header-left
File #: 1220-2012    Version: 1
Type: Ordinance Status: Passed
File created: 5/29/2012 In control: Technology Committee
On agenda: 7/9/2012 Final action: 7/11/2012
Title: To authorize the Director of the Department of Technology to renew an agreement with SecureWorks, Inc. to provide managed technology security services in order to continue compliance with federal and state regulatory requirements; to waive the competitive bidding provisions of Columbus City Code; to authorize the expenditure of $82,039.56 from the Department of Technology, Information Services Division, internal service fund; and to declare an emergency. ($82,039.56)
Attachments: 1. Quote Managed Security 2012-2013, 2. Bid Waiver Form Ord. No. 1220-2012
Explanation

BACKGROUND:
This ordinance authorizes the Director of the Department of Technology to renew an agreement with SecureWorks, Inc., for managed technology security services. The original agreement (EL011963) was authorized by ordinance 0818-2011, passed June 13, 2011. That agreement allowed for an annual renewal by mutual agreement and approval of proper City authorities. This renewal will provide service for the period August 26, 2012 through August 25, 2013, at a cost of $82,039.56.

This ordinance also requests authority to extend and spend the unspent balance on purchase order EL011963 through November 21, 2012. The unspent balance as of June 12, 2012 is $12,932.77. This purchase order is currently set to expire on August 1, 2012. An extension is requested because service was not initiated until August 26, 2011 for two items; not until September 14, 2011 for another item; and not until November 21, 2011 for a final item. At no additional cost, extending the purchase order will enable alignment between the annual term of the agreement with the period of service provided by the vendor, and provide sufficient funding to pay for all service needed through August 25, 2013.

DoT requires services from a managed security provider in order to comply with federal and state regulatory requirements. These requirements include IRS tax information security guidelines, federal information processing standards, payment card industry data security standards, and the Health Information Portability and Accountability Act (HIPPA). Complying with these regulations requires advanced expertise and tools not available with current staff and systems.

SecureWorks will provide the following services as part of this agreement: 24x7x365 management of security devices; real-time monitoring, analysis, and response to security events detected on security devices, network assets, servers, databases, and applications; and managed log collection, retention, storag...

Click here for full text