NASCIO Recognition Award Nomination. Title: Central Issuance of State Drivers Licenses. Category: Digital Government Government to Citizen

Similar documents
2014 NASCIO Recognition Award Nomination

BUSINESS CONTINUITY AND DISASTER RECOVERY ACROSS GOVERNMENT BOUNDARIES

NORTH CAROLINA NC MRITE. Nominating Category: Enterprise IT Management Initiatives

Sparta Systems TrackWise Digital Solution

Judiciary Judicial Information Systems

Annual Report for the Utility Savings Initiative

Overview of Court Information Technology

Altius IT Policy Collection

Investigation. City of Edmonton Office of the City Auditor. ETS Workforce Development. January 14, 2019

Kentucky IT Consolidation

How Cisco IT Deployed Enterprise Messaging on Cisco UCS

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES

NASCIO 2018 State IT Recognition Awards

Critical Cyber Asset Identification Security Management Controls

Dell helps you simplify IT

FIRE REDUCTION STRATEGY. Fire & Emergency Services Authority GOVERNMENT OF SAMOA April 2017

IT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT)

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

Inventory and Reporting Security Q&A

Privacy Impact Assessment

emarketeer Information Security Policy

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Security Survey Executive Summary October 2008

NIST Special Publication

NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES

Page 1 of 15. Applicability. Compatibility EACMS PACS. Version 5. Version 3 PCA EAP. ERC NO ERC Low Impact BES. ERC Medium Impact BES

State of Iowa Information Technology Business Continuity Center. Executive Summary

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

Cyber Insurance PROPOSAL FORM. ITOO is an Authorised Financial Services Provider. FSP No

Groton Data Center Migration Project

Identity Theft Prevention Policy

Red Flags/Identity Theft Prevention Policy: Purpose

Request for Proposal. I. Introduction. II. Scope of Work. IT Managed Services Support. IT Environment. Main Facility

SHARED SERVICES - INFORMATION TECHNOLOGY

Juniper Vendor Security Requirements

Review of the Feasibility Plan for Coordinating Operations of the North Carolina Research and Education Network and the State Network Infrastructure

Information Technology General Control Review

INFORMATION SECURITY. One line heading. > One line subheading. A briefing on the information security controls at Computershare

GOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

Standard CIP Cyber Security Critical Cyber Asset Identification

Kentucky Wireless Information Network Service (Ky-WINS)

Information. Technology. Annual Report

MANAGING STATISTICAL DEVELOPMENT AND INFORMATION TECHNOLOGY IN THE STATISTICAL SYSTEM OF MALAYSIA

Standard CIP Cyber Security Critical Cyber Asset Identification

ISSUE BRIEF SC DMV ELECTRONIC TICKET TRANSMISSION MANDATE (November, 2017)

: : : : : : : : : : : : : COMPLAINT PARTIES. 1. Plaintiff the State of Rhode Island Department of Revenue ( Department of

The Common Controls Framework BY ADOBE

WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution

Postal Inspection Service Mail Covers Program

Policy. London School of Economics & Political Science. Remote Access Policy. IT Services. Jethro Perkins. Information Security Manager.

Criminal Case Information System for Public Defenders [Section 18B.10 of S. L , as amended by Section 18A.2 of S.L.

Certified Information Systems Auditor (CISA)

Emergency Support Function #2 Communications Annex INTRODUCTION. Purpose. Scope. ESF Coordinator: Support Agencies: Primary Agencies:

Data Backup and Contingency Planning Procedure

Project Management Pre-Implementation Project status reporting Post Implementation Assessment Phase Solidify Project Scope

What can the OnBase Cloud do for you? lbmctech.com

IBM Security Intelligence on Cloud

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

University Information Systems. Administrative Computing Services. Contingency Plan. Overview

SITUATIONAL AWARENESS FOR NORTH CAROLINA S MODERN ENTERPRISE

Securing Cost Savings for Scottish Police

Heavy Vehicle Cyber Security Bulletin

IT Service Upgrades Announcement

SECURITY & PRIVACY DOCUMENTATION

The Solution Requirements and considerations

VMware vcloud Air Accelerator Service

Cloud FastPath: Highly Secure Data Transfer

Emergency Operations Center Management Exercise Evaluation Guide

Network Performance, Security and Reliability Assessment

STATE OF NORTH CAROLINA

FY 2018/2019 MOE Budget Presentation

CCISO Blueprint v1. EC-Council

Hosted Testing and Grading

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

2 ESF 2 Communications

Sparta Systems TrackWise Solution

Project Physical Security Directives Mapping Document

DIRECTIVE ON INFORMATION TECHNOLOGY SECURITY FOR BANK PERSONNEL. June 14, 2018

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Cyber security tips and self-assessment for business

IBM Case Manager on Cloud

ROYAL INSTITUTE OF INFORMATION & MANAGEMENT

Designing Windows Server 2008 Network and Applications Infrastructure

CYBER SECURITY POLICY REVISION: 12

Streamlined FISMA Compliance For Hosted Information Systems

Texas Commission on Fire Protection

PREPARED STATEMENT OF ERNEST R. FRAZIER, SR., ESQ. AMTRAK, CHIEF OF POLICE AND SECURITY DEPARTMENT

Automate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds

12 Approval of a New PRESTO Agreement Between York Region and Metrolinx

AUTHORITY FOR ELECTRICITY REGULATION

A80F300e Description of the SA8000:2014 certification procedure

WHITE PAPER. Header Title. Side Bar Copy. Header Title 5 Reasons to Consider Disaster Recovery as a Service for IBM i WHITEPAPER

Supersedes Policy previously approved by TBM

TB+ 1.5 Billion+ The OnBase Cloud by Hyland 600,000,000+ content stored. pages stored

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

REVIEW OF MANAGEMENT AND OVERSIGHT OF THE INTEGRATED BUSINESS MANAGEMENT SYSTEM (IBMS) January 16, 2009

City of Kingston Report to Council Report Number

Overview of the Federal Interagency Operational Plans

Transcription:

NASCIO Recognition Award Nomination Title: Central Issuance of State Drivers Licenses Category: Digital Government Government to Citizen State: North Carolina

Executive Summary The NCDMV wanted to reduce identity theft and identity fraud. They determined that central issuance of drivers licenses in combination with verification of social security number, facial recognition and verification of other required applicant supplied documents was the most effect way to meet this goal and protect North Carolina s citizens. The NCDMV worked with the NC General assembly to pass legislation to implement the central issuance process. The Central Issuance Project was a joint effort between the North Carolina Division of Motor Vehicles (NCDMV), the Department of Transportation (NCDOT) and the Office of Information Technology Services (NCITS). The project was implemented to meet the requirements of General Statue 20-7(f)5, which requires the Division of Motor Vehicles to issue a drivers license applicant a temporary driving certificate (TDC) valid for 20 days unless the applicant is applying for renewal by mail. The temporary driving certificate is valid for driving purposes only and is not valid for identification purposes. The Division produces the applicant s drivers license at a central location and sends it to the applicant by first class mail at the residence address provided. On July 1, 2008 the Central Issuance Project was approved for implementation. The Central Issuance project was one of the largest projects ever implemented for the DMV Drivers License application. The intense effort lasted 14 months from the time the project was approved to the full implementation. The effort required the setup of new secure infrastructure such as new facilities for the central print sites; new secure servers to support the applications and print solution, establishment of secure communications between the sites, and deployment of desktops and printers to 123+ branch locations throughout the state. Disaster Recovery failover capability and extensive enhancements to the current drivers license application were also required. On September 2, 2009 the Central Issuance project was successfully rolled out to all 100 North Carolina counties. The State of North Carolina was issuing drivers licenses from a central location, issuing temporary driving certifications at 123+ branches and mailing drivers licenses to the address provided by the applicant. The success of the effort was fully attributable to the collaboration of the NCDMV, NCDOT/IT and NCITS. This project serves as a model solution for the establishment of inter-office communications and collaboration as well as between state agencies. It also serves as a model for the verification and authentication of personally identifiable data. The implementation of Central Issuance has reduced wait time in 123+ Drivers License branch offices for the citizens of NC and it has significantly reduced identity theft of our citizens. This effort also sets the stage for the next effort to implement a more secure NC drivers license card.

Description Business Problem Prior to the Central Issuance Project, drivers licenses were processed, printed and then issued over the counter at 123+ drivers license offices. This drivers license process has been in operation since the beginning of issuing drivers licenses in NC (40+ years). The drivers license production equipment was vulnerable to theft at 123+ branches and wait times through out the North Carolina drivers license branches were unacceptable. Backup and recovery processes were obsolete at best. The verification of information provided by the applicant was completed after the drivers license was issued. This over the counter process allowed for an unacceptable rate of identity fraud; often times an offender had already transferred their NC drivers license to another state before the verification process was complete. The solution had to address the following: Facilitate and improve the flow of customers through 123+ North Carolina Drivers License branches and five mobile branches with the goal of reducing customer wait time. Provide updated facial recognition capability. Facilitate the timely verification of applicant information to allow an average of 10,000 daily issuances to be delivered within the specified time. Install and support a secure central printing facility. Develop and support a new mail and return mail process. Establish a backup central printing location. Set up a backup facility for applications and data. Provide sufficient communications to all citizens of the state of the process change. Implement a process for continued support and collaboration between the three agencies. A solution was provided by evaluating each major requirement individually and holistically. The successfully implementation of this project was the responsibility of and managed by NCDOT/IT personnel. An assessment of the workflow of all the branches was taken. The busiest branches were given multiple work stations and printers. The permanent card production equipment was removed from the branches. Printers for printing Temporary Driver Certificates (TDC) were installed. Under the previous system, there was a wait after the picture was taken and before the card was produced. The TDC prints almost instantly, relieving the wait time for card production in the branches. Once the pictures were taken in the drivers license offices, images were stored on servers at NCITS. Twenty three million existing images had to be migrated to the new central image server at NCITS. Secure access was established between 123+ branches and the servers located NCITS.

The established facial recognition vendor for NC deployed an upgraded facial recognition (FR) engine. The facial recognition process was moved to Billerica, NJ to be supported by the vendor. Secure lines were installed. Virtual Private Network (VPN) and firewall rules had to be established to protect the data. New secure processes had to be established to stabilize and define changes to the production environment. A new release process was established using the information Technology Infrastructure Library (ITIL) methodology. Upgraded fraud investigation software was deployed to facilitate the verification process. The DMV facility was designated as the secure location to establish the central printing facility. Extensive enhancements were made to the existing Drivers License mainframe application to facilitate the tracking of the card from the time of issuance until the printing and mailing of the card to the applicant. Secure connectivity had to be established in the facility, and large commercial size mailers and printers had to be set up. A secure means for protecting the consumables- (card production paper, ink, etc) was established by installing locked cabinets. Only authorized employees could have access to the facility which was protected by card access locks. Vendor staff was responsible for providing continued support for printing the cards and stuffing the mailers. The DMV mail room handled the mailing of the cards. A backup data center was established at the state s Western Data Center. Secure connectivity was established and failover capability was established. This backup facility could operate at 50% capacity. A backup print facility was also established in Elizabethtown, NC. A secure cage houses the printers and consumables. Vendor staff would also support the backup print facility at 50% capacity in the event of a disaster. News media communicated the upcoming change in process at the NC Drivers License Branches to the citizens. A phased rollout approach was selected because of the deployment of equipment in all 123+ branches located through out the state. NCDOT personnel were responsible for installation of the equipment. Four branches were rolled out daily in strategically established locations. Communications were also displayed to citizens at the branch offices during the phased rollout of the project. As prescribed by ITIL best practices, Service Level Agreements and Operational Level Agreements were established between the agencies and the supporting vendors. Helpdesk processes were established. Employees were trained on the new processes. NC law enforcement also attended training to familiarize them with the new TDC that would be presented to them if they stopped a citizen before the citizen had received their drivers license in the mail.

Significance The Central Issuance Project has reduced facility security vulnerabilities as well as improved the issuance process for driver license and identification cards by incorporating additional verification checks from the beginning of the process until the card is mailed to the customer. Now NC DMV has a secure Central Print Facility within its headquarters. The ability to physically print a driver license or identification card has been removed from driver license field offices, therefore minimizing the risk of theft of card production equipment. The Central Issuance Project affords DMV time to electronically verify applicant s information prior to mailing the license to the customer. If the customer information fails the verification process, the customer is notified and the issuance is withheld. The Central Issuance Project deters the attempt to obtain an issuance under false pretenses. The Central Issuance electronic verification process includes verification of lawful status in the United States, address verification which combats address fraud, confirmation of a customer s social security number which foils identity theft, facial recognition which detects multiple identities and the verification of out of state licenses that are transferred to NC. Central Issuance has not only changed the manner in which we conduct business with the citizens of North Carolina. The State s effort to elevate security and the protection of citizen data reaches far beyond the NCDMV, NCDOT, NCITS and its citizens. Benefit Within the eight months that the Central Issuance Project has been implemented, all expected benefits are being realized. Per the manager of the NC Fraud investigation unit; before the implementation of the Central Issuance Project, an average of 45 potential fraud cases was identified daily. Each case took approximately 3 hours to work at an average of $20.00 per hour. Since the implementation of Central Issuance, the fraud cases have been reduced to an average of 1 new case per week. This translates to a cost reduction of $53,760.00 per month. Reduced print time in 123+ Drivers License Branches - Per the manager of the NC DMV Helpdesk Support, Central Printing has reduced the time to print a card from 3 minutes per card to 10 seconds per TDC in the branches. Before Central Issuance it took approximately 500 hours daily to print 10,000 cards in the branches. After the implementation of Central Issuance, it takes approximately 28 hours per day to print 10000 TDC s at the local branch offices. It takes approximately 8 hours to print 10,000 cards in the central print facility. The implementation of Central Issuance has reduced the time it takes to print an issuance in the office significantly. The reduction in print time has also had a positive impact on the waiting time for DMV customers.

Improved data collection and storage Customers must provide accurate address information in order to receive their drivers license in the mail. Accurate information is extremely important because of the sharing of information among agencies such as the Department of Revenue, Department of Justice, etc. Often the information retrieved by the NCDMV is the most current data available on a citizen. Improved disaster recovery process Central Issuance implemented a process where there is a primary site and a backup site. The data is immediately sent to the backup site, facilitating the ability to failover to the backup facility in less than 1 hour in case of a disaster. Reduced vulnerability of theft of card production equipment in the branches- The card production has been removed from the branch offices into a secure centralized location. This all but eliminates the risk of theft of the card production equipment. Reduction in identity theft Citizens are less likely to experience identity theft as the safeguards from the centralized issuance program are implemented. The state drivers license has become a de facto form of official identification for residents of a state. Protecting a citizen s information is a key responsibility of the State.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback