CHAIR'S CORNER Andy Kraus - National Conference of State ...

CHAIR'S 

CORNER 

Inside this issue: 

Virginia Legislature – 

Learning the Blackberry 

Prayer 

Louisiana Legislature Moves 

to FTR Gold 

Minnesota Senate Implements 

Wireless 

Idaho Offers New Web Site 

Design 

Nevada Legislature - Securing 

the Future 

Kansas Technology Update 

Arkansas Legislature - The 

Scourge of Spyware 

2004 NALIT PDS: 

Mischief in the Mountains 

Editor's Corner 

Officers and Directors 

2004-05 NALIT Committees 

N A L I T 

National Association of Legislative Information Technology 

Winter 2005 

National Conference of State Legislatures • 7700 E. First Place • Denver, CO 80230 • (303) 364-7700 

Recent changes within NALIT have allowed me the opportunity to become your Chair a 

bit early, so I would like to use this Chair’s Column to outline my strategy for the next year 

and a half. First, though, I would like to extend a big thank you to Todd Jewell. I am speaking 

for everyone when I say that we appreciate your service on the NALIT Executive Committee. 

We are currently in the process of finalizing committee assignments for this year. 

Committees are really the core of NALIT because much of the “grunt work” is done there. 

You will find a list of the committees, including the description, later in the newsletter. I would 

really encourage you to look through the list and see if anything piques your interest. At the 

same time, we have identified a list of “candidates” who we 

think would be a good fit for the committees, so we will 

contact you soon. Between the volunteers and our list, we 

will have many fine people on the committees this year. 

Andy 

Kraus 

One of my immediate goals for NALIT will be undertaken 

by the Outreach Committee. In order to continue NALIT’s 

growth and the search for varied sources of information, it is 

important to include as many people as possible. The 

Outreach Committee will find ways to attract more 

international participants and speakers to the Annual 

Meeting and Professional Development Seminar. They will 

also work on ways to include states that have not been 

involved with NALIT in the past. The bottom line is that the more people and organizations 

we can include, the more we will all benefit from our pooled knowledge. 

A longer-range goal I would like to set for NALIT is to transform our organization into a 

source of information for the other NCSL staff sections, in addition to our respective state 

legislatures. The first step is the formation of the “IT Seal of Approval Exploratory 

Committee.” As the committee description notes, the committee’s first year will consist of 

establishing a way to implement a technology review system that will allow our panel of 

experts to examine existing systems and methodologies and publish “opinions” on what 

makes them work so well. When new products or systems come out, this committee will find 

out who the experts are and work with them to learn and share the knowledge with the rest of 

NALIT. I am really excited about this project’s potential. We will start small this first year, and 

once we determine a target scope, we will march ahead next year. This idea is still in 

development, and I have already received some excellent suggestions for tweaking it. 

Nonetheless, I want to put the idea out there so we can all start considering its possibilities. I 

will try to keep you all updated via the listserv as things develop, and to give you an 

opportunity for feedback. 

Finally, the “PDS Site Selection Committee” will work to select the seminar locations for 

2006 and 2007. If your state is interested in hosting either of these seminars, you should let 

the selection committee know. If you want to have a say in where we meet, then please 

consider being on this committee. 

I am honored to serve as your Chair. Be assured that I am always happy to talk to you 

and find out what’s on your mind about our great organization. If there is anything I can help 

you with, please feel free to call, e-mail, or if you are in Topeka, stop on by. This is a great 

time to be involved with NALIT, so here’s to another great year! 

1

W ithin 10 minutes, 

I had coordinated 

a solution with 

other Blackberrycarrying 

staff and, as 

we confirmed a 

successful resolution 

to this particular 

problem, the phrase 

“Blackberries Rule” 

was transmitted. 

2 

Virginia Legislature – 

Learning the Blackberry Prayer 

By Sharon Crouch Steidel 

As is sometimes the case in a legislative 

environment, you don’t always get to 

choose the timeline of projects. Such was 

our case when we received a request for the 

integration of a Blackberry server with our 

Domino mail server. The request came the 

week before our 2005 session began, but we 

decided to give it a try. 

As mentioned, we are a Domino (Lotus 

Notes) environment. We needed to 

configure mail and calendar events to auto 

synchronize to mail boxes in two distinct 

mail domains. Technical staff from Nextel 

assured us this would not be a problem, so 

we embarked on our journey to deploy the 

Blackberry Enterprise Server. Nextel 

estimated the installation would take 

approximately two to four hours. The 

installation itself only took about 45 minutes, 

but to say things were flowing perfectly at 

that time would be a drastic overstatement. 

In fact, initially, we spent one afternoon from 

1:00 p.m. until about 8:00 p.m. on the phone 

with technical staff from RIM, who makes 

the Blackberries. After 30 or so hours of 

phone support, a few edits to our registry 

files and many different configuration edits 

(most of which failed), we had a fully 

functional BES server. 

To their credit, Nextel and RIM remained 

steadfast in their support. There were 

several multiple-hour conference calls as we 

were trouble shooting the quirky problems 

that persisted, and RIM hung in there to 

insure that we were fully operational. There 

are still some lingering quirks that we are 

ironing out, but all in all the project has been 

successful. We now have the staff of the 

House and Senate Budget committees, 

Speaker’s Office, and some House Clerk’s 

staff using Blackberry 7520’s – walking the 

halls practicing what is sometimes called the 

Blackberry Prayer – heads bowed down to 

the Blackberry, thumbing away at the next 

important message. Since we were already a 

Nextel customer, those staff carrying Nextel 

phones were able to easily move their 

phones over to the Blackberry device. To 

anyone considering a similar project I would 

suggest allowing a month for installation and 

testing. After many hours chatting with RIM 

technical support staff, we did find out that 

the server we were deploying had just been 

released a few weeks before. Perhaps that 

contributed to the additional tweaking 

required. 

So, has the Blackberry improved 

productivity in our office? It has definitely 

proved useful in providing around-the-clock 

support to members during session. As an 

example, one recent Sunday afternoon I was 

sitting on a car wash bench, my dog asleep at 

my feet, when I got a call for help via email. 

Within 10 minutes, I had coordinated a 

solution with other Blackberry-carrying staff 

and, as we confirmed a successful resolution 

to this particular problem, the phrase 

“Blackberries Rule” was transmitted. Of 

course, the greatest advantage of the device 

is also its biggest flaw – it is an electronic 

tether that can keep you attached to the 

office until you choose to hit the power 

button. And as the devices’ nickname 

“Crackberries” suggests, it is evident that 

many users cannot ever bring themselves to 

hit that power button. To that end, I am 

providing two articles I found recently about 

these devices that may be food for thought. 

I, for one, am enjoying the ability to leave 

the office, comfortable that if a problem 

comes up, I will know about it. I can browse 

the web, send email, check my calendar, and 

stay in touch with the office and home from 

anywhere. It’s a very handy tool when 

stranded at an airport for most of the day – as 

I was a few weeks ago. It is the ultimate, allin-one, 

portable office. 

But as I sit down to dinner with my 

husband, I do have to remind myself that 

there is a power button…. 

Resources: 

Blackberry or Crackberry: A PDA Culture War 

http://www.npr.org/templates/story/ 

story.php?storyId=4279486 

Blackberry Jam 

http://www.govexec.com/features/1104-01/1104-01s2.htm 

Avoiding Addiction 

http://www.govexec.com/features/1104-01/1104- 

01s2s1.htm

Louisiana Legislature 

Moves to FTR Gold 

By Gary Schaefer 

In 1999, the Louisiana Legislature began 

using FTR version 3.3 (For The Record) to 

record its committee meetings. FTR was 

implemented because it provided all staff and 

legislators with the means to listen to any 

recorded meeting on their PCs in the Capitol. 

Recordings can be annotated to locate the 

discussion on a particular instrument and the 

testimony of a specific witness. Annotations 

also allow staff to find specific portions of a 

recording, which facilitates meeting excerpt 

duplication requests. 

Although FTR provided more flexibility and 

capabilities than the old cassette recording 

system, some problems were experienced. The 

most common complaints from personnel 

staffing the meetings were: the system would 

freeze and lock up randomly, difficulty in 

starting and stopping a recording, cumbersome 

to monitor a meeting while in progress, and 

unable to edit annotations during the meeting. 

The most significant problem occurred when 

meetings in multiple rooms were being recorded 

simultaneously. A user in one meeting could 

inadvertently stop another user’s recording. If 

users were not extremely alert, they did not 

realize their recordings had been stopped until 

their meeting was over. 

Following the 2003 regular session, the 

Legislature initiated an upgrade to FTR Gold 

software. An upgrade was necessary because 

software support for version 3.3 was being 

phased out, and Windows XP was being 

installed, for which version 3.3 was not 

designed. 

The FTR Gold version purported to allow: 

• better control over starting, pausing, and 

stopping a recording, 

• easier methods for annotating the meeting, 

• flexibility to add notes to a meeting, 

• enhanced audio monitoring during a 

meeting to ensure the system is functioning 

properly, 

• improved storage capabilities utilizing less 

disk space (i.e., the ability to store more 

meetings on line), 

• ability to convert existing recordings and 

annotations to the new more efficient format, 

and 

• more options for providing audio copies of 

the meeting (e.g., cassette tape, CD). 

The upgrade to the new FTR Gold product 

was implemented for the 2004 regular session. 

Senate staff responsible for the recordings and 

duplication requests has had very positive 

comments concerning the new software. The 

purported improvements have been realized, and 

the new software is more user-friendly. 

Procedures for starting and stopping a recording 

are much simpler, and users cannot inadvertently 

stop another recording. Annotations are entered 

more easily and annotation text wraps 

automatically. Users also have the ability to 

correct text for an entered annotation, and add 

text to an annotation while the meeting is in 

progress. The old version required such editing 

to be done as a “post” annotation. In version 

3.3, the time stamp associated with annotations 

was not always correct. This caused problems 

when trying to locate a particular instrument or 

specific testimony. There have been no 

problems with the time stamp when using FTR 

Gold. Users report increased flexibility when 

playing a recording to transcribe minutes and 

when performing post annotations. 

Senate staff responsible for duplication of 

these recordings has also been very satisfied 

with FTR Gold. They particularly like the fact 

that they can duplicate a recording from their PC 

versus going to another location and a dedicated 

PC to create the copy. The audio quality is much 

better, and CDs can be produced in several 

different formats: a file for use with the FTR Gold 

player; a “.wav” file for use with RealPlayer, 

Windows Media Player or “GearPlayer;” a 

“.wma” file for use with Windows Media Player; 

or a “.cda” file for use with car and home CD 

players. 

The only unresolved issue is the FTR file 

conversion of recorded meetings from 1999 

through 2003. PSA (Public Systems Associates), 

the Legislature’s computer consultant, reports 

that the recordings must first be “archived” to 

CD in order to convert the old file format to the 

new file format. When FTR was implemented, 

the Legislature decided to keep all recordings on 

line for easy access. There are approximately 

3,000 recorded Senate and House committee 

meetings in the old file format totaling 300 GB of 

disk storage. PSA estimates it will take one year 

to archive and convert all the old files. Until all 

files are converted, users must keep both 

versions of the FTR player on their PCs. Overall, 

Senate staff is very pleased with the 

implementation of the FTR Gold product. 

T he audio quality is 

much better, and 

CDs can be produced 

in several different 

formats: a file for use 

with the FTR Gold 

player; a “.wav” file 

for use with 

RealPlayer, Windows 

Media Player or 

“GearPlayer;” a 

“.wma” file for use 

with Windows Media 

Player; or a “.cda” 

file for use with car 

and home CD players. 

3

For security, we are 

implementing MAC 

address lock-downs for 

senate users and 

authorized agency 

users. This will keep 

any new devices not 

setup by the Senate IT 

staff from connecting 

to any “non-public” 

state networks. 

4 

Minnesota Senate 

Implements Wireless 

By Jim Greenwalt 

The Minnesota Senate has finally begun 

implementation of wireless access in the State 

Capitol Building. Initially, access is available in 

the six major senate hearing rooms of the 

building. The Senate Chamber, having already 

been hardwired, is not included. 

Wireless access will be provided on three 

levels: (1) members and senate staff; (2) other 

legislative and state agencies; and (3) the 

general public. 

The architecture is built around the 

Airespace Wireless product (recently acquired 

by Cisco). It consists of a redundant wireless 

access network in each of the hearing rooms. In 

each of these areas, for senate members and 

staff, we are using the 802.11a protocol to give 

us the best coverage, with the fastest access, 

and with the smallest chance of being interfered 

with by other wireless networks in the building. 

Using 802.11a will also eliminate anyone from 

walking from the street with a handheld and 

connecting to the network. 802.11b and 802.11g 

service is available on the system for the others 

without investing in additional hardware. 

In each of the hearing rooms we have 

installed two wireless access point radios, each 

connected to a different switch, giving full 

redundancy of hardware and access in each 

area. This also allows for double the bandwidth 

and double the number of available channels in 

each area. 

We are very excited about hosting the 

2005 seminar. Tentative plans are to have 

an authentic Native American cuisine 

dinner at the Crazy Horse Memorial, visit 

the Mount Rushmore Memorial and travel 

to Historical Deadwood for dinner and, if 

desired, a little gambling. Unfortunately, 

due to the distance between Rapid City 

and Pierre, it will not be possible to take 

everyone to our beautiful State Capitol 

Building. However, if anyone would like 

to stop for a tour on their way through, 

For security, we are implementing MAC 

address lock-downs for senate users and 

authorized agency users. This will keep any 

new devices not setup by the Senate IT staff 

from connecting to any “non-public” state 

networks. 

Access for each level of user is directed 

through VLANs set up on the senate’s network. 

One is exclusively for members and staff, 

allowing access to the Senate’s network and all 

applications and data necessary for users. 

Another is for other legislative or state 

agencies, directing them to the appropriate state 

network for which they are authorized. For the 

public, the senate will broadcast an 802.11b/g 

signal, which will allow anyone within range 

access to just the public internet. The public 

can then access legislative information through 

the Senate’s public web site, or their e-mail 

through their Internet providers. 

There is no charge for access by agencies 

or the public. The Senate accepts NO 

responsibility and provides NO maintenance for 

the service they receive. 

The Airespace solution, reasonable in cost, 

was very easy to implement. The systems can 

be easily and seamlessly integrated with most 

vendors' switches. It has proved to be very 

scalable, allowing us to implement in stages and 

provide a variety of services with a single 

solution. 

2005 NALIT Professional Development Seminar 

October 5-8, 2005 

Rapid City, South Dakota 

By Lou Adamson 

Scott or I would be very happy to 

accommodate you. 

If you have any suggested speakers or items 

you would like sessions on, please contact: 

Pam Greenberg (pam.greenberg@ncsl.org), 

Scott Darnall (scott.darnall@state.sd.us), or 

Lou Adamson (lou.adamson@state.sd.us). 

Any suggestions will be welcomed. 

Hope to see you all in October.

NALIT at the NCSL Annual Meeting 

August 16-20, Seattle, Washington 

Mark your calendar for the 2005 NCSL 

Annual Meeting, to be held Aug. 16-20, 2005. 

The preliminary schedule for NALIT and other 

staff sections begins with meetings from 1 p.m. 

to 5 p.m. on Tuesday, Aug. 16. On Thursday, 

Aug. 18, NALIT will meet from 11:45 a.m. to 5 

p.m. 

The traditional all-staff luncheon, where 

legislative staff achievement awards are 

presented, is scheduled for Friday, Aug. 19 from 

Idaho Offers New Web Site Design 

By Brenda Wilkening 

The Idaho Legislature has a new and 

improved web site. Over the interim, the 

Legislative Services Office web group along 

with the Idaho Department of Administration 

redesigned the web site to be more accessible, 

useful, and aesthetically pleasing. The new site 

went live the first part of January, just in time for 

the legislative session. 

The web team determined the use of rollover 

menus greatly decreased the amount of 

clutter on the web pages, and allowed easier 

navigation throughout the site. The designers 

utilized style sheets to create the menus which 

insures complete accessibility and allows 

viewing from any browser. 

The introduction of ColdFusion into our 

website has been one of the best improvements, 

generating many of our pages dynamically. The 

use of this tool has greatly reduced errors as 

well as the amount of time it takes to update 

legislator and staff information. 

12:30 p.m. to 2 p.m., to be followed by NALIT 

meetings from 2:15 p.m. to 4:15 p.m. 

In addition to these time slots, NALIT may 

sponsor additional sessions during other times. 

In addition, tours of Seattle or Olympia-area hightech 

firms or organizations may be scheduled. 

Additional information about the NCSL 

Annual Meeting is available at www.ncsl.org/ 

annualmeeting. Watch for more details about 

NALIT sessions at www.ncsl.org/nalit. 

2005 NCSL Annual Meeting, Preliminary Schedule (Abbreviated) 

Tuesday 

August 16 

Wednesday Thursday Friday Saturday 

August 17 August 18 August 19 August 20 

Registration Opening Standing Concurrent Sess. Plenary Session 

Plenary Committees NCSL Closing Event 

Business Mtg. 

NALIT Standing NALIT Legis. Staff Lunch 

1 p.m. - 5 p.m. Committees 11:45 a.m.-5:00 p.m. 12:30 p.m. - 2 p.m. 

NALIT 

2:15 p.m. - 4:15 p.m. 

Opening Washington Social States’ Night 

Reception Event 

Currently, the Idaho Legislature web site 

spans across three servers. The Idaho statutes, 

constitution and legislation are held on a Linux 

Apache server, while the search criteria for these 

documents is hosted on a Windows 2000 

Advanced server. The remainder of the website 

is on a Windows 2000 server. 

Looking ahead to future improvements, the 

web team plans to combine all pages to a single 

server, extend the use of ColdFusion and, 

utilizing XML, push legislation and statutes to 

the web site from our new bill drafting system 

currently in development. (Stay tuned for more 

information about that topic once it hits 

production.) 

Having spent several months and countless 

hours on the new design, the web team is 

considerably proud of the finished product. 

However, we will continue to take advantage of 

new technology available to better serve the 

citizens of the state of Idaho and beyond. 

T he web team 

determined the 

use of roll-over menus 

greatly decreased the 

amount of clutter on 

the web pages, and 

allowed easier 

navigation throughout 

the site. 

5

D ual gigabit fiber 

connections allow 

for 2 Gbps of throughput 

to each hub room while 

still providing active 

redundancy. Utilizing 

VLAN’s, ACL’s and QoS 

also provided a secure 

way of segmenting our 

users and providing the 

appropriate level of 

service for each group. 

6 

By Eric Dugger 

Securing the Future 

During the last year the Nevada State 

Legislature has gone through a rebirth of its IT 

infrastructure. Facing changing times and more 

demands for IT services, it was determined that a 

complete upgrade was in order. A new network 

consisting of the latest switches, routers, 

firewalls, and VPN products would be the base 

of the upgrade. Upon that was a move from a 

Windows NT 4.0 domain to a Windows Server 

2003 Active Directory structure as well as a new 

mail server and anti-spam gateway along with an 

internal instant messaging server. Might as well 

just do everything, right? 

Having the opportunity to do everything 

new allowed for a clean, secure design. With a 

group of four people, we had around half a year 

to plan, configure, install and tune, which 

towards the end seemed to be not enough time! 

Our first move was to a Windows 2003 Active 

Directory domain structure. This foundation 

allowed us to do many new things, including an 

upgrade to Exchange 2003 mail server. The new 

Exchange is much more stable and secure than 

the old 5.5 version, and allows for much more 

control and growth. Outlook Web Access alone 

is worth the upgrade if you have remote users. 

The features of 2003 Active Directory allow our 

group of four to manage over 500 users and their 

PCs, 30 servers in our main Carson City location, 

and our remote office in Las Vegas. 

Our old network infrastructure was comprised 

of Cisco 2600 routers and a Cisco Catalyst 

5500 switch. We only had 200 Mbps to each of 

our hub rooms, which serve upwards of 100 

users per room. This configuration was both 

slow and inefficient, therefore we wanted our 

new network to provide more bandwidth, 

redundancy and security. New Cisco 3550 

switches in the hub rooms and a Cisco Catalyst 

6500 as the backbone were the answer. Dual 

gigabit fiber connections allow for 2 Gbps of 

throughput to each hub room while still providing 

active redundancy. Utilizing VLAN’s, ACL’s 

and QoS also provided a secure way of segmenting 

our users and providing the appropriate level 

of service for each group. 

Wireless by nature is not secure, therefore 

we wanted to implement new technologies and 

procedures to improve security. We consolidated 

our two wireless networks (one for the 

public and one for internal users) into one 

network outside of our firewall. We selected the 

Cisco 1200 APs running A/B/G and split the 

users into two SSID networks, one running A for 

faster speeds for our users and the other running 

B/G at slower speeds for the public users. We 

incorporated Cisco’s WLSE and ACS to help 

manage the network of 40 APs as well as keeping 

it more secure. This system is projected to have 

over 200 users online during peak times. 

Due to the move of the wireless network 

outside the firewall and the additions of remote 

offices, we were forced to take VPN seriously. 

Cisco’s 3000 VPN concentrator allows our staff to 

connect seamlessly while on our wireless 

network. This makes wireless a secure option 

while giving our legislators the flexibility to do 

their own thing when not connected to the VPN. 

When connected to the VPN, staff and legislators 

will receive the latest Windows patches and antivirus 

system updates. 

Security was implemented everywhere it 

could be. On the domain side, we are using 

Microsoft’s MOM server to monitor all servers 

for any security or hardware faults. We also use 

policies to make sure any PC that logs onto the 

domain is updated with the proper patches. On 

the network side we use MAC authentication 

where needed and ACL’s to secure traffic flows. 

This helps each division within the Nevada 

Legislature maintain the type of operating 

environment they want without having multiple 

domains and networks, which can become very 

expensive. Our next step is to create an intelligent 

network by integrating our intrusion 

detection/prevention systems and policies with 

our network devices to create a dynamic infrastructure 

that reacts to changes in its environment, 

making it more secure. 

The Nevada State Legislature Operations 

Team consists of Manager Randy Dumbauld, 

Rich Tillis, Scott Corbett and myself, Eric Dugger. 

References: 

Microsoft 2003 

http://www.microsoft.com/windowsserver2003/evaluation/ 

overview/family.mspx 

Cisco Catalyst 6500 

http://www.cisco.com/en/US/products/hw/switches/ps708/ 

index.html 

Cisco VPN 3000 

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/ 

index.html 

Cisco Wireless 

http://www.cisco.com/en/US/products/hw/wireless/ps430/ 

index.html 

Cisco Enterprise Security Solutions 

http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ 

networking_solutions_packages_list.html

Kansas Technology Update 

By Dave Larson 

Three interesting initiatives are occurring 

at the Kansas Legislature. 

First, the electronic committee experiment 

will continue this session. This project was 

started last year when the House Health and 

Human Services Committee and the Senate 

Utilities Committee acquired Tablet PCs, 

software, wireless networking equipment and 

multimedia facilities to conduct a totally 

paperless, electronic committee. Feedback and 

lessons learned from last session were factored 

into revisions to be tested this session. Some 

of the lessons learned were: 

• Legislators, no matter the initial skill level, 

eventually overcame their resistance and 

adopted the technology. The largest complaint 

from legislators was the prohibition on using 

state resources in campaigns, therefore they 

could not put their campaign material on the 

state-provided tablet. 

• Legislators who indicated they were 

computer literate, overestimated their abilities. 

More training is required than was anticipated. 

• The process moves too fast for search 

technology to be employed effectively. Push 

technology is required. 

• The tablets were used over traditional 

laptops for two reasons. First, it was 

anticipated that handwriting recognition would 

smooth the transition for the non-computer 

oriented legislator. Second, using the PC in 

tablet mode kept the legislator from hiding 

behind the screen and was perceived to be more 

courteous to conferees. Handwriting 

recognition is quite good today. Some 

legislators liked to mark up bills in handwriting 

mode, but ultimately, handwriting capability is 

not required for acceptance or success. 

• The electronic process did not appear to be 

a disadvantage to any conferee. Nearly all 

testimony was submitted in electronic form. 

Testimony that wasn’t submitted in electronic 

form was scanned and entered into the 

document database by committee staff. 

• The electronic process placed some 

additional work on the committee staff to 

prepare for the committee meeting. Significant 

effort was applied during the interim to relieve 

the workload. 

• There was a temptation by the committee to 

coerce the staff revisor to draft amendments in 

committee. Staff revisors prefer to take notes 

back to the office and draft there. Similar 

pressures were experienced by the research 

staff. 

• To be really effective, there may need to be 

a technician assigned to the electronic 

committee to manage the technology, pan the 

camera, etc. 

The experiment was funded by a grant from 

the Information Network of Kansas (INK). INK 

is the state’s information portal manager. The 

State of Kansas’ information portal is called 

AccessKansas. 

Second, the Kansas Capitol is in the third 

year of a 10-year renovation. As part of the 

renovation, a wireless survey was conducted by 

a Kansas City firm. Surprisingly, the survey 

indicated that the massive, stone Capitol 

building with all its nooks and crannies did not 

pose any significant challenges to wireless 

coverage. This is encouraging and indicates 

that the installation of wireless networking 

maybe easier and less expensive than 

anticipated. This revelation may allow us to 

speed up the implementation of wireless which 

in turn may help us manage the network through 

the renovation. 

Third, the Legislature recently completed 

the latest revision of its strategic computing 

plan. This version was created using a new 

methodology called the “New Information 

Economics (NIE) Model.” The model was 

developed by the Beta Group and published in 

February 2004. We found the model easy to 

understand and implement. The model helped us 

focus on the true needs of the Legislature and 

quantify those results. 

The methodology works by aligning 

strategic intentions to the mission of the 

organization. These intentions include an 

analysis of organizational structure and the 

objectives of the organizational subgroups. In 

turn, the objectives are used to develop 

information technology objectives that support 

the mission of the enterprise. The revised 

strategic plan was adopted last fall and we are 

busy preparing to implement the first set of 

priorities identified in the plan. 

H andwriting 

recognition is quite 

good today. Some 

legislators liked to mark 

up bills in handwriting 

mode, but ultimately, 

handwriting capability is 

not required for 

acceptance or success. 

7

S pyware has eclipsed 

viruses and spam 

as the fastest growing 

threat to users on the 

Internet. 

8 

The Scourge of Spyware 

By Lorie A. Johnson 

Recently, a House member came into my 

office with his laptop. It would not start up 

and I noticed a chassis problem, so I 

swapped his hard drive into a spare machine. 

I booted the machine to check that the hard 

drive was working and discovered it took 

much longer than usual to boot. After 

logging in I observed several icons for a fake 

anti-spyware program on the desktop and a 

swarm of pop-ups appeared on the screen 

without opening the browser. It took four 

hours to remove all of the rogue programs. 

This scenario is a reflection of the fastest 

growing scourge on the Internet: spyware. 

Spyware has eclipsed viruses and spam 

as the fastest growing threat to users on the 

Internet. Spyware can be web bugs that 

follow your browsing, ad servers that feed 

popups to your system, and key loggers 

which record passwords and other private 

information. Trojan horses are another form 

of spyware that open back doors to your 

system and enable hackers to use your 

system as a zombie for sending spam or 

distributed denial of service attacks. When 

you think you have managed to remove it, 

the creators of this software have disguised it 

so that it magically reappears. 

Spyware can get into a computer in a 

variety of ways: through attachments in email, 

through unpatched browsers, in socalled 

‘drive-by downloads’, inattentive 

clicking on pop-ups, in popular software like 

file sharing and screen savers, and even 

through port scans of unprotected systems. 

Spyware infections and compromises are less 

common for state and enterprise systems, 

since those systems are normally set up and 

patched behind enterprise-level firewalls. 

However portable systems, when connected 

to outside networks, become magnets for 

malware if not properly updated. In addition, 

innocent searches made from inside a 

protected network can lead to browser 

hijackers. 

Currently, the spyware and malware 

assault is far ahead of our means to fix it. 

There is no single anti-spyware program 

available that will clean all spyware. You have 

to install several programs, use them in layers 

to get rid of the spyware, and hope it has all 

been removed. Enterprise level companies, 

like Panda and MacAfee, are finally catching 

up, but it has taken them awhile. Fake antispyware 

software is an even more sinister 

development for people hoping for a quick 

cure. A site called SpywareWarrior.com has an 

extensive and continually updated list of fake 

spyware programs, some with names close 

enough to appear legitimate. There are several 

excellent free anti-spyware programs available, 

such as Lavasoft’s venerable “Ad Aware,” Kolla’s 

“Spybot Search and Destroy,” and Webroot’s 

“Spy Sweeper.” 

How do you clean up the messes these 

malicious programs leave on systems? The 

easiest solution is to re-image the system, but if 

you have systems that are not imaged, or are 

specialty systems, re-imaging will not work. Here 

are some basic steps we utilize to clean infested 

machines. 

• First, generate a reference list of processes 

with Task Manager from a clean machine. In 

addition, use the program Hijack This! to get a 

reference list of Browser Helper Objects (BHOs). 

• When cleaning a PC, boot into Safe Mode 

and get rid of suspicious programs using “Add/ 

Remove Programs.” 

• Run Spybot S&D, Ad-Aware, and Hijack This 

to find and clean up any strays and recursives. 

• For stubborn programs, we use 

“MSCONFIG” to turn off hidden programs that 

might run in startup, and comb the registry for 

other bits and pieces. We also clean out the temp 

files. 

The key to keeping spyware infestations at 

bay is vigilance. Your IT security staff must stay 

on top of all developing trends in spyware, and 

keep your systems patched and protected. 

Constant vigilance and swift action, as well as 

policies and communication that educate your 

staff, are your best tools. 

Resources: 

CastleCops (formerly Computer Cops) 

http://computercops.biz/ 

Spyware Warrior 

http://www.spywarewarrior.com/index.php 

Tom Coyote 

http://tomcoyote.com/ 

Gibson Research Corporation 

http://www.grc.com/default.htm 

Infestation in four minutes: 

http://www.techweb.com/wire/security/54201306 

Fake spyware listings: 

http://www.spywarewarrior.com/rogue_anti-spyware.htm

2004 NALIT PDS: 

Mischief in the Mountains 

Last September, the 2004 NALIT 

Professional Development Seminar was held in 

Burlington, Vermont. Well over 100 people 

attended. To the 20 or so for whom this was 

their first NALIT conference... welcome. We 

hope to see you at future conferences! 

Between the high quality of the program 

offered and the beauty of the venue, a very 

good time was 

had by all. 

Burlington, a 

small but 

vibrant city 

located on the 

shore of Lake 

Champlain, is a 

town with a 

wide variety of 

restaurants, 

bars, and other 

entertainment, 

and NALIT 

people, as 

usual, enjoyed 

all these facilities to their fullest. 

The seminars included sessions on both 

technical and managerial topics. And, as 

always, I found myself wishing to be in two 

places at once. At the Managing Expectations 

session, Vermont Rep. Judy Livingston gave an 

impassioned plea on behalf of legislators 

everywhere for more help using the tools we 

provide. On the technical side, the Voice Over 

IP session provided real world experience in 

implementing this fast-growing technology from 

people who have actually done it. Other 

session topics 

included Embracing 

Security, Contingency 

Planning, RSS, and 

XML Editors. 

One day was 

spent at the State 

Capitol in Montpelier, 

where several 

sessions were held jointly with both the NALIT 

and the Legal Services Staff Section (LSSS). 

One joint meeting discussed the public records 

implications of e-mail. If this session didn’t 

scare the pants off of you, you weren’t 

listening! 

Over lunch, Dr. Frank Bryan, a professor of 

political science from the University of Vermont, 

discussed that unique institution, the New 

by Duncan Goss 

England Town Meeting, a totally new concept 

for many conferees, but one as familiar to me as 

parades on the Fourth of July. Recently, I 

attended our town’s 200th consecutive meeting, 

and Dr. Bryan’s wry observations were right on 

target! 

On the way back from Montpelier, we 

visited another Vermont institution of more 

recent vintage, Ben & Jerry’s main ice cream 

factory. While this visit may not have provided 

any more insights into the legislative process, it 

certainly gave people another taste of Vermont. 

The final day of the conference concluded 

with a visit to the Shelburne Museum, an 

eclectic 

collection 

of 

Americana 

spread 

throughout 

some 40 

buildings. 

The 

evening 

concluded 

with a truly 

spectacular 

dinner on 

board the 

Ticonderoga, 

Pam Greenberg and Duncan Goss 

an elegant steamship located at the center of the 

museum grounds. 

After dinner, we presented Pam Greenberg with 

a print of the Burlington waterfront, signed by 

all conference attendees, in gratitude for all that 

she does for NALIT. 

I appreciated having the opportunity to 

welcome all of you to Vermont and I am looking 

forward to next October and the 2005 

Professional Development Seminar in Rapid 

City, South Dakota. See you all there! 

A t the Managing 

Expectations 

session, Vermont state 

Representative Judy 

Livingston gave an 

impassioned plea on 

behalf of legislators 

everywhere for more 

help using the tools we 

provide. 

9

10 

Editor's Corner 

By Gary Wieman 

Hello to all. I do hope that this newsletter is 

finding all of you healthy and having a success 

filled legislative session. It seems that the winter 

edition of the newsletter is getting out later 

every year, but the late date of the NCSL Annual 

meeting this year allows me a little more time to 

come up with a final product. 

In this newsletter I tried to present you with the 

latest information of what state legislative 

technology has to offer. I listened and took 

notes at the State Roundtable presentations at 

the Professional Development Seminar in 

Burlington, VT. I took this information, compared 

it to presentations made at previous PDS and 

Annual Meeting seminars, and asked for articles 

from states who had not presented their updates 

before. Some of these may have been topics that 

had been discussed previously, but at least they 

Executive Committee - Officers and Directors 

2004-05 

Chair/Vice Chair 

J. Andrew Kraus 

Senior Network 

Administrator 

Legislature 

300 SW 10th Ave., 

Ste. 529-S 

Topeka , KS 66612 

Voice: 785-296-2610 

Fax: 785-296-1153 

E-mail: andyk@las.state.ks.us 

Secretary 

Gary Wieman 

Network Manager 

Leg. Technology Center 

1445 K St., Rm. 359 

P.O. Box 94604 

Lincoln, NE 68509 

Voice: 402-471-6210 

Fax: 402-479-0990 

E-mail: gwieman@unicam.state.ne.us 

Past Chair 

Maryann Trauger 

Manager, 

IT Services 

North Dakota 

Legislative Council 

State Capitol, 

600 E. Boulevard 

Bismarck, ND 58505 

Voice: 701-328-2916 

Fax: 701-328-3615 

E-mail: mtrauger@state.nd.us 

2004-2005 Directors 

Scott Darnall 

Programmer/Analyst 

Legislative Research Council 

500 East Capitol 

Pierre, SD 575-01-5070 

Voice: 605-773-4296 

Fax: 605-773-4576 

E-mail: scott.darnall@state.sd.us 

Andy Harvey 

Webmaster 

Legislative Counsel Bureau 

401 S Carson St 

Carson City, NV 89701-4747 

Voice: 775-684-1347 

Fax: 775-684-1333 

E-mail: aharvey@lcb.state.nv.us 

Rick Johnson 

Senior Software Engineer 

Legislative Service Center 

2404 Chandler Court SW 

Olympia, WA 98502 

Voice: 360-786-7725 

Fax: 360-786-7234 

E-mail: johnson_ri@leg.wa.gov 

Ann McLaughlin 

Director 

Legislative Information System 

Office of the Controller General 

Legislative Hall, Box 1401 

Dover, DE 19903 

Phone: 302-744-4207 

Fax: 302-739-3794 

E-mail: ann.mclaughlin@state.de.us 

Jonathan Palmore 

Information Systems Director 

Senate 

P.O. Box 396 

Richmond, VA 23218 

Voice: 804-698-7410 

Fax: 804-698-7670 

E-mail: jpalmore@sov.state.va.us 

Janet Sullivan 

Applications Project Manager 

Texas Legislative Council 

P.O. Box 12128 

Capitol Station 

Austin, TX 78711-2128 

Voice: 512-463-1160 

E-mail: janet.sullivan@tlc.state.tx.us 

were from a different perspective. 

I want to thank all the contributing authors for 

their time and effort in providing information that 

is useful to NALIT members. I would like to 

encourage those who have not participated 

before to get involved with NALIT by 

submitting articles, to participate in meetings, 

and to volunteer for committees. There are many 

great opportunities to meet your peers from 

other states through this organization and to 

develop friendships and exchange ideas that will 

benefit all. 

Hope you've enjoyed the newsletter, 

Gary Wieman 

Secretary 

NALIT Executive Committee 

2004-05 NALIT Committees 

(appointments pending unless noted) 

2005 Professional Development Seminar Site Selection Committee 

The committee will review site selection criteria, solicit bids, and make 

recommendations for locations of future Professional Development Seminars. 

2005 Professional Development Seminar Planning Committee 

Co-Chairs: Lou Adamson, South Dakota; Scott Darnall, South Dakota 

The committee will assist the host state staff as requested, plan session content 

and activities, locate speakers, and carry out other tasks that would contribute to 

the success of the seminar. 

Outreach Committee 

Members of this committee will have a two-year appointment. Committee 

activities primarily will include the continuation of outreach efforts to members 

of other staff sections and inactive NALIT members. Efforts will be made to 

encourage inactive NALIT members to become involved again by issuing 

invitations to the NCSL Annual Meeting and the PDS, and to reach newcomers 

by developing an information packet explaining the benefits of our organization. 

Development of mentoring programs and other new activities would enhance the 

purpose of this committee. 

IT Survey Committee 

Members of this committee will have a two-year appointment. Committee 

activities will include evaluating the information presently in the survey, and 

updating the types of information in the survey. The committee will issue 

reminders to members to update their information within predetermined time 

frames (e.g. quarterly, annually), and decide the best means for presentation on 

the NALIT web page. The committee will also develop additional methods and 

activities to enhance the value of the survey information. 

IT Seal of Approval Exploratory Committee 

Committee activities will include evaluating new and existing technologies and 

processes, and offering an unbiased opinion that NALIT and other NCSL staff 

sections can use as a source of information. The committee will observe existing 

solutions, evaluate positive and negative aspects, and provide estimates of effort 

needed for implementation. The committee will monitor other states’ technology 

activities and utilize experts in those states to provide information to the NALIT 

membership. Members of this committee will have a two-year appointment. 

The initial year will be spent forming the scope of the committee’s work, and 

start a few initial examinations to report at the 2005 Annual Meeting. The 

committee membership will consist of a mixture of management and 

technology specialists so that issues can be examined from all perspectives. 

2005 NALIT Staff Achievement Awards Committee 

The Legislative Staff Achievement Awards Committee will solicit nominations 

and recommend award recipients for the 2005 NALIT Legislative Staff 

Achievement Award, based on criteria outlined on the NALIT Web Site. 

2005 Nominating Committee 

The NALIT Nominating Committee will interview and evaluate interested 

candidates and present the slate of candidates for election at the Business 

Meeting at the NCSL Annual Meeting in Seattle in August.

CHAIR'S CORNER Andy Kraus - National Conference of State ...

Create successful ePaper yourself

Delete template?

Save as template?