School Websites and Municipal Websites Are Prime Targets for Hackers

Security is a priority in every 360Civic RFP response. We know hackers target public entities, and have developed simple but effective tools to repel attacks, from two-form identification using mobile phones and email, to hardening contact management systems from attacks.

That said, there are also ways for any public sector entity to minimize the possibility of a security breach – and no IT experience is required.

Here are some common sense ideas on how to better protect your site and your data.

Complex Passwords: The Easiest Public Sector Website Protection

It doesn’t get more basic than this. The stronger the password, the less likely it will be uncovered. Yes, that means using one of those annoying pain-in-the-backside combinations of upper and lower case letters and numbers – the kind of alphabet soup that’s not as easily recalled as your first pet’s name followed by 1,2,3.

If you really don’t want to go that way, another option is to use a sentence you can remember as a password, such as “Donnaismybestfriend” or “IlovetheLosAngelesDodgers.” Then, to add an extra layer of security, replace any one letter in that sentence with a number. In the first example, you could replace the two ‘i’s with the number 8.

These precautions pertain not just to the passwords that public sector personnel use to access the website – the same measures should be taken by these employees on their home computers, tablets and cell phones. If one of these is breached, it could provide enough access to damage the public sector site as well.

Security Patches

Have they been updated? If they are not, that’s an invitation to trouble. Also make certain that your other security policies are being followed, especially with new hires.

Encourage Positive Online Security Habits From Municipal Website, School, Website Staff

We all know (or at least were told once) not to open emails from unknown senders, or click on links that might be suspicious, or download attachments from unfamiliar accounts. But people still do it, every day. These are lessons that should be reinforced often.

Trusted Partners

Your security is only as reliable as the proficiency of the vendor that created your website, as well as any third-party organizations with access to your network (partners, hosts). When outsourcing is necessary it should be preceded by (to coin a presidential phrase) extreme vetting. Make sure these agencies enforce multifactor authentication, require unique credentials for each customer and offer a comprehensive audit trail of all remote-access activity.

Questions About Public Sector Website Security? Contact us

Ron Zayas

CEO

Ron Zayas is an online privacy expert, speaker, author, and CEO of 360Civic, a provider of online protection to law enforcement, judicial officers, and social workers. For more insight into onli... Read more

Why Your Online Privacy Will Always Be Our Top Priority
The Onerep Betrayal: And Why Your Privacy Will Always Be Our Top Priority
Earlier this month, it was revealed that an alleged privacy protection provider called Onerep was playing fast and loose with the personal information of its clients.
Read More
""
It’s Not Too Late To Restore Your Online Privacy
There’s an old saying that you can’t put toothpaste back in the tube. It simply means that some actions, once taken, can't be undone.
Read More
""
America is Number One!... in Ransomware Attacks
Data breaches and ransomware attacks are a global threat – but a recent report revealed that American organizations are a favorite target.
Read More

Stay up to date with online privacy best practices and news

Signup for our free IronWall360 newsletter