- Introduction to WaTech Allocations (Allocated Rates)
- The Allocation Process
- Customer Base, Methodology & Invoicing Structure
- Do Agencies Receive Funding to Pay Allocation Charges?
- Enterprise System Rates Allocation
- State Data Network Allocation
- Security Gateway Allocation
- Security Infrastructure Allocation
- State Data Center (Debt) Allocation
- State Data Center (Operations) Allocation
- Location Based Services Allocation (GIS/WAMAS)
- Office of Cybersecurity (OCS) Allocation
- Small Agency IT Allocation
- Strategy and Management Allocation
- State Privacy Office Allocation
- Microsoft Office 365 Allocation
- Enterprise Data Management Allocation
- Enterprise Cloud Services Allocation
- Enterprise Architecture and Innovation Allocation
- WaTech Central Services Allocation
Page updated 10/31/2024
Allocation goal/methodology
The Security Infrastructure Allocation funds a hardware and software vulnerability scanning platform service that enables agency security teams to identify where vulnerabilities reside across their environment of network components, servers, workstations, databases, and installed Commercial off the Shelf Software (COTS) programs.
Allocation funding is based on each agency’s percentage of total statewide full-time employees (FTEs). For institutions of higher education (both the four-year institutions and the community and technical college system), only FTEs that support administrative functions are counted. OFM maintains the source data for budgeted FTEs.
What services are included in this allocation?
- Managed Detection and Response (MDR):
- MDR is part of the greater Security Operation Center (SOC) service offering, which includes 24/7 monitoring, alerting, and escalation for incident response.
- The MDR service conducts initial review and assessment of alerts, conducts prioritization, and escalation as appropriate to both agency and enterprise security staff.
- Security Information and Event Monitoring (SIEM):
- The SIEM service provides a “white glove” log collector management service, and curated log management support.
- Continuous alert rule development and detection across both agency and enterprise log surfaces.
- Includes monitoring and detection for both the Endpoint Detection and Response services (Microsoft Defender Suite) as well as the formal SIEM solution (Microsoft Sentinel)
- Vulnerability Management as a Service (VMaaS)
- VMaaS includes vulnerability scanning support for agencies that currently do not conduct their own scanning OR the ingestion of current scans into enterprise dashboards.
- Prioritization support during read out engagements with the agency. This includes a review of known exploitable vulnerabilities and ransomware.
- External attack surface management is also included in this service, which includes detection and analysis of exposed assets such as web applications, but also includes open-source intel information for any compromise or exposed sensitive information attributed to the agencies (i.e. compromised account passwords, etc).
How is this allocation governed?
WaTech recommends the allocation methodology for this allocation, and OFM builds the calculations into the Central Services Model. The Legislature provides final approval through the enacted budget.
How do agencies leverage this allocation?
As agencies use the Security Infrastructure services, agencies will gain greater value from this allocation.
How do agencies get billed for this allocation?
The naming convention for this allocation will be Allocation – Enterprise Security Infrastructure (EL L020).