- Introduction to WaTech Allocations (Allocated Rates)
- The Allocation Process
- Customer Base, Methodology & Invoicing Structure
- Do Agencies Receive Funding to Pay Allocation Charges?
- Enterprise System Rates Allocation
- State Data Network Allocation
- Security Gateway Allocation
- Security Infrastructure Allocation
- State Data Center (Debt) Allocation
- State Data Center (Operations) Allocation
- Location Based Services Allocation (GIS/WAMAS)
- Office of Cybersecurity (OCS) Allocation
- Small Agency IT Allocation
Page updated 10/09/2019
Allocation Goal / Methodology
The Security Infrastructure Allocation funds a hardware and software vulnerability scanning platform service that enables agency security teams to identify where vulnerabilities reside across their environment of network components, servers, workstations, databases, and installed Commercial off the Shelf Software (COTS) programs.
Allocation funding is based on the agency's number of budgeted FTEs and the number of applications each agency has using the gateway. OFM maintains the source data for budgeted FTEs and WaTech tracks the number of applications. Additionally, agencies with 50+ FTEs pay a yearly base fee of $1500.
What services are included in this allocation?
- It provides the ability to discover devices attached to a network.
- Automates vulnerability assessment by scanning workstations, servers, printers, network devices, and installed software to identify missing patch updates, insecure configurations, and other risk-related intelligence.
- The solution comes with pre-configured scan profiles that are maintained by the vendor as updates to technology occurs.
- Weekly updates refresh the list of known vulnerabilities to ensure currency and situational awareness for managing new emerging threats.
- Scan data provides valuable input to risk management, incident response and investigative processes to assist in threat analysis and prioritization of remediation activities.
- Scan results are easily accessed in the scanning console and throughout of the box reports and custom reports.
- Customers are supported by the WaTech Infosec and vendor provider teams.
- The service is designed for multi-tenant use, where each customer has the flexibility and access needed to control all aspects of their vulnerability scanning and reporting practice.
What services are not included in this allocation?
- Logging and Monitoring services - this is covered under the Network Allocation
How is this allocation governed?
WaTech recommends the allocation methodology for this allocation, and OFM builds the calculations into the Central Services Model. The Legislature provides final approval through the enacted budget.
How do agencies leverage this allocation?
TBD
How do agencies get billed for this allocation?
The naming convention for this allocation will be “Allocation - Security Infrastructure (EL L020)”.