Department Heads Meeting: Lotus Notes Decommissioning & Cyber Event Recovery
A comprehensive status report on two critical IT initiatives shaping TSAE's future.
Overview
Lotus Notes Decommissioning
Current progress, timeline, and strategic benefits of retiring our legacy infrastructure
Cyber Event Recovery
Restoration status of Content Navigator
These interconnected initiatives represent our commitment to modernization, security, and operational excellence across all departments.
Lotus Notes Decommissioning: Why It Matters
The Challenge
Legacy Lotus Notes systems hold decades of critical historical data but severely constrain our ability to innovate and compete in today's digital landscape.
Industry research reveals that organizations spend upwards of 70% of their resources maintaining legacy systems like Lotus Notes.
Strategic Benefits
  • Reduction of Technical Debt
  • Reduction in Risk
  • Enhanced Compliance
  • Cost optimization
  • Modernization at scale
Lotus Notes Decommissioning & New Platform Build: Current Status
60%
Data Migrated
Inactive Notes data now in modern archives
100%
Compliance Maintained
Full audit and legal hold capabilities preserved
35%
Performance Gain
System speed improvement from data offloading
Lotus Notes Decommissioning & New Platform Build: RFP Timeline
1
September 15, 2025
RFP sent to vendors
2
September 22, 2025
Bidders Conference held
3
October 17, 2025
Proponent NDA finalized
4
Week of October 27, 2025
Demo scheduled (estimated)
5
November 7, 2025
Proposal submission deadline
6
November 13, 2025
Proposals evaluated.
7
Late November/Early December 2025
Vendor selection concludes - IT submits recommendations to Legal Department, and Legal provides decision.
Lotus Notes Decommissioning & New Platform Build: Project Progress
1
Lotus Notes Archiving Nears Completion
95% of 316 databases archived as of 11/10/25 (302 complete, 4 in progress, 10 remaining).
Security & Access Maintenance Plan in progress.
Group-level access lists are being developed.
2
LN Deprecation & Custom Solutions
217 databases identified for deprecation, with 10 currently in progress. Three custom solutions (Legal, Purchase IT/TSAMM, and Purchase Order Management System (POMS) are actively being developed. Two additional RFPs may be required for Officer Review Board and Officer Tax Grant applications.
3
Legacy Platform RFP Milestones
RFP launched 9/15/25 for Legal systems, followed by a bidders conference. Environment demos were conducted, and proposals were submitted and evaluated. The vendors will be reviewed by a weighted scale proposed by IT with support of the Legal department. Vendor selection is targeted for early December.
4
Vendor Selection: Arizona Software Group and Enable
Following evaluations, Arizona Software Group and Enable have been narrowed down as most likely to fulfill the RFP's requirements. The final business decision will be based on cost tolerance and demand for new/improved functionality. A preliminary project timeline of 20-52 weeks is estimated, to commence after all the appropriate approvals are met.
May 24, 2025 Cyber Event: Impact to Content Navigator
Content Navigator: data while not exposed, was impacted due to historically poor maintenance of hardware and software issues identified after the incident.
dfsfsd
Immediate consequences: Partial data loss affected daily workflows across multiple departments, with some teams experiencing complete service interruptions
Content Navigator: Department Risk Assessment
The horizontal bar chart illustrates the risk assessment scores across all 14 departments. Officer Service & Records, Personnel, Legal, and Territorial Commander represent the highest-risk critical departments requiring immediate attention.
Content Navigator: Systems Recovery Process
Post-cyber event recovery efforts have been a complex, multi-stage process, focusing on data integrity and system availability.
1
June 2025: Shift to Disaster Recovery
Transitioned from initial incident containment efforts to a full-scale disaster recovery operation, prioritizing comprehensive system restoration.
2
Early July 2025: New Servers for Content Navigator
Three new virtual servers were provisioned and brought online specifically for Content Navigator.
3
Late July 2025: Failed Data Restore Attempts
Repeated attempts to restore data from Symantec Backup Exec to the new servers consistently failed, indicating issues with backup integrity.
4
August 2025: Decrypt Production Data Initiative
A decision was made to attempt decryption of the most current production data from the compromised environment. This complex process was initially estimated to take 3-5 months.
5
September 2025: Encryption & Vendor Scheduling
The data encryption process continued, alongside detailed direction and scheduling of next steps with our product support vendor, Image Access.
6
Early October 2025: Image Access Engaged
VPN access was granted to Image Access, allowing their team to begin direct work on the affected servers.
7
Late October 2025: DB2 Corruption Confirmed
Image Access reported persistent corruption issues with DB2 databases, failing to bring them online. Two older database backups from September 2024 were also found to be corrupt.
8
November 5, 2025: Emergency IBM Escalation
An emergency call was held between our CIO/CISO and Image Access, resulting in the decision to escalate the critical DB2 issues to IBM, the developer of Content Navigator.
9
Mid-November 2025: IBM Support Denied
IBM declined assistance for the DB2 issues (cases TS020844279 and TS020844244), stating that Content Manager 8.6 is no longer a supported version.
10
December 1 & 2, 2025: Plan reassessment and escalation
The IT Team and CIO/CISO met with Image Access to discuss alternative recovery options and adjusting approach/involvement with IBM.
11
December 1 - February 2026: New Recovery Strategy with Image Access
Image Access will build a new structure based on provided information and attempt to manually ingest the data, a process estimated to take 4-6 weeks.
Next Steps & Timeline
1
December 2025 - February 2026
Complete final system restoration for Content Manager.
Resolve remaining UI and processing issues
2
Q1-Q3 2026
Finalize Lotus Notes data migration, execute legacy server shutdown, and transition all users to modern platforms
3
Ongoing
Weekly status updates to department heads from IT Project Manager, Monthly maintenance reviews, and Quarterly security audits.
Communication Cadence
Regular touchpoints scheduled with all impacted department heads to ensure transparency, address concerns, and maintain alignment throughout recovery completion.
Success Metrics
Tracking system uptime, maintenance and performance, user satisfaction scores, cost savings, and security incident reduction as key performance indicators.
Conclusion: Moving Forward Together
System Modernization
Successfully migrating 95% of Lotus Notes databases to modern platforms.
Future-Proofing Technology at Scale
Building a more secure, robust, and efficient technology foundation for TSAE's future.
Business Stakeholder Engagement
Commitment to greater transparency and regular communication with all stakeholders.