Skip to content
Close
Contact Sales
Contact Sales
VC3 is the bar

We Make IT Easy

With VC3, it’s never license this, per hour that. Instead, it’s good people. Good people who work tirelessly .

Learn More
"VC3 has made it easier than ever before for our local government to serve our citizens by providing us with modern web tools and a team
of talented and courteous professionals.
City of Valdosta, GA
Get out of the IT trenches

Municipalities

VC3 has spent the last 29 years making IT
personal, making IT easy, and getting IT
right for over 1,100 municipalities.

Learn More

Municipal League Partnerships

VC3 is the IT partner that focuses on municipalities. We understand your budgeting cycles and critical
concerns.
Our Partners

Find All the Resources You Need

Our resources & insights includes case studies, client testimonials, guides, checklists, blog articles and more!

 

All Resources
Get Started
3 min read

Information Security: A Serious Mission Where Your City Can’t Fail

Subscribe

Obviously, private businesses must secure information for many reasons: establishing trust for customers, protecting against lawsuits, and following regulations. And, with some exceptions (such as Equifax), businesses usually operate with information that customers have agreed to hand over.

Cities operate quite differently. They are part of the fabric of our country. And citizens are required to interact with cities if they want to live somewhere.

That means you are given sensitive and confidential information to protect. Yet, cities still fail to protect electronic information appropriately—leaving that information open to hackers, risking stolen information, and increasing the chance of permanent data loss.

Let’s take a tour through a typical city’s information and analyze why it’s so important to protect.

1. City records

The records you must retain for specific periods of time vary depending on the information. Employee accident reports will differ from visitor logs. Business licenses will differ from meeting minutes. Plus, different city records will vary in confidentiality and sensitivity, leading to different processes related to releasing those records in case of Open Records Requests.

While a city can often retain and eventually find records if sought, instances of chaos occur when records are hard to find or remain paper-based. Best practices for securing city records include:

  • Creating authorization policies that only allow specific people to edit or delete city records.
  • Protecting access to the overall document management system with a strong password policy and other security features.
  • Keeping the document management system software patched and updated.
  • Ensuring that files are encrypted and protected, as needed.
  • Tracking all document interactions and changes while creating an audit trail (which is especially useful for compliance or legal issues).

At the most foundational level, these security tips will help you protect city records along with other specialized information.

2. Financial information

Your city’s financial information includes all operational finances, tax information, and online payment information. Over the past few years, we’ve seen cities relentlessly targeted for their financial information—with hackers seeking to take over bank accounts, steal money, and sell financial data on the black market. Preventing threats to your financial data requires information security strategies such as:

  • Replacing older software that is unsupported by the original vendor and lacks up-to-date security patches.
  • Shoring up any security vulnerabilities related to financial system access—from weak passwords to misconfigured servers.
  • Training employees about phishing, social engineering, and scamming techniques that hackers use to acquire financial information.

3. Personnel information

There’s a reason why city council meetings keep personnel discussions confidential. Many extremely sensitive details are included with personnel information such as personal history, background checks, tests (such as drug tests), healthcare, and work performance. Similar to points made above, you need to protect that information with special care. Information security is especially important here because you are legally required to protect personnel details.

4. Personally identifiable information (PII)

PII includes information such as a person’s name, physical address, email address, race, sex, date of birth, social security number, driver's license number, and other personal details. This recorded information, in paper or digital form, is used by individuals to identify themselves when conducting transactions with entities.

Not protecting this information leaves it open for theft by hackers, and this information is used and sold to commit identity theft. There is risk and liability in maintaining PII, so confirm if you need to keep it and securely purge what PII you don’t need to keep. To protect the PII you do keep:

  • Secure access and encrypt it.
  • Don’t put PII on a laptop or portable device.
  • Identify and address any security vulnerabilities related to PII.
  • Follow state records retention schedules.
  • Destroy expired PII.
  • Notify appropriate personnel in the event of an incident.

5. Public safety information

Public safety departments need to keep information secure with modernized technology, up-to-date software (that receives regular security patches), and proactive monitoring and alerting of your technology systems for issues. Otherwise, your lack of information security risks exposing sensitive case and investigation data to a hacking incident that may lead to severe financial, legal, and operational repercussions.

As stewards of important citizen and city business information, cities need to treat electronic information just as they would treat valuables locked up in a vault or locking the doors of buildings. How secure is your information? If you have concerns, reach out to us today.

Original Date: 7/10/2019
Jul 10, 2019

Tim McCausland

Let's talk about how VC3 can help you AIM higher.