State of Nebraska

Success Story

The State of Nebraska uses a Novell Security and Identity Solution and exteNd™ solutions running on SUSE Linux to expand and improve its eGovernment services, while reducing taxpayer cost.

Overview

The State of Nebraska is located in the heart of the United States and is home to 1.8 million residents. The State employs approximately 18,000 people, with an Information Management Services Division of nearly 425 individuals. The division works to help fulfill the state's various initiatives to make state services more available and convenient for its citizens.

Challenge

As with many state governments, the State of Nebraska is driven to find ways to do more with less – provide more online services for its citizens, while reducing costs. In 2001, Information Management Services (IMServices) hired IBM* Global Services to conduct an 18-month study of its IT infrastructure. The study helped the division refine its vision to deliver eGovernment services efficiently and cost-effectively, while maintaining the security of confidential information. IMServices realized that making government services more available and convenient for its citizens would also minimize the amount of additional work for State employees.

First, the study recommended creating a single, scalable repository for user identity information. A single directory, based on industry standards, would not only simplify administrative functions, but would also provide the cornerstone technology for secure identity management.

Second, the division wished to improve data sharing among more than 20 state agencies. Many of the state's larger agencies have internal IT departments with a variety of standalone systems, making it a challenge to share information and provide consistent enterprise security. With these disparate systems, some state employees were required to remember 10 or more passwords to access multiple applications, creating a potential security risk for sensitive government information as some employees managed their passwords by writing them down. A simple method of sharing user identity information across departments and systems would give users reduced or single sign-on to applications.

Finally, the division wanted to Web—enable its "green screen" mainframe applications for Internet access via a portal. The study recommended a solution based on J2EE* and open standards that could run on the State's existing IBM WebSphere* Application Server.

Novell solution

"Virtually all states today are in a severe financial crunch. Using Novell exteNd, we can leverage our existing applications without the need for additional IT resources. We wouldn't be able to provide the amount of services to employees and citizens without it."

Kevin Keller
IT Manager, IMServices
State of Nebraska

To implement its vision for secure identity management, IMServices selected a Novell solution consisting of Novell eDirectory, Novell Identity Manager and Novell iChain®, along with Novell exteNd™ as its Web services platform. The State has a mixed computing environment consisting of Microsoft Windows* 2000 and NT servers, NetWare®, Linux*, Windows desktops, and IBM iSeries* and zSeries* machines.

After evaluating a variety of options, IMServices chose Novell eDirectory as its directory of choice to control its entire infrastructure. Novell Identity Manager provides bi-directional synchronization of user information among eDirectory and approximately 20 applications, including the State's PeopleSoft*/JD Edwards human resources application, eliminating the need for manual updates. Novell eDirectory and Identity Manager allow the State to unify its departmental directory trees into a centralized directory, creating a single user identity for access to Web applications.

"We needed a global directory that would help us integrate our mixed environments and minimize the amount of time we spend on user administration," said Steve Hartman, directory lead for Enterprise Directory Services within IMServices. "There really is no better alternative to the security and scalability of Novell eDirectory and Identity Manager."

To improve data sharing across multiple agencies, the State made Web-based applications available through an enterprise portal. Novell iChain provides the user authentication, based on Novell eDirectory, which grants users role-based access to information with a single username and password.

Using Novell exteNd, IMServices created Web services from its mainframe applications and made them available via a portal for employees and citizens. Leveraging its existing legacy systems allows the State to provide more services while staying within a tight budget.

Role-based access strengthens security
With a Novell secure identity management solution in place, users have role-based access to information based on their identity from any location, at any time. With Novell eDirectory as its identity vault, the State plans to manage more than one million user identities, including citizens, employees and businesses interacting with the State.

Employees and citizens will use the State's portal to access personalized views of information based on their roles and responsibilities. Employees will have access to the applications needed to do their jobs, and citizens will have access to services such as voter registration based on their individual information. Personalized access protects citizen privacy as well as the confidentiality of sensitive government information.

"A secure identity management solution provides the maximum security to prevent the unauthorized access of data on all our platforms," said Jerry Hielen, IT Security Officer at IMServices. "With this solution, we can provide a security umbrella for all our agencies, helping reduce the costs for the individual agencies."

Secure access is particularly important for the Health Alert Network (HAN) application. To comply with federal requirements from the Center for Disease Control (CDC), the State needed an LDAP directory. Now all authorized users have role-based access to information, relying on eDirectory for authentication to protect sensitive information. Using eDirectory as a centralized source of user profile information, the State can immediately send information to specific groups of doctors or nurses in the event of a bioterrorism alert.

Web single sign-on increases IT efficiency
The State wanted to simplify its password management and eliminate the need for some employees to remember 10 or more passwords. With a centralized eDirectory and authentication provided by Novell iChain, the State can now provide employees and business users a single set of credentials for online access.

New employees used to wait long periods of time to get access to the applications needed to do their jobs. Now the staff can automatically assign a single ID and password from a single administration console to get new employees up and running. When employees terminate their employment with the State, the IT staff is able to immediately revoke user access to safeguard data security.

Giving employees single sign-on to Web applications will improve employee productivity and reduce password-related helpdesk calls by an estimated 20 percent. In the future, IMServices plans to use Novell SecureLogin to further simplify user administration and increase employee productivity with single sign-on to non-Web-based applications and platforms.

"Better password management will free up our IT staff to work on other projects, rather than spending time on the trivial and mundane tasks associated with user administration," said Kevin Keller, IT Manager within IMServices, State of Nebraska. "Because we have a small team, it's imperative that we leverage our technology so that it doesn't require too many people to support these efforts. Now we will now be able to do more work with the same number of people."

Novell exteNd gives new life to legacy systems
As part of its eGovernment strategy, IMServices wanted to leverage its technology investments by Web-enabling its existing legacy applications. Many of the State's applications are written in CICS and COBOL and run on mainframe computers. With Novell exteNd, IMServices can create Web services from many of its "green screen" applications without changing the business logic.

IMServices uses the intuitive, visual development environment of Novell exteNd to quickly generate Web services for its applications using XML. Without the need to touch business logic, developers will be able to quickly and cost-effectively Web-enable applications to make the most of tight budgets. Novell exteNd is based on standards such as J2EE and Web services so it will run seamlessly on the State's IBM WebSphere Application Servers, allowing the organization to use its existing infrastructure.

"Virtually all states today are in a severe financial crunch," said Keller. "Using Novell exteNd, we can leverage our existing applications without the need for additional IT resources. We wouldn't be able to provide the amount of services to employees and citizens without it."

SUSE Linux provides a secure, stable platform
IMServices is continually looking for ways to increase productivity while decreasing costs. Novell's acquisition of SUSE Linux has provided a means for IMServices to adopt a single distribution model, from Intel* to the z/Linux platforms.

"The move to SUSE Enterprise Server from Microsoft Windows was painless," said Hartman. "We put our engineer on it early Monday morning and by 4 p.m. all 22 of our servers were up and running. We haven't looked back since."

Results

By using a Novell Security and Identity Solution, the State of Nebraska has made government services more available and convenient. Employees and citizens have personalized, role-based access to Web applications from any location, using a standard Web browser. Single sign-on will increase employee productivity, simplify user administration and decrease the number of password-related helpdesk calls by an estimated 20 percent.

A statewide secure identity management solution also provides a security umbrella for all state agencies, eliminating the costs of individual agency solutions. Using Novell iChain, the State will avoid creating a security "front-end" for each new Web application, saving $75,000 in year in maintenance costs, while reducing application development time by 30 percent.

Novell exteNd allows the State to leverage its existing applications and stay within a tight budget by Web-enabling more than 20 legacy applications to provide more services for its employees and citizens, without the need for additional IT resources.

"This is not your father's Novell," said Hartman. "Novell has embraced the 21st century vision for secure access to information from any place, at any time, on any device."