Police departments must ensure the physical safety of citizens as well as the data integrity of their personal information. Below are five ways for police departments to beef up security and avoid data breaches.
Create a Security Plan
Regardless of the organization’s size, there should be a comprehensive security plan in place. This ensures that personnel will understand regulations and follow protocols. Be sure to require that all employees successfully complete an annual security refresher course, such as through a webinars or online training module. It will also help management successfully respond to and resolve IT emergencies. Security plans should be customized to fit the needs of every organization. There are many security plan ideas and templates available online.
Everybody knows that IT security is important, but many do not realize the consequences of poor security practices. Even a momentary data breach could result in hundreds of thousands of confidential client and crime information being stolen. While user training will raise awareness and increase user efficiency, it should also improve decision making and critical thinking skills. This should involve realistic scenarios that require participants to evaluate facts and make decisions. If possible, use documented case studies of data breaches in other police departments.
Perform Regular Network Scans
Network scans will identify potential intruders and remove harmful malware. They also allow IT administrators to compare regular network activity against abnormal actions, such as files suddenly missing or rogue software suddenly appearing. There are many affordable security programs available for IT administrators to install on networks and computers, such as AVG Anti-Virus and Malwarebytes. IT administrators should disable users from tampering with installed security programs.
Monitor Network Traffic
Malware and viruses are becoming so sophisticated that some avoid detection by security programs. In order to limit exposure, IT administrators should monitor outbound network traffic. When the amount of traffic deviates from normal usage or the number of outbound connections spikes, IT administrators will immediately notice. There are advanced security programs to monitor this, but visually confirming network traffic will prevent sensitive information from being accessed or stolen. Be sure to benchmark and document normal operating statistics.
Disable User Accounts
Whenever any employee with access to confidential files leaves, IT administrators must promptly disable the user’s account. This may be difficult if the employee’s email address is the primary contact point for certain services, such as records requests or mileage reimbursements. When IT administrators establish a general email account for every specific function, they will be able to easily add or delete users off of the email account.
Finally, IT administrators must regularly examine security logs, such as the daily Windows server security log to see if there are any logon failures because of incorrect passwords or user names.