Every time you read or watch the news, it seems that another hacking job has succeeded on high-profile targets such as the Central Intelligence Agency, the United States Senate, and companies like Sony. A recent article from CNET notes:
“Hacker groups Anonymous and LulzSec said [Monday, June 20] they are uniting in a campaign aimed at banks, government agencies, and other high-profile targets, and they are encouraging others to steal and leak classified information.”
While no one organization is 100% safe, it is unfortunate that many of these organizations are hacked easily because of weak security. Local government is ripe for such attacks because of limited budgets, lack of information security regulations or standards, and obsolete or missing technologies (e.g. firewalls, etc).
Given that these hacking groups have declared cyberwar against government targets, here are three Information Security 101 things you can do to prevent yourself from being an easy target:
1. Patch software regularly (e.g. regular Windows updates). Before Sophicity stabilizes a city’s environment, we find in most cases that servers and workstations are woefully behind on basic software patching.2. Install an enterprise firewall along with deploying an antivirus solution.3. Change passwords regularly and have a password policy in place.
In case you haven’t noticed, the theme of cloud computing and cost savings is spreading like wildfire through many organizations – including municipalities. According to a recent GovTech article, the City of Alexandria, Virginia will save $1 million over the next 6 years through its use of cloud computing services. A few tips stand out:
Pujan Roka wrote an excellent concise article about cloud computing in the May 8, 2011 edition of the Atlanta Journal Constitution. In it, he describes how information technology is increasingly becoming more like a utility. Cities (especially for the cost savings) should seriously be looking at the cloud. For example, the City of Canton, Georgia is experiencing feature rich benefits from using Google Apps – while saving $10,000/year in costs.
In our discussions with both technical and non-technical decision makers at cities, we hear objections and some confusion about how the cloud will benefit them. One way to think about cloud computing is to consider the early days of electricity. Roka points out how factories initially had to produce their own electricity, which was expensive and created a lot of waste. Once electricity shifted to the utility model, costs came down and quality of service went up.
Information technology is going through a similar revolution and despite some recent highly publicized outages, the reliability is all but 100%. It’s now just a matter of jumping into the cloud – and bringing your costs down.
Are you still managing project tasks with post-its all around your PC? Are your estimates realistic? Are all team members and project sponsors on the same page? Do you have to crunch the numbers again and again to report status to decision makers? Maybe Microsoft Project’s predecessors give you a headache when running a large project schedule? :)
Check out my presentation at the Southern Municipal Conference IT Spring meeting where I shared and demoed a pretty cool tool that Sophicity is now using called LiquidPlanner. It solves, very well, a few of the pains that we all encounter managing IT projects.
Clint Nelms, Network Infrastructure Practice Manager at Sophicity, recently published “Three Reasons Why Cities Should Consider Hosted Email” in the March 2011 issue of Texas Town & City. The magazine is published by the Texas Municipal League and focuses on a variety of contemporary municipal issues. We encourage you to read the complete article and also visit Texas Town & City online.
You may have already implemented or considered cloud solutions, especially enticed by the reductions in technology costs. But many people are still concerned about security. “What happens to my data when it’s ‘out there’ in the cloud?”
Here’s Army General Keith Alexander, commander of U.S. Cyber Command and director of the National Security Agency:
“This [cloud] architecture would seem at first glance to be vulnerable to insider threats—indeed, no system that human beings use can be made immune to abuse—but we are convinced the controls and tools that will be built into the cloud will ensure that people cannot see any data beyond what they need for their jobs and will be swiftly identified if they make unauthorized attempts to access data.”
Read the entire article from Forbes.
You may have already read about cloud computing hype, so skepticism in this Wall Street Journal article comparing it to the Industrial Revolution is understandable. It’s understood that cloud computing has distinct benefits. If you suffer headaches from purchasing and maintaining software or email on your own servers, then cloud computing’s “buy as you use” model (which works similar to utilities) can reduce your costs and increase performance without the worries of software maintenance.
However, the article also says: “Far-fetched though [the comparison to the Industrial Revolution] may sound, research published by the London-based Centre for Economics and Business Research in December seems partly to reinforce this view. It predicts that the increased productivity, job creation, business development and competitive advantage brought about by cloud computing will generate an additional €763 billion ($1.04 trillion) in economic value and will create some 2.4 million jobs in Europe during the next five years.”
These benefits are a consequence of less disruption (and more operational continuity), reduced costs (and more hiring), and lower cost of entry (which means more access to critical line of business applications that improve citizen services). If your municipality has not seriously explored the cost and productivity benefits of cloud computing, talk to your IT director or a trusted vendor.
This article notes Jacksonville, Florida’s successful process of moving to a new ERP system and expands upon other cities’ experiences illustrating what can go right...and wrong...with such implementations. To maximize the investment for such a complicated project, it’s essential to follow a clear methodical process that includes rigorous requirements, vendor selection, and project management. If a sound process is followed, a city can truly make a leap forward in terms of cost savings and productivity enhancements.
For another case study on an ERP implementation, please review the City of Duluth, Georgia’s successful project.
Security issues and social media are two unwilling dancing partners in the evolution of the communication services that are revolutionizing how we communicate. There is no doubt that entering the world of social media is a must, yet many legitimate security issues unfortunately scare off municipalities from fully participating.
However, with just a few basic IT network and security precautions, a municipality can be assured that entering the world of social media will involve no more risk than Internet access and email for employees.
A Compuware study last year found that around 99% of data loss incidents are caused by internal users (not external attacks). It’s easy to blame the users, but even the most savvy of users can be tricked by some of the complicated virus and phishing attacks seen on Facebook, Twitter, and other social media sites. We recommend talking to your IT staff or a trusted vendor to discuss methods of securing your network and making sure users are protected.
As this GovTech article states unequivocally, “...some would argue that without anti-virus, data loss prevention and scanning tools, a social media presence simply wouldn’t be possible for a public agency.”
Our Focus | Products | Resources | Company | Contact | Sitemap | Login
© 2009-2014 Sophicity, all rights reserved. Sophicity®, "We put the IT in City”, and the Sophicity logo are registered trademarks of Sophicity.