Skip to content
Close
Contact Sales
Contact Sales
VC3 is the bar

We Make IT Easy

With VC3, it’s never license this, per hour that. Instead, it’s good people. Good people who work tirelessly .

Learn More
"VC3 has made it easier than ever before for our local government to serve our citizens by providing us with modern web tools and a team
of talented and courteous professionals.
City of Valdosta, GA
Get out of the IT trenches

Municipalities

VC3 has spent the last 29 years making IT
personal, making IT easy, and getting IT
right for over 1,100 municipalities.

Learn More

Municipal League Partnerships

VC3 is the IT partner that focuses on municipalities. We understand your budgeting cycles and critical
concerns.
Our Partners

Find All the Resources You Need

Our resources & insights includes case studies, client testimonials, guides, checklists, blog articles and more!

 

All Resources
Get Started
5 min read

5 Overlooked Information Security Risks at Your City

Subscribe
Overlooked Information Security Risks at Your City

When municipalities think about cybersecurity, they often focus on protecting servers and computers. However, hackers often exploit overlooked entry points (such as printers) that seem harmless but can open the door to serious breaches.

This article covers five commonly ignored risks and how to address them.

 

1. Printers and copiers

Because printers and copiers have simple functions compared to servers and computers, it’s easy to think of them as simple machines. However, they are exposed to the following risks:

  • Printers and copiers are often connected to your network: Because printers and copiers are usually internet-enabled, they are potential entry points for hackers—who can exploit anything connected to the internet.
  • You often print, copy, or scan sensitive or confidential information: Think about all the data that cybercriminals can intercept and steal.
  • Municipalities often leave printers and copiers on their default settings: Cybercriminals look for devices left on their default settings because they are so easy to breach.

Do you like the idea of a hacker easily seeing everything you print or copy? Here’s what you can do to secure your printers and copiers.

  • Change any default passwords, configurations, and security settings now.
  • Apply firmware updates regularly, just as you apply patches and updates to your other hardware and software.
  • Monitor your printer activity for any unusual behavior such as unexpected print jobs, frequent error messages, or large data transfers.

2. Wireless routers

Wireless routers are still often viewed as consumer devices rather than part of your IT network. As a result:

  • Wireless routers are easy to overlook as a security risk: Because they are something people commonly set up at home and forget about, it’s easy to do the same thing at your municipality without IT oversight.
  • Wireless routers are often misconfigured: Default or incorrect settings can expose your wireless router to hackers like a door left wide open. 

To secure your wireless routers and protect your municipal network, you need to make sure you:

  • Lock down all wireless devices.
  • Restrict physical access to any wireless hardware—especially from the public or unauthorized employees.
  • Apply patches and firmware updates to wireless devices.
  • Use enterprise-grade hardware (not something you’d buy off the shelf at a retail store) and configure it securely.
  • Monitor your wireless network for unauthorized devices.

3. Social engineering over the phone

You can have the best digital security technology and tools on the planet, but if a cybercriminal tricks an employee into providing remote access to a PC or gets them to wire thousands of dollars to a criminal’s account, then all the digital security tools you own mean little.

Why does social engineering work so well?

  • Hackers exploit trust: Cybercriminals take advantage of people’s kindness, trust, and naivety by using psychological persuasion to trick employees into sharing passwords or granting access.
  • Hackers can try over and over: All it takes is one successful attempt to give them they break they need. One phone call where you hand over the right username and password can bypass all your technical defenses. That’s why they keep trying.
  • All they need is the weak link: In any organization, some people are more gullible than others. Like a chain, all they need to do is find the weak leak.

Municipalities need processes to help them deter criminals over the phone and limit the information shared, even if someone sounds convincing. Steps include:

  • Training staff to verify identities before sharing information.
  • Enforcing a strict “never share passwords” policy—even it’s for someone you trust over the phone or email.
  • Implementing multifactor authentication (MFA) to reduce risk.

4. Unauthorized software

What starts out as employee stubbornness or rebellion leads to security risks and breaches when unauthorized software enters your network. Examples include employees who:

  • Play games
  • Take fun quizzes
  • Watch videos

Each download, installation, and use of this unauthorized software increases the risks of malware, data leaks, and compliance violations.

A few steps to take include:

  • Using endpoint management tools to block unauthorized software downloads.
  • Educating employees about the security risks of unauthorized software and reminding them about your municipality’s security policies.
  • Regularly auditing installed software across your municipality’s devices.

 

5. Mobile devices

Mobile devices continue to become more desirable for cybercriminals to target, especially because many municipalities allow employees to use personal devices that are potentially not secured.

Consider the following scary mobile security statistics (collected by Certo):

  • About 6.3% of smartphones in 2024 had at least one malicious app installed.
  • Roughly 70% of online fraud now happens through mobile platforms.
  • Nearly 19% of devices lacked any form of security lock during Q3 2024.

You cannot rely on employees to secure their own smartphones. It’s good practice for towns and cities to:

  • Issue municipal-owned smartphones with security controls overseen by IT professionals.
  • Limit access to data on personal devices.
  • Enforce Mobile Device Management (MDM) policies that help your IT team control and secure smartphones and tablets used for work.

Common Questions About Information Security Risks at Municipalities

What are the most overlooked cybersecurity risks for municipalities?

Printers, copiers, wireless routers, unauthorized software, mobile devices, and employees susceptible to social engineering.

Why are printers and copiers a security risk?

They store and transmit sensitive data while connected to your internet-facing network. As a result, cybercriminals can hacked printers and copiers if they’re not properly secured.

How can municipalities prevent social engineering attacks?

Security awareness training is an absolute must. Implement strict verification policies about giving out sensitive or confidential information, and train staff regularly about phishing, social engineering, and common cyberattacks.

TL;DR

Municipalities often secure servers and computers but overlook other vulnerable entry points for cyberattackers. This article highlights five common information security risks:

  1. Printers and Copiers: Hackers can exploit these devices to access sensitive data.
  2. Wireless Routers: Misconfigured routers create major security holes.
  3. Social Engineering Over the Phone: Cybercriminals who trick your employees can bypass even the best tech defenses.
  4. Unauthorized Software: Employee-installed apps can introduce malware.
  5. Mobile Devices: Smartphones are a growing source of digital fraud.

Overlooked devices and entry points can create serious security gaps for municipalities. By addressing the five risks above, you can strengthen your overall cybersecurity and protect sensitive data.

Need help securing your municipality’s IT environment? Contact us today.

This post was originally published on September 18, 2019 and updated on November 26, 2025.

 
Nov 26, 2025

Tim McCausland

Let's talk about how VC3 can help you AIM higher.