Pennsylvania was recognized for improving information security and privacy in state government.
"In today's world of increasing threats to security, Pennsylvania is proud to have developed a multifaceted approach to information security that encompasses efficient and effective technology solutions, policy development and employee awareness," said Brenda Orth, chief technology officer for the commonwealth. "Pennsylvania remains committed to providing quality service to citizens while protecting their information and privacy."
In the past two years, the Governor Rendell's Office of Administration has introduced several information security initiatives which together make up the Pennsylvania information security architecture. The highlights of the program include:
- Security governance to evolve information security policies and architecture;
- Security policies to prescribe procedures for data encryption, privacy roles and acceptable use policies;
- Identity protection and access management to align with federal and industry standards;
- Security assessments to verify proper configuration of systems, accuracy of documentation, skills of staff members and to determine gaps between current and desired practices;
- Cyber security drills to assess readiness;
- Security technologies that ensure agencies are using and deploying security programs and products in a consistent manner; and
- Security awareness programs to ensure that employees are familiar with information technology security best practices, policies, procedures and standards.
