8 Cybersecurity Tips for Police Departments

Tags: , ,

How much can your police department afford to pay in ransom? Unfortunately, that question has become more prevalent in recent years as hackers have increasingly targeted police stations with ransomware and other cyberattacks. It’s more important than ever to ensure you’re doing your cybersecurity due diligence.

Basic Cybersecurity Practices

To help protect not only your departmental finances, your records systems and critical body cameras and in-car video evidence, you should follow these top police department cybersecurity practices.

Lead with Antivirus

A solid antivirus software is where you begin. It’s an obvious first start, but many agencies let licenses lapse or never verify that the software works in the first place.

Look for antivirus programs such as Webroot antivirus software for good protection that is relatively cheap.

Train Officers on Emails

At this point, email scams should be a no-brainer. However, most ransomware attacks come from someone clicking the wrong link.

Training your officers in email phishing attacks can be incredibly helpful in how they interact with their digital space. KnowBe4 has phishing security tests that you can run on your department.

Utilize Password Managers

Gone are the days of hackers digging through the trash looking for usernames and passwords. These days, hackers run sophisticated algorithms that can plug millions of password attempts in just a few seconds.

This means that the simpler the password, and the more you reuse it, the easier it is to crack. For example, a nine-character password can be cracked in a couple minutes, while a 13-character password can take decades.

For that reason, a password manager is the best option. Managers like LastPass can give long, complicated passwords with easy access from a web browser.

Look for Multifactor Authentication

Thumbprints, PIN numbers, passcodes: It’s good practice to implement multifactor authentication whenever you can. This secondary security measure can greatly improve your police department cybersecurity wall.

Consider Mobile Device Management

Officers will have their smartphones with them. Any hacker worth his salt will know this. As a department, you want officers to have access to their personal lives, but you don’t want the window opened for cybercrime.

Because of this, create a Bring-Your-Own-Device (BYOD) policy. This is normal practice for many corporations around the world who want to offer flexibility to employees while keeping company data on lockdown.

Always Encrypt WiFi

An open WiFi channel is one of the easiest ways for cybercriminals to get into your agency’s data and digital video evidence. Therefore, ensure your WiFi network has encryption. You can find this in the network settings of your system.

Likewise, consider the physical side too. You may want to physically secure wireless access points to protect from tampering.

Explore the Principle of Least Privilege

What’s the least amount of access to network data that you need to get your job done? That is the principle of least privilege, and it makes sure that, if an officer is hacked, he or she has limited access to data. This is maintained at the user-account level on networks.

Back Up Everything

Finally, redundancy is critical. If you get hacked and you have solid backups, ignore the ransom demand, and reset your system from the backup drive.

The thing about backups is that you must test them. And test them. And test them again. You never want to be in a situation (cyberattack or otherwise) and find out the backups you thought you had don’t work.

Read: 5 Reasons Why Officers Should Categorize Events on Body Cameras

Cyberthreats Against Police

In an ideal world, police agencies would have the most up-to-date technology with the strongest defenses against cybercriminals. However, many departments are years behind in technology, trying to catch up to the consumer level on a shoestring budget.

But until then, following these basic police cybersecurity practices will help protect your hard-earned data.

Contact us to learn more about cybersecurity and digital video evidence.