We put the IT in city®

CitySmart Blog

Tuesday, January 31, 2017
Jabari Massey, Network Infrastructure Consultant
Jabari Massey

Imagine that a city employee who works in the finance department opens their email in the morning. As they check their email, they see one message that seems to come from the city manager. Without thinking, the employee clicks on a zip file attachment assuming that it’s an important set of documents related to a meeting that day.

This employee is not technically savvy, so they are not too alarmed when they see something downloading onto their computer. A window pops up that says to accept something. The employee clicks “yes.”

Within seconds, a chill goes down their spine. Something is wrong. Multiple pop-up windows appear on the person’s computer screen and a new program seems to be running in the background. The employee tells their supervisor, and the supervisor places a call to their reactive IT support vendor who says they might be able to stop by tomorrow.

A day passes while the employee manages to continue doing work that involves accessing software on the city’s financial server. But the employee’s computer continues to slow to a crawl until they can’t use it anymore. The city manager persuades their IT vendor to send someone over today instead of tomorrow.

A junior IT support person arrives and pokes around on the employee’s computer. “Yep, there’s a problem,” they confirm. Figuring it’s a virus, they restart the computer and go into “safe mode” to try to eliminate the virus. Plugging into the financial server to make sure it’s working properly, the junior IT support person now gets a chill down their spine.

They cannot access any data on the financial server because it’s also infected with the virus.

Panic ensues. The junior IT support person calls a senior IT support person. By then, it’s too late. Both the server and the employee’s computer had not been patched in a while, and so many recent security patches had not been applied. Plus, the city runs a free version of some antivirus software that’s only updated when the IT vendor sends someone on site.

“Thank goodness there’s a data backup of the server,” says the city manager. But when the IT support vendor tries to restore the financial data from the backup...that backup doesn’t work. At all. “But we’ve been backing it up manually at least once a week,” says the city manager.

“Have you tested the backup?” asks the senior IT support person.

“No,” says the city manager. Everyone now realizes a nightmare scenario became real. The city’s financial data is lost. Permanently.

Preventing This Disaster

Some variation of this story is all too common for many cities. The good news? Cities can easily prevent a devastating virus attack by addressing some of the errors committed in this story.

Error #1: Lack of business class antivirus software.

Notice the reference in the story to free antivirus software? Many cities try to save money by installing a free, consumer-grade version of antivirus software on computers. This is a mistake because consumer-grade antivirus software is not sophisticated enough to protect city data at the server level. That usually leaves servers unprotected and computers reliant on employees making the updates.

Error #2: Reactive IT support not maintaining and monitoring servers and computers.

The IT support people in our story weren’t getting paid to do ongoing, proactive IT support. Thus, they only updated the antivirus software when the city called on them for an onsite visit. Plus, it appeared that they did not have a process in place for regularly updating the antivirus software and testing the city’s data backups. Experienced IT professionals need to regularly audit antivirus software to confirm that it’s installed on every machine and that virus definitions (which help detect nearly all known viruses) are up to date.

Error #3: An employee clicked on an email attachment.

You might have thought we’d mention this error first. However, your employees cannot be the front line for preventing viruses. We all occasionally make mistakes by clicking on a malicious email attachment or website. That’s why you need a strong foundation in place—business class antivirus software, regularly tested data backups, and proactive IT support—to stop as many viruses as possible from activating. And even if an employee clicks on something malicious, you need to be able to recover from a virus that has been activated.

Because a virus can still get through strong defenses, employee training is a must. Train your city staff about common sources of viruses such as email attachments, websites, online software, and games. With training, you can make your employees more aware about online threats that are easy to avoid if they know how to spot them.

Concerned about a virus crippling your city? Reach out to us today.