Security Services

What is This Service?

This service assists customers with the security and protection of information resources. The service focuses on compliance, risk reduction, and centralized security operation activities.

What is Included?

Standard Services Offered

  • Firewall Oversight and Maintenance – Operation of border, data center, and distributed customer firewalls.
  • Secure Partner Connections (Site to Site VPN) – Enablement and maintenance of secure connections to partner organizations.
  • Information Security Awareness Training – ADS offers Information Security awareness training for all state entities. Specific types of training are available upon request.
  • SSL Certificate Management - ADS – Security is the central point of contact for all SSL Certificates state-wide to ensure that certificates are renewed prior to expiration and that certificates that may become outdated due to changes in security requirements or NIST standards are updated accordingly.
  • Network Intrusion Detection/Prevention - ADS manages the NIDS to minimize the risk of an intrusion, denial of service, or other malicious act. Metrics are collected to determine the greatest risk, and then used to adjust firewall rules as needed to meet the changing threat.
  • Incident Response – ADS  is the point of contact for all state computer incident response reporting.

Additional Non-Standard Services

  • Compliance Oversight – ADS Security provides technical and compliance consulting for technical audits.
  • Security Architecture/design consulting – ADS Security provides technical consulting to RFPs, contracts, implementation and operations of large projects.
  • Security Policy Development - ADS Security is responsible for developing state-wide security policy, but is also available to assist customers in developing customer specific policies to meet unique, or non-standard requirements (example Tax, or Healthcare)
  • Penetration Testing/Vulnerability Assessments – Penetration testing and vulnerability assessments are a required element of many compliance programs and a best practice element for systems that contain high risk data. ADS Security can conduct vulnerability assessments in-house, or can facilitate choosing an appropriate vendor partner for these types of tests and provides analysis services centered around reducing the risk based on resulting reports.
  • Audit logging and incident management – ADS Security retains centralized services to watch audit logs for intrusion attempts, provide automated alerts and handle security incidents.
  • Software code scanning – Both static code reviews and dynamic code review services are available through ADS. Either source code or compiled code may be evaluated for OWASP security vulnerabilities.

How Do I Obtain This Service?

User Request Process for Service Features

How Do I Obtain Support for this Service?

To request support for this service, contact the Service Desk to open a support ticket

Self Service Portal – Log into LANDesk

Service Maintenance Schedule

  • Routine security operations maintenance that has a low risk of disruption may occur at any time.
  • Maintenance that has been identified to cause an outage or has a high to moderate risk of disruption will be scheduled outside of business hours with notification to all potentially impacted areas.
  • High/moderate risk outage window 8:00 p.m. – 10:00 p.m. on Thursdays

Service Performance

Availability Goal

Service/Application Availability
  • Firewall Availability at Site or Office Location: 99%
  • Site to Site Availability at Border: 99%
Support Availability
  • ADS Service Desk: Monday –Friday 7:45 a.m. to 4:30 pm
Non-Business Hours

ADS does not traditionally respond to issues after business hours. ADS staff is only available via "best effort" after hours. Support calls placed after 4:30 PM and weekends/holidays will be redirected to Contact Communications. Issues requiring immediate attention will be forwarded to the appropriate ADS employee who will triage the reported issue and follow proper procedures to restore activities to normal operations

Request Fulfillment Goal

  • Depends on the type of request.

Resolution Goal

  • See Resolution Goal in the Customer Support (Service Desk) description.

User Connectivity issues

  • Resolution Goal: 2 business days
  • Issues will be prioritized and resolved based on priority. Please refer to Customer Support for definitions of priority levels and resolution goals for each level.

Firewall issues in state offices

  • Resolution Goal: 1 business day
  • Issues will be prioritized and resolved based on priority. Please refer to the Customer Support section for definitions of priority levels and resolution goals for each level.

Note: Major outages will be addressed as soon as feasible. A Global ticket will provide information about the incident, locations that are impacted, and expected time for recovery. This information will also be posted on ADS' Home page.

Service Costing

  • Standard services are funded through the ADS Allocation.
  • The Non-Standard services may involve an additional fee.
  • For rates, view the Security Rates document.

133 State Street
Montpelier, VT 05633
(802) 828-4141

For Customer Support, please call 802-828-6620 or toll free 855-828-6620

  • ADS Service Desk:   Option 1
  • ADS Telecom Helpdesk:  Option 2
  • ADS Mainframe Helpdesk:   Option 3
     
  • Vision/HR Helpdesk: 802-828-6700