What security mechanisms are needed to protect the DMS systems from both the state employees and users accessing the Internet?
The first thing I notice when I log on to the DMS site is that there is no Hypertext Transfer Protocol Secure (HTTPS) availability. For any website that contemplates financial transactions over the Internet, there should be a Secure Sockets Layer (SSL) or a Transport Layer Security (TLS) protocol to ensure data encryption. Given the expected development of this site on the public side, e.g., the MyFlorida MarketPlace, with expected credit card purchases, these protocols are a requirement. For the employees, rather than financial transactions, there may be sensitive document transfers over the network, particularly in the Human Resource Support and State Group Insurance departments. Thus, the first step would be initiating network security protocols beyond those seemingly in place. In conjunction with that, the DMS should be expected to use standard firewall protection, as well as internal security measures such as compartmentalization, permission controlled access, and worker level passwords with administrative overrides. A comprehensive network virus monitoring and protection software platform should also be emplaced.
List of major services on the DMS Web site and the relative merits of each.
The DMS website exists to enable the citizens of Florida to interact with key governmental services available to the public and to provide “services and support in the areas of human resource management, retirement benefits, health benefits, real-estate management, specialized services, state purchasing and technology” (Department of Management Services, 2009, n.p.). In addition to the standard website sections of a site map, site support, and contact information, the site is comprised of six major sections: SUNCOM, which is the telecommunications division supplying services to public entities that serve the citizens of Florida; Agency Administration, which includes all aspects of public administration including, but not limited to, Departmental Purchasing, Financial Management Services, Legislative Affairs, and the Inspector General; Human Resource Support such as Retirement and State Group Insurance; Business Operations such as State Purchasing; Other Programs, a listing of various services; and eGovernment tools, which is the MyFlorida MarketPlace section.
Suggest improvements to existing services and suggest new services that should be added.
The first suggested improvement I would offer would be to finish the website itself. The Portals page has no relevant content other than a statement regarding collections of content and the standard navigation bars common to the rest of the site. I also found the DMS Highlights section to be incomplete as one click on the One Florida link brought up a page with “Module not found” and a list of possible reasons why including a misspelled word in the search. As to additional services that could be added, there are a few suggestions but the site is well built overall and very easy to navigate. New services that could be added would simply be an expansion of existing information into a broader reach of the DMS service portal. The DMS Highlights page could be enhanced with the addition of links (there are only three at present), the eGovernment page would be improved by the addition of a new service set that would allow citizens of the state direct access to licensure for specific activities, e.g., sportsman licenses or even vehicle license renewals.
References
- Department of Management Services (2009). DMS Home Page.
- Stallings, W. (2005). Business Data Communications (5th edition). Upper Saddle River, NJ: Pearson Prentice