Intelligent traffic systems, Facebook, Twitter, websites, online bill paying are just a few of the ways municipalities are interacting with their residents electronically. Residents desire more transparency and access to greater electronic data from their local governments, and municipalities have stepped forward in varying degrees to meet these demands. Yet the more avenues that electronic communications take place, the more vulnerabilities that exist to municipal information technology systems.
Ryan Schiffino, marketing coordinator with ProPhoenix Corporation in Morrestown, N.J., said data protection is not something to be taken lightly. “Any amount of information no matter how large or small can be harmful in the wrong hands,” he said.
In a speech at the RSA Cyber Security Conference on March 1, FBI Director Robert S. Mueller provided an outline of the many cyber security challenges facing organizations today. Use of the Internet is not the only issue. Local governments are prime targets of potential criminals, whether its financial information of utility customers, to financial banking information of the city itself, to access to critical systems like traffic and water systems.
However, online dialogue and transparency are also being demanded by local residents. As Wayne Davis, city manager of Montgomery, Ohio said, “In this age of social media, we are providing more opportunities for the “bad guys” to access city systems. There are more potential vulnerabilities that have to be accounted for when setting up our IT security infrastructure. It is a challenge, yet our citizens desire open and transparent systems, so we need to constantly find ways to meet that challenge.”
Some cities have tackled this issue by segregating critical systems into completely separate servers. This allows outside access to certain systems and noncritical data, but critical financial and infrastructure data is cocooned in a much larger web of security and limited access.
“It is fundamental to the city’s operations to protect the city’s critical data systems, but we also desire to be transparent to our residents and allow them access to important public records, said Dave Waltz, city manager of Blue Ash, Ohio. “It is important to find a balance between too much and not enough security.”
John Backman, executive director of eCityGov Alliance in Bellevue, Wash., is particularly aware of the importance of securing protection for government data that controls crucial services for residents, such as police and fire communications, traffic signal networks and water and sewer operations. “City government is not like Nordstroms in that nobody will get hurt or die if their data is compromised,” he says, “Cities offer a higher level of service where lives depend on their ability to function well.”
Increasingly, municipalities are contracting with private firms to provide the latest and highest security for their data. One innovation they have focused on is bioreaders for keeping track of information on detainees. Schiffino said the ProPhoenix Records Management System stores fingerprints of anyone enrolled in the system and makes subsequent identity verification quick and easy. He said this feature can save agencies countless hours that are normally spent trying to identify those without ID or who may be uncooperative.