Monday, February 6, 2012

Keep Your Department (And Personal) Data Safe

It has been in the news a great deal lately about criminal hacker groups, such as Anonymous, penetrating the safeguards of the internal networks such as the most recent attack on the Boston PD.  When this occurs they are sometimes just disruptive and reroute web-traffic to an alternative website.  But sometimes, they are able to capture a significant haul of operational and personal information on the agency’s operations and officers.

Stop to think about what types of information you currently have on your work computer, then take a moment to think about what types of information various other members of your department might have on their computers.  If your network and computers were hacked, the information available to be downloaded would include duty rosters with officers’ names, home addresses and personal phone numbers, training bulletins, policy manuals, crime and incident reports, internal memos, and photos of evidence and crime scenes.

Stop to think again about the personal information you might have on your work computer.  Some Arizona State Police Officers had various personal information stolen from them last year in a hacker attack.  Some of the information included family photos, voice mail sound files, video clips, and personal letters.  One officer even had copies of his income taxes, meaning the hackers now have all of the necessary information to steal his identity.

A great deal of the information being collected during these hacks on police departments is being placed on the web, where it can be found and downloaded by virtually anyone.  And once information is on the internet, it is virtually impossible to remove all traces of it.

Sadly, the majority of the personal and sensitive information being collected during these hacking attacks could have been avoided if the officers and departments were following adequate measures to secure their data.

How can you help keep data safe:

  1. Personal information is for your personal home!  The network of your department is at a significantly greater risk of being hacked than your home network, so keep your private information at home.
  2. Keep classified personnel information off of the server!  Yes, your employer needs to have your address, social security number, and possibly even your banking information.  However, it should not be stored on the server where it can easily be accessed.  If it is on the server, it should definitely be password protected.
  3. Use a good password!  Hackers infiltrate through simplistic passwords such as the name of the town, last name, pet's name, or even 12345.  A computer program can easily hack these simple passwords in a matter of hours.  Choose a password that is difficult to break, by utilizing numbers and symbols.
  4. Think of your work computer and server like a newspaper.  Don't put anything on it that you wouldn't want anyone else to be able to read. 
Government agency networks are a prime target for hacker groups.  It allows them to disrupt the government while promoting their political agenda, often at the expense of the people whose information they collect.  Be sure to follow adequate measures to keep both your personal and your departmental data safe!

No comments:

Post a Comment