https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
    • Latest videos
    • Product Guides
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
    • Latest videos
    • Product Guides
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE 2022
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

Smart Cities & Technology


GOVERNMENT TECHNOLOGY/Locking down on computer security

GOVERNMENT TECHNOLOGY/Locking down on computer security

Gaithersburg, Md., learned the importance of managing a comprehensive security program following two significant computer security breaches in June. Those
  • Written by Barry Smith
  • 1st October 2001

Gaithersburg, Md., learned the importance of managing a comprehensive security program following two significant computer security breaches in June. Those incidents made clear what computer security experts have been saying for years: Everyone is a potential target for a security violation. More importantly, the incidents taught the city that security must never be an afterthought.

The security violations began when a hacker guessed an employee’s e-mail password and sent off-color messages to city employees. If the hacker had not sent the e-mails, the city likely would not have known its computer security had been compromised. Unfortunately, an infrequently communicated password policy combined with an inability to automate e-mail password changes made the city susceptible to that type of attack.

Immediately, city technology staff reiterated the e-mail policy at staff meetings and via e-mail. Those measures heightened awareness for all city staff about how each employee plays a role in securing the city’s computer environment. In turn, technology staff received feedback and support for implementing enhanced security measures in other areas of the city.

Soon after the e-mail password problem was solved, a worm used a well-known security hole to hit one of the city’s Internet-connected servers. Fortunately, the worm only defaced an internal Web site before moving on. The IT department used two third-party consultants to help secure the compromised server and other Web servers and to enhance internal procedures regarding patches to servers.

Gaithersburg learned quickly why many experts refer to securing information systems as an exercise in risk management. Because it is impossible (if not impractical) to completely secure information systems, local governments must assess the potential for loss for each of the components of their information systems and develop a plan to minimize the risks for loss.

IT departments can determine each of their systems’ or databases’ risks by predicting the operational effect of unavailable or compromised systems. That inventory is best accomplished through a series of frank, open discussions with city or county management and possibly elected officials. With risk rated for each system, IT staff are equipped to establish appropriate user access and security measures.

Technology staff then must commit to implementing and managing a security program. Commonly recurring tasks in a security program include educating users, monitoring the effectiveness of the security program, identifying and reviewing new security risks, and constantly adapting the security policies and procedures to meet the needs of the city or county infrastructure.

A few good things resulted from Gaithersburg’s computer security violations. First, city management became much more aware of the risks associated with deploying and managing technology projects. That led to more involved discussions about rolling out future online services, such as registration for Parks and Recreation activities. Now, security and risk management is discussed by all of the city’s computer users and not only by technology staff.

Second, city management learned of the growing depth and breadth of security issues facing technology staff. Finally, the IT staff was able to demonstrate its value to the city by responding to security problems quickly and capably.

There are potential online security holes in any organization. Once a local government calculates the risk related to its particular situation, it can assign resources and develop an effective, practical security program.

The author is IT director for Gaithersburg, Md.

Tags: Smart Cities & Technology

Most Recent


  • How 5G is making cities safer, smarter, and more efficient
    This article first appeared on Urgent Communication. It’s a scenario we’ve all experienced: an ambulance with a blaring siren racing against time to get a person in medical distress to a hospital through traffic. What we don’t see is 5G connectivity enabling paramedics to communicate with hospital staff via video conference and coordinate care in […]
  • landslides
    Managing landslides along road corridors using remote sensing
    Maintaining roads is an optimization problem. Local officials must balance limited and sometimes shrinking budgets with the needs of their communities to have safe and reliable transportation systems. Unfortunately, the importance of a particular maintenance issue is often judged based on anecdotal information and complaints from the public rather than hard data. This approach is […]
  • resilience
    Report: Prioritizing neighborhood infill, expanding transit options increases neighborhood resilience
    With the threat of climate change looming, cities that prioritize neighborhood resilience and equity will be best equipped to withstand future challenges. Last week, the United States Conference of Mayors and the Wells Fargo Institute for Sustainable Finance released a report highlighting strategies for communities looking to address the impact of the climate crisis. “Mayors […]
  • Oakland launches smart loading zone program for commercial business at the curbside
    Across the United States, cities are launching app-based programs that give delivery drivers the ability to digitally book curbside space. Oakland, Calif. is the latest city to do so, having partnered with Populus to implement Smart Loading Zones that can be reserved remotely via GPS technology. “Demand for our very limited curb space has increased […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • What “smart city” means for 2021: How digital twins, AI and other innovations drive smart transformation
  • 10 reasons why local governments should outsource all IT: Post pandemic view
  • MS-ISAC members get free access to Deloitte’s Cyber Detect and Respond Portal to help respond to cyber threats
  • North Texas alliance partners with Marketplace.city on smart government solutions

White papers


Modernizing government services for today’s resident expectations

24th January 2023

Preparing Your Community Now for the Next Generation of Older Adults

18th October 2022

Helping Government Fleets Achieve Their Goals

30th September 2022
view all

Webinars


How To: Evaluate Digital Government Service Delivery Technologies

23rd January 2023

Using Technology to Enhance Communications

29th November 2022

Learn the benefits of transforming and automating your Contract Management process

4th November 2022
view all

PODCAST


Young Leaders Episode 4 – Cyril Jefferson – City Councilman, High Point, North Carolina

13th October 2020

Young Leaders Episode 3 – Shannon Hardin – City Council President, Columbus, Ohio

27th July 2020

Young Leaders Episode 2 – Christian Williams – Development Services Planner, Goodyear, Ariz.

1st July 2020
view all

GALLERIES


Report: While remote work is causing offices to empty out, walkable cities are still in high demand

26th January 2023

10 American cities with a great downtown

24th January 2023

Miami leads the way in FT-Nikkei ranking of best U.S. cities for foreign companies

20th January 2023
view all

Twitter


AmerCityCounty

New York mayor announces city-wide curbside composting program, impacting 8.5 million residents by 2024 dlvr.it/ShhRk1

30th January 2023
AmerCityCounty

Federal funds help fast-growing Arizona city address several infrastructure challenges and needs dlvr.it/ShhBtf

30th January 2023
AmerCityCounty

How 5G is making cities safer, smarter, and more efficient dlvr.it/ShYNcx

27th January 2023
AmerCityCounty

Shifting city demographics present an opportunity to build coalitions, address inequality dlvr.it/ShYMMm

27th January 2023
AmerCityCounty

Spending American Rescue Plan Act funds: A primer for municipalities dlvr.it/ShXzvl

27th January 2023
AmerCityCounty

Report: While remote work is causing offices to empty out, walkable cities are still in high demand dlvr.it/ShVhBW

26th January 2023
AmerCityCounty

Managing landslides along road corridors using remote sensing dlvr.it/ShTpL6

26th January 2023
AmerCityCounty

Report: Prioritizing neighborhood infill, expanding transit options increases neighborhood resilience dlvr.it/ShRrFM

25th January 2023

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.