Protect the Public’s Information – and Your Own!

In the time it takes you to read this column, the County will block more than 500 incoming emails because they look like either spam or a more dangerous threat.

That adds up to millions – millions! – of attempts to get past our filters every month.

Much of the County’s business is about protecting the public. That includes protecting their information. This is not just a job for IT staff. It’s critical that each of us takes the steps needed to keep that information safe.

I also don’t want to see any of you personally ever fall victim to identity theft or scams. A lot of what I’m saying here about protecting our customers applies just as much to safeguarding your personal information. I hope you’ll be just as vigilant with both.

Even though the vast majority of spam email coming into the County gets blocked, some potentially harmful ones get through. I get them, and you probably have, too. Here’s an example:

Your e-mail ID exceeded its storage limit.  Click Here to Unblock and click on Submit to get more space or you won’t be able to send mail.

They ask you to click on something, or open an attachment. That’s all a hacker needs to get into our system and start to steal private information.

These emails have gotten more and more sophisticated. They’re no longer from a prince overseas promising to make you rich. Fraudsters are now able to make mails look as if they’re from County employees, even people you know. The messages sound like something they’d say. 

Especially dangerous are “phishing” emails. These ask for sensitive information like a password. Provide that, and you’ve just thrown the door open to thieves.

These are just a few examples of threats to our information. Protecting data has become one of the modern world’s biggest challenges. Security breaches at major companies or government agencies are now almost routine. The recent hack of credit reporting agency Equifax was just one of the latest. 

So, while we continue to fight this battle behind the scenes, we need everyone on the front line at the County to step up our guard. I’m raising the issue with all of you here, but we’re also introducing a set of three short trainings in the LMS that cover aspects of protecting private information. I strongly encourage you to take them. Technology will help us, but our security will depend on your understanding the risks and learning how to spot trouble. 

I won’t go into all the details, but the three topics are:

Privacy and Security. This covers the general concept of privacy rules about what we can share and security rules to keep it safe. This is not just digital. It includes things like leaving sensitive documents sitting on a copier. Or speaking about private matters in a way that could be overheard.

Mobile Devices. A smartphone is a little computer, and it is just as vulnerable to being hacked. The training’s tips include things to look for when downloading apps or when connecting to Wi-Fi, as well as settings you should disable when they’re not being used. 

Spam and Phishing. I mentioned these already, but there’s more to know. Like what to do if you get one of these mails. Don’t forward it to IT staff, or anyone else. Do send it, as an attachment, to spam@sdcounty.ca.gov. Then delete it. The training explains how to make it an attachment, if you’re not sure. We’ve also added a section on InSite’s Technology page as a quick reference.    

And about those phishing mails. Our Help Desk, or any legitimate organization, like major banks, will not ask for you to send password information in a mail. That’s an immediate red flag.

Millions of Americans are victims of identity theft each year. If it happens to you, remember that our Employee Assistance Program can help. Specialists can walk you through steps to resolve a case.

Living safely. That’s one of the three strategic initiatives that drive everything we do. It goes as much for information security as it does for any of the other ways we protect people. And as with any safety issue, the key is staying alert and informed. Think before you click!

 

Recent InTouch columns

Here's to Employees in the Hep A Fight

Sorrow and Solidarity in the Face of Tragedy

Nature at Its Worst, People at Their Best

All InTouch columns