Avoiding cyber attacks from any angle has a common thread – the combination of user education and updated systems can help avoid and prevent issues in advance. Here’s a quick list of the top five issues commonly experienced in small-to-medium local governments:
- Ransomware – Several years ago, multiple cities across the United States suffered ransomware attacks and ended up paying untold amounts of money to regain access to their own data.
- Phishing – Pilfered user credentials are another common issue experienced at the local government level. An email from a trusted vendor or other individual arrives inviting the user to click on a link to log into a specific account – at which time the cyber-criminal has obtained a set of user credentials. The link could also install a keylogger on the users machine which can capture use credentials to multiple systems.
- Trojans – The Trojan in itself isn’t an issue, it’s the actions that the Trojan enables that can cause problems. Trojans can arrive by email, or come from infected advertisements or websites that users access inadvertently.
- Broken User Access Control – As software and applications have moved to more complicated security, giving users access to only what they need has become more critical. IT Departments and System Administrators sometimes struggle to keep up with “who needs what” access.
- Outdated and Vulnerable Components – These issues can be as simple as keeping all user Operating Systems up to date with the most recent updates, and keeping anti-virus and anti-malware applications up-to-date as well. With the increase of mobile users and VPN usage off-site, System Administrators should be extra careful to monitor carefully who is accessing the network and make sure that all components are kept up-to-date.
A dual approach to prevention includes education for users and system administrators, and scheduled component review and maintenance.
- User Education – Network users should be educated and re-educated on a continual basis about the risks of cybersecurity threats. Many government entities require users to update their cybersecurity education at six- and twelve-month intervals.
- System Administrator Education – System administrators, whether professionals or laymen, should keep up with current cybersecurity threat definitions and methodologies to learn about securing the network and components for the governmental entity.
- Scheduled Component Review and Maintenance– Regular review of network components (including desktops, laptops and mobile devices) should include anti-virus and anti-malware assessment, as well as operating system evaluation. When components are no longer sustainable, they should be removed from the network. Being proactive about checking on network components is a much better plan than being reactive. System administrators can stagger reviews and updates by date, by location, and by department to ensure that all components are protected from cybersecurity threats.
FundView Software is cloud-based and fully compatible with web-enabled mobile devices. Our solutions are developed using the latest technologies. From native Excel/Word integration to dashboards to documents/image attachment, FundView helps you streamline processes and better serve your citizens.
Call or email today for a demo – (806) 794-3278