Best Security Project 2016
And the winner is... Kent County.
The Best IT Security Project Award is given to the government agency that develops creative solutions for Information Technology Security, recognizing the ever present threat to our infrastructure while demonstrating technology’s role as a vital player in improving organizational security. This year’s winner is the Kent County Information Technology Department for its multi piece approach in fighting their recent challenges with ransomware infections. As ransomware attacks moved beyond individual user hard drives to numerous attacks on its network drives, the IT department needed effective, cost effective ways to mitigate or avoid the attacks. Their solution began first with a Powershell script written by one of the department’s security desk technicians. The script monitors individual file writes to file servers from each PC. If a set threshold is exceeded, the staff is alerted and the application doing the writes is terminated thus reducing recovery times for when infections do occur. The second piece consisted of implementing deep packet filtering, a capability from their WebSense appliance, as an extension of Kent County’s web filtering. Instead of just reacting to the categorization of the website, the appliance examines the actual content of what is being downloaded. Parameters are set up to reject malware downloads which has made a significant dent in the number of ransomware attacks experienced earlier this year. Current attacks usually only occur on PCs where the capability hasn’t yet been rolled out to or when a PC is connected to some other network than Kent County’s and their anti-virus software doesn’t recognize the variant.
The final piece is on-going user education. The IT department began working with the county’s Communications Director and periodically send out security newsletters to county employees . The newsletters focus on current security issues and the number of newsletters increased as the number of ransomware attacks increased. All three pieces plus a substantial amount of staff time to coordinate the effort and perform individual tasks have worked together to significantly reduce disruption to Kent County’s customer base and increase available staff time which would otherwise have been spent fighting infections one by one.