State flag of Tennessee An official website of the Tennessee Secretary of State.

NON-COMPLIANCE FILE

RDA Number
1875
Effective Date
Record Series Abstract
This Record Series consist of, but not limited In-use Form, and any other records relating to the misuse or nonuse of any donated Federal Property. A case of non-compliance is initiated by General Services Administration and is based on allegations or indications of misuse, etc.
Record Series Active
Yes
Cut Off at End of
Other
If Other, Explain
At the end of investigation closure.
Total Retention Years
5
Total Retention Months
0
Retention End Action
Destroy
Disposition Notes
The retention requirement is based on regulations requiring the records be maintained until the Donee has met all requirements made by Federal General Services Administration to recover funds, and or recall property. Both paper and electronic versions will be maintained in its respective format until the end of the Retention Period, then destroyed.
Allotment Code
32118
Record Location
Vehicle and Asset Management 6500 Centennial Blvd., Nashville, TN 37243
File Arrangement
Alphabetical
Date Range
2012 to current
Annual Accumulation
Paper: 1 cu.ft. Electronic: approx. 3.4 GB
Current Volume
Paper: 10 cu.ft. Electronic: approx. 17 GB
Record Value
Administrative
Fiscal
Audit Requirements
Both
Information Shared Outside the State
Yes
Shared Agencies
Federal General Services Administration
Essential Record
Yes - Original
Essential Record Stored
Vehicle and Asset Management 6500 Centennial Blvd., Nashville, TN 37243
Essential Record Media Type
Paper
Confidential
No
Confidential Legal Citation
HIPPA-State, Human Resources
Does this Record Series Contain Sensitive Information?
No
Agency Retention
5 years
Records Center Retention Period
None
System Name
In-Circuit is the application provided by AssetWorks and the application is hosted at Amazon Web Services (AWS)
IT-ABC Number
No IT-ABC Number available
Hardware Description
The Wayne, Pennsylvania datacenter operation is presently responsible for servers supporting the inscope technology solutions. The in-scope managed services are hosted on virtual servers. Firewalls AssetWorks deploys firewalls monitored by outsourced entities (Arraya Solutions, Cisco SourceFire Security). All critical infrastructure firewalls are high redundant pairs running on a Secure Platform. These units protect local assets as well as provide a secure VPN back to the corporate office. Remote users accessing critical systems inside the AssetWorks firewalls are required to authenticate through a VPN connection using IPSEC to the firewall. The authentication is currently done through strong local username/password combinations on the firewall itself. Network and computer systems are monitored using several software packages and methods. Network traffic is monitored through the use of automated alerts in firewall logs as well as content filtering packages such as Cisco IronPort. Network devices are scanned monthly for vulnerabilities. AssetWorks utilizes IBM-centric Technology within its data center with all major platforms supported, including Windows, UNIX and Linux, with database support from Oracle, MS SQL Server and DB2. The data center operates 24/7 and provides diverse and fully redundant ISPs and UPS with dedicated generator and firewall protection of all system
Software Description
Software used by AssetWorks to manage and support the System includes: Monitoring tools - network, server, application, security and device: SolarWinds Nagios Webmetrics Arraya Manager 365 (monitors network 24x7) Service Wise (Incident/Problem tracking) Argent Change management and help desk: Confluence System management: VCenter Operations Manager Vulnerability management, remediation management, risk analysis reporting, change control, security information and event management (SEIM), investigation and log management: Tenable Nessus IBM Security Appscan Enterprise Network protection - firewall, network intrusion prevention, and authentication: FishNet (disc 2/7/16) Cisco ASA 5585-X Email and Web - gateways and filtering: Cisco IronPort (site filtering) ProofPoint Cisco ACS Desktop Protection - virus protection, desktop firewall, host IPS, web filtering, mobility management, application control, and virtualization: Trend Micro Office Scan/Malware Bytes Data Protection - disk and data encryption, device control, and network data loss prevention (DLP): Trend Micro Datacenter Protection - host intrusion prevention, change control, and database security: Trend Micro/Firewalls Network Protection - Firewall, network intrusion prevention and authentication: Cisco SourceFire IDS/IPS UltraDNS- DNS Management
System Location
The Wayne, Pennsylvania datacenter operation is presently responsible for servers supporting the inscope technology solutions. The in-scope managed services are hosted on virtual servers
Backup Procedures
For data stored in the entity's server room, backups are conducted daily to local disk storage and then replicated into the cloud.
Disaster Recovery
The Disaster Recovery plans are tested annually in accordance with AssetWorks' system availability policies
Data Migration Description
System and development changes are reviewed and approved by the Manager of Development prior to implementation in production. Separate environments are used for development, testing, staging and production. Developers do not have access to promote code into production. The QA Manager performs post implementation procedures on development changes to ensure the operation of system changes after implementation in production.
Legacy Revision UUID
440