Standardization & Automation
Our database administrators placed a strong emphasis on standardizing core IT services like databases technologies and identity management as a strategic asset to reduce costs and improve efficiency. Enhanced automated provisioning/de-provisioning capabilities to additional directories to reduce costs and enhance security. The identity management system has already provisioned over 14,000 accounts in the first eight months of 2011.
Leverage Data Sources for Collaboration
We continue to add additional data sources from across our enterprise systems and leverage data warehouse technology which results in faster, more efficient analysis and reporting. Increased collaboration between the city and external agencies allows us to provide better service and faster, secure exchange of data through partnerships and CRM technologies.
System Integration
We have integrated the human resource identity system with the Voice Over Internet Protocol (VOIP) system to allow easy and efficient update of phone numbers to the enterprise corporate directory. The city is embracing Web Application Firewall technologies to mitigate risks of web application attacks and provide another layer of security. Our directories are now using virtual directory technology to achieve a single source of truth for user identities and have the ability to provide a single interface for aggregated information from multiple directories.
Growth of IT Security Team Responsibilities
Our IT team continues to accelerate tactical capabilities, assume greater responsibility, and grow its expertise. It has extended its reach into operational areas such as maintaining the City’s enterprise web filter and anti-virus product administration. Existing IT Security processes were migrated from other areas and formalized and improved, such as the administration of digital SSL certificates, management of the anti-virus product, and the automated processing of employee web site unblock requests.
Endpoint Security Enhanced
A Host Intrusion Prevention (HIPS) product was added to the suite of endpoint (i.e., desktop and laptop) products, which includes anti-virus and anti-spyware. HIPS blocks suspicious applications and the product has been a extremely effective solution. Similarly, the City’s first enterprise laptop encryption deployment is in the planning stages and will be deployed to City laptops to mitigate the risk of disclosure of confidential information due to lost or stolen laptop computers.
Cyber Security Awareness & Training Program Launched
In 2011 the City’s nascent Cyber Security Awareness and Training program was expanded beyond DoIT to other departments and agencies. The program has been branded “CSAT” and educational materials such as mouse pads and posters are distributed to promote the program and key cyber security tips. This is the first time City employees have been exposed to cyber security training. There are two components: A one (1) hour in-person orientation session covering City of Boston IT Security policies and practical user information on recognizing phishing emails, choosing strong passwords, locking the desktop, and responsible web surfing; and a web based self-paced training (two to three hours).
Risk Assessments
Three (3) IT security related assessments were conducted in the past year. Firstly, as a key government participant in the DHS funded Regional Catastrophic Planning Team (RCPT) the infrastructure team leaders (network, security, etc.) were interviewed and a resulting risk assessment was conducted by a third party as part of the DHS grant. Secondly, DoIT engaged an independent third party to conduct a network security assessment to evaluate the security of the CoB public facing network. Finally, the IT Security Team conducted the first ever enterprise Risk Assessment based on the NIST standard. This involved mining asset inventory data, interviewing several dozen DoIT employees (including the CIO) on their perception of the quality of our IT processes and procedures, and then leveraging threat and vulnerability information in the RiskWatch software to crunch the numbers to rank the cost/benefit of various risk mitigations not sufficiently employed by the City.
Threat and Vulnerability Identification
Threat and Vulnerability identification is an important area that is being emphasized. The City’s first vulnerability scanner was acquired in July 2011 and will be used to scan servers for system security vulnerabilities across the enterprise. The SIEM (Security Incident and Event Monitor) acquired in 2010 is being leveraged in new ways, such as the recurring generation of reports that correlate events from different log files to flag possible security incidents, such as brute force attacks on user IDs and suspicious transfers of large files out of our network.
Initiatives by Category
- Governance, Management & Funding
- Finance, Administration & Human Resource Management, Licensing & Permitting
- Public Safety & Emergency Management
- Health, Social & Human Services
- Citizen Engagement, Open Gov & Online Services
- Innovation
- Jurisdictional Differentiator
Initiatives by Work Unit
- Privacy & Security
- @ 2012 City of Boston. All rights reserved.
