated and monitored. ISA: Interconnection Security Agreement: Documents the technical details of system to system communications for the purpose of planning, establishing and maintaining the data exchange. MOU: Memorandum of Understanding: Governs the roles and responsibilities of the parties involved in the data exchange. MSIX: Migrant Student Information Exchange 6

7 Background MSIX MOU/ISA documents were circulated in 2016 to all participating MEP States. MOU & ISA documents expire in 3 years from last signature date; Reviewed annually to remain current. New MOUs needed if: State migrant specific database has had major updates/changes; OR Previous MOU has outstanding questions New ISAs are required for all participating states. 7

8 Key MSIX Changes Before US Dept of ED template 2. HPE (DXC) data center 3. Location: FL/GA 4. Traditional server architecture After Cloud Services Migration 1. New 2017 US Dept of ED template 2. Amazon Web Services 3. Location: US-East/West 4. Cloud services architecture 8

9 Memorandum of Understanding Purpose: Governs the relationships and responsibilities of those involved in the data exchange MSIX cloud migration did not change these relationships and responsibilities. States with current signed MOU: Attach and file the MOU amendment with previously signed official MOU. Expiration date does not change. States with changes to State Migrant System: Update the new template with State information. Circulate for State and OME DAA signatures. Expiration date resets to 3 years from signing. 9

10 Interconnection Security Agreement Purpose: provides guidance for planning, establishing and maintaining the interconnection MSIX physical architecture diagram changed Data Center service provider location changed Secure File Transfer file submission server changed Appendix added to document Security measures in place for MSIX per FISMA and ED OCIO requirements Documents safeguards in place to protect, prevent, detect, and recover from cyber incidents States may use the appendix as reference for State migrant database security safeguards 10

11 Next Steps & Timelines Who What When OME Distributes ISA template and MOU memo 11/6/2017 OME Presents Webinar to review scope of changes and next steps 11/16/2017 SEA Files Memo with signed MOU * By 11/30/2017 SEA SEA OME Updates ISA template with State specific information (consults with MSIX Team) Signs ISA and submits to OME/MSIX Team (PASSWORD PROECT with Adobe Acrobat) Signs ISA and returns final document to States (with Password protection) 11/6/ /13/2017 No Later than 12/13/2017 (within 14 days from receipt) * For States identified as needing a new MOU, both the ISA and MOU should be processed together. 11

12 Extension Requests State Director may request extensions for extenuating circumstances for up to 30 days. Last day for extension request submission is 12/08/2017. Approval/Denial in < = 2 business days See form on next slide. MUST BE SUBMITTED BY STATE MEP DIRECTOR via to Maria.Hishikawa@ed.gov 12

13 Extension Request MSIX ISA Update Extension Request State (Name of your State) MEP Director (Full name of director) Extension Duration Extenuating Circumstance (Number of calendar days needed for State signatures, not to exceed 30 days) (Describe in detail dependencies and issues that prevent timely signatures, such as changes in State system, changes in key personnel, etc.) Steps: 1. State representative completes the table above. 2. State MEP Director s the completed request to MSIX Technical Lead: 3. MSIX Technical Lead reviews and responds with Approval or Denial within 2 business days (based on sent date). 13

14 Questions and Contacts OME MSIX Technical Lead: Maria Hishikawa OR MSIX Functional Team The mission of the Office of Migrant Education is to provide excellent leadership, technical assistance, and financial support to improve the educational opportunities and academic success of migratory children, youth, agricultural workers, fishers, and their families. 14