10 tips to better protect your municipality from cybercriminals

Use these best practices to strengthen your cybersecurity action plan and help ensure your municipality isn’t the next cybercrime victim

Today’s tech-savvy world may seem to make life a whole lot easier, but for some, that can change in a split second. Cybercrimes have become a reoccurring issue for municipalities both small and large, and as technology continues to grow and develop, you can guarantee that new cybercrime tactics will follow suit.

Earlier this year, the city of Baltimore’s servers were breached causing the city’s emails, a credit card payment system and real estate transactions to come to a halt. To make matters worse, the hackers demanded 13 bitcoins, roughly equivalent to a hefty $100,000 today, to get things back up and running. Although the ransom wasn’t paid, the city’s budget office estimated $18 million in recovery costs.

Municipalities collect and store highly confidential information for their community members, making them perfect victims for cybercriminals. How can you best outsmart these hackers? Education and communication. The more informed your community members are of cybercriminals and their tactics, the harder it will be for these hackers to infiltrate. A great first step is to understand and communicate common red flags:

4 TIPS TO IDENTIFY PHISHING EMAILS

• Unknown email sender
• Email requests personal or financial information
• Email wants the recipient to respond immediately or makes an urgent request for information (lookout for upsetting or exciting statements asking you to act fast)
• Emails wanting the recipient to open an attachment or click a link unexpectedly (hover the mouse over the link to see what website appears)

These are just a few red flags to look out for, but as time goes on, new cybercrime tactics will surely develop. Stay informed of new strategies and keep your team in the loop. As you continue to perform your everyday functions keep these cybersecurity tips top-of-mind:

10 CYBERSECURITY TIPS TO SAFEGUARD SENSITIVE DATA

1. Keep only what you need. Reduce the amount of collected and stored information to what is absolutely necessary.
2. Safeguard data. Lock physical records in a secure location and restrict access to employees who need to retrieve this private data.
3. Destroy before disposal. Before disposal, shred paper files of private information and destroy CDs, DVDs and other portable media.
4. Update procedures. Refrain from using Social Security numbers as employee IDs or client account numbers.
5. Train employees. Educate employees on what information is sensitive and their responsibilities for protecting the data. A written policy on privacy and data security should be established and communicated to all.
6. Control computer use. Employee use of computers should be strictly used for business. Consider blocking access to certain sites and unapproved software.
7. Secure all computers. Never leave laptops and computers unattended and enforce password protection calling for re-logon after a period of inactivity.
8. Keep security software up-to-date. Security patches for computers should remain up-to-date and default settings should be applied on new servers.
9. Encrypt data transmission. Consider data encryptions and try to avoid using Wi-Fi networks as they can allow for data interception.
10. Manage portable media usage. DVDs, CDs and flash drives can be lost or stolen. If storing sensitive data on laptops, consider encrypting them.

One cyberbreach can not only cost your municipality millions, but it can also lead to a disruption of operations and a loss of community trust. Don’t take the risk; establish a formal action plan using the above tips to better protect your community members, finances and reputation.