Security creeps into municipal consciousness
- By Dibya Sarkar
- Aug 06, 2001
While federal and state governments appear to be making great strides in Internet security, the issue is somewhat murkier in municipal governments, school districts and other local jurisdictions.
In the cyberwar of sorts by Chinese and American hackers a few months ago, a number of city, town and school district Web sites were defaced. Dale Bowen, director of online services for Public Technology Inc., said the incidents have raised security awareness among local public-sector groups, but he didn't know to what extent.
Bowen said he tried discussing security issues on e-mail lists during the time the sites were being defaced, but he didn't get much feedback.
"Honestly, when I post these kinds of things, they say, "Ooh, this is interesting. Thank you.' There's not a lot of discussion around it," he said.
However, several municipal officials say security concerns are creeping into the community's consciousness thanks to the advent of e-government.
"From what I've seen, the sensitivity by [information technology] directors in municipalities to appropriate network/ application security is on the radar screen," said David Jordan, chief security officer for Arlington County, Va. "Is it at the right level in all municipalities? Clearly, it will depend on the e-gov maturation process of each locality."
Jordan credited Arlington's chief information officer, Jack Belcher, for having the vision to create the county's chief security officer position. "It's abundantly clear to the county leadership that for e-gov to succeed the residents must be comfortable with transacting business with the county over the Internet," Jordan said.
In Tucson, Ariz., Operations Administrator Carl Drescher said the city has a full-time staffer whose job is to make sure Internet access is secure. The staffer monitors the city's Web site and evaluates security measures. City officials have established security policies and taught employees howto follow them.
Drescher said they conducted un.announced penetration tests last fall. Ten to 15 minutes after starting, several agency administrators responded properly.
For the past year, the Innovation Groups, a Tampa, Fla.-based nonprofit association with about 500 municipal members, has worked with 80 municipalities to develop e-government strategic plans that include security and privacy, said Vice President Mike Freeman.
The association also conducts workshops devoted to the technical and political issues of security and privacy, Freeman said, adding that many members are savvy about the issue but need further resources and assistance to help them understand where they are vulnerable and how they can bolster their defenses.