3.1 Vendor Hosted Cloud Solution: The Vendor will provide projected cost for, and assist in, hosting a solution in a cloud environment. Microsoft Azure Government or AWS GovCloud environments are currently the state standard. If the Vendor is going to propose a cloud solution that is not Microsoft Azure Government or AWS GovCloud environments, the Vendor must provide their FedRAMP certification and proof that you meet the CJIS Security Policy Requirements. 3.2 Storage: The Vendor will provide a plan for and cost estimates of storage. Current storage needs are estimated at the current size of approximately one (1) Petabyte, with needs for future infinite growth. Data will be automatically tiered into storage pools based off user demand and performance needs. 3.3 Management Services: Provide initial onboarding and ongoing services related to: 3.3.1 Management of Azure Enrollment or AWS GovCloud Enrollment 3.3.1 Management of Cloud Enrollment 3.3.2 Monitoring and audit 3.3.3 Transfer/Upload of sensitive data/content from current servers to secure cloud environment 3.3.4 Transfer/Upload of video evidence from current servers to secure cloud environment 3.3.5 Video evidence archiving 3.3.6 24/7 support and management for: 3.3.7 Data Archiving 3.3.8 Data Management 3.3.9 Incident Recovery 3.3.10 Backups 3.3.11 Restoration 3.3.12 Community Upload Link feature and capabilities (this item is optional, but not a requirement) 3.3.13 Milestone, Video Management Software, integration (this item is optional, but not a requirement) 3.4 Hosting and Data Access Requirements The state is looking for a Vendor Hosted Cloud Solution. The contract doubles as an agreement for the State to own the data tables and can manipulate data, run reports as needed, pull code tables, access raw data, and develop dashboards as needed through Microsoft Power BI, ESRI, Tableau and associated platforms. The Offeror shall describe the process by which the State can access data housed within the proposed solution for ingestion into a state data repository, encompassing available methodologies (e.g., flat file, API), data formatting, frequency of updates, and any inherent constraints. Additionally, provide a high-level architecture diagram, as part of the Solution Diagram, elucidating the proposed solution's data provision mechanism. 3.5 Single Sign-On Requirements As part of the State’s Identity and Access Management (IAM) strategy, the proposed solution will need to integrate with the State of South Dakota’s standard identity management service single sign-on (SSO) which enables custom control of how citizens and state employees sign up, sign in, and manage their profiles. The SSO supports the industry standard OAuth 2.0 protocol. This identity management will handle password recovery and multi-factor authentication (MFA). MFA is required for all application Administrators and may be required for other users. Microsoft’s official documentation on the identity provider the State has implemented can be found at: 1) https://docs.microsoft.com/en-us/azure/active-directory-b2c/ and https://docs.microsoft.com/en-us/azure/active-directory-b2c/integrate-with-app-codesamples for public/citizens (Azure B2C), 2) https://learn.microsoft.com/enus/azure/active-directory/architecture/auth-oauth2 and https://learn.microsoft.com/enus/azure/active-directory/develop/v2-protocols-oidc for state employees, businesses, partners, providers, etc. (Azure Active Directory). If the offeror is not able to fulfill this identity management standard, they will be excluded from the list.
