Be Your Own Hero: How to navigate the journey through cyber security

Imagine you’re at your desk receipting utility payments, answering phones and helping customers. It’s Friday and you’re cruising toward the weekend. With your day already half over, you leave for lunch with a smile. But when you return something is amiss.

You log back into your workstation and the screen flickers with static. A sinister winky-face emoji slowly emerges. Beneath it a “Donate Now” button flashes insistently.

You click around. Try to restart. But your entire system is locked. All you can do is click the Donate button. When you do, horns erupt from the emoji’s forehead and an evil laugh bursts from your speakers.

“Muahahahahahaha” echoes through the office.

Your system has been hijacked. And worst of all, your data is being held for ransom by a clever cyber-criminal.

Call to Adventure

While this scenario is completely embellished, targeted ransomware attacks against small cities are becoming a disturbingly common occurrence. Cities have very little choice but to pay data ransoms and hackers know it.

That’s why now more than ever it’s important to protect your entity and customers against cyber attacks before they happen.

Trials and Magical Mentors

Embarking on this journey means facing many challenges. Financial hurdles, a potential lack of personnel, mountains of research—it’s all so overwhelming! While it might feel that way, the effort is worth it. You don’t want your shield to melt when you meet the dragon face-to-face. But the only way to reach the volcano is one step at a time. Luckily, there are plenty of wizards to guide you on your journey as well as equip you with the tools you need to succeed.

Ultimate Treasure

Undoubtedly, a robust cyber security system is worth its weight in gold. It takes time to amass that kind of wealth, but there are a few simple steps you can take to get there:

1. Update your operating system.

Once an operating system is no longer supported, it becomes increasingly easy for hackers to exploit. Don’t leave yourself open to attack out of loyalty to—or familiarity with—outdated software.

2. Keep your software up-to-date.

Software companies release regular security patches as exploits are found. Programs like Windows Server Update Services (WSUS) can also be set up to run automatically. This lets you plug new security holes and keep your hands free at the same time.

3. Set up regular, reliable off-site backups.

Restoring your system from backups stored on separate cloud servers is the quickest way to recover from a hostage situation with minimal damage. Best of all, affordable cloud-based backup solutions can start at as little as $100 a month.

4. Password protocols.

Many passwords are overly simple and never get updated—even with office turnover! It’s paramount that passwords are changed regularly and constructed from multiple character combinations (letters, numbers, and symbols). Passwords should also contain a MINIMUM of four words.

You can also minimize security risks by keeping admin and user login information separate. We also recommend setting up multi-factor authentication for additional security.

Most importantly, all of this should be documented as a written policy for employees to follow.

5. Install antivirus software.

There are many reasonably priced options to get you started. Windows Defender comes with all Windows operating systems and should be sufficient for small cities and businesses. There are many centrally managed subscription solutions available as well.

Homeward Bound

Once the basics are implemented, things get easier, but you’re not back in the Shire yet, Frodo. This journey is never-ending. It’s important that password policies are enforced and employees are trained to spot suspicious emails. Be sure a firewall is not only installed, but carefully calibrated to limit access to your network.

Many of these tasks can be outsourced to third-party vendors, known as Managed Service Providers (MSP), for a reasonable price if you have no IT personnel. However, it is important that all third-party security solutions be independently verified to ensure THEY are secure. Some of the biggest data breaches  have been traced back to vulnerable MSPs.


As your system becomes more secure, the less you’ll have to worry about. Well informed employees and coworkers keep customers happy. And most importantly, cyber security protocols keeps everyone’s data safe. So treat your office like a castle. Build those ramparts to the sky and keep the dragons at bay! Start your cyber security journey today.

Share This Post:

This entry was posted in Best Practices, BMS Tech Tips, City Clerk Cafe, Cloud Computing, Latest News, Small Cities, Technology. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Both comments and trackbacks are currently closed.