title
Authorize the Chief Information Officer to procure a software subscription with Xterra Solutions, Inc. for $169,268 for annual use and maintenance of endpoint protection (anti-malware) and web filtering from Palo Alto Networks; and Authorize the Chief Information Officer to execute annual renewals that are within 10% of prior year net total amount for up to 3 years and any current year amendments that do not exceed 10% of annual subscription amount
body
Published Notice Required? Yes ____ No _X _
Public Hearing Required? Yes ____ No _X _
DEPARTMENTAL RECOMMENDATION:
The Department of Information Technology recommends that the Board of Supervisors:
1. Authorize the Chief Information Officer to procure a software subscription with Xterra Solutions, Inc. for $169,268.30 for annual use and maintenance of endpoint protection (anti-malware) and web filtering from Palo Alto Networks; and
2. Authorize the Chief Information Officer to execute annual renewals that are within 10% of prior year net total amount for up to 3 years and any current year amendments that do not exceed 10% of annual subscription amount.
SUMMARY:
Xterra Solutions, Inc. is the vendor from which the County has purchased licenses, subscriptions, and support for security solutions from Palo Alto Networks. These solutions cover endpoint protection and Uniform Resource Locator (URL) filtering needs and have been used since 2016. Procuring this software subscription will extend the County’s agreement with Xterra Solutions for one year and will allow for annual renewals for up to 3 years or through October 2022.
These solutions experience a continued benefit from sustained use and allow the Department of Information Technology to operate its information security program in a lean manner. The Department has been satisfied with the performance of these offerings and recommends continued use.
FINANCIAL IMPACT:
The cost of annual maintenance for current licenses, subscriptions, and support of endpoint protection and URL filtering is $169,268.30. The appropriation for this purchase and costs associated with preparing this agenda item are included in the Department’s FY2019/20 Adopted Budget. This software subscription is anticipated to be an on-going, annual cost.
DISCUSSION:
In March of 2016, faced with increasing malware infections, the Department of Information Technology (DoIT) began using Traps endpoint protection from Palo Alto Networks. Traps has proven successful in preventing incidents caused by malicious software, macros, and shared libraries, blocking more than 3,000 such incidents on County devices. The County also uses two URL filtering appliances from Palo Alto Networks that share threat intelligence with Traps to more quickly and accurately determine whether previously unseen activity should be allowed. Together these products provide critical layers of a legally defensible information security strategy.
This software subscription extends current licenses and support for one year, and will allow for annual renewals for up to 3 years of until October 22, 2020. These solutions have benefited from machine learning that increases accuracy with sustained use and helps to protect the County’s nearly 5000 servers and workstations. When ransomware infects a single workstation, it takes a minimum of four working hours for Desktop Support to completely recover and restore the machine. Malware can spread quickly, potentially infecting thousands of machines short periods of time. Securing tools to prevent, identify, and notify teams of security threats lowers the risk of operational disruption and reputational harm to Solano County.
According to Coveware, a firm that studies and responds to malware attacks, in Q2 2019, average payments by government victims for ransomware ransoms was $338,700. Governments who choose not to pay often experience higher recovery costs. Federal and State agencies have concluded that all counties will face an uptick in attacks from highly skilled and highly motivated perpetrators. These attacks will seek to undermine public confidence in the County’s ability to provide essential services. Ongoing use of technical controls without noted failings will help bolster public confidence and support the Department’s mission.
ALTERNATIVES:
The Board could choose not to authorize the Chief Information Officer to procure a software subscription with Xterra Solutions, however, this is not recommended. While the Department expects to evaluate alternatives, from time to time, evaluation and implementation of any alternative at this time would distract from implementation of other controls needed to bolster information security before a period of elevated risk. Other solutions would also not have benefited from maturation within our environment.
OTHER AGENCY INVOLVEMENT:
The County’s Administrator’s office has reviewed the purchase request.
CAO RECOMMENDATION:
APPROVE DEPARTMENTAL RECOMMENDATION