Case Study: Efficient Monitoring of an Municipal IT Landscape
Security instead of flying blind: The IT team of a major city relies on IT monitoring for prevention and brings the attack surface under control with regular vulnerability analyses.
Background
The IT managers of a large city in Hesse with over 1,000 employees felt the same way as many other administrators in government agencies and public institutions. They did their job well and did their best to make everything secure. But whether that was enough, they didn't know. One of the reasons was that there was no outside view. There was no reliable information about the IT security performance of service providers, such as web server operators. As a result, many vulnerabilities went undetected and the IT security situation remained in the dark. To change this, the admin team now ensures transparency with IT monitoring of the externally accessible IT infrastructure - and can immediately report initial successes.
Solution
The first LocateRisk analysis report was a painful surprise. "Actually, we were sure," says the deputy IT manager. The result was already a pinprick, he says. But it was also the impetus to discover the reasons. The first step was to inform the hosting provider of the city's main domain about a security-critical finding. The latter was grateful and optimized immediately, which made the second analysis look much better. The situation was similar with the colleagues. Thanks to the reports, individual vulnerabilities, for example in the application area or with regard to dreaded shadow IT, could be specifically addressed and optimized.
The city's political decision-makers were particularly impressed by the objective view of IT and the professional preparation of the data. In order to keep the situation permanently under control, the analyses are now regularly carried out as IT monitoring. To ensure that the volume of identified weak points does not overload the team, the management divides the result into small tasks and distributes them to the appropriate server maintainers for optimization.
Result
The IT risk assessments from an external perspective are adopted as a building block in the city's IT security concept. The IT team uses the results as a sporting challenge to get better and therefore more secure with every scan. Of course, everyone is aware that there is no such thing as one hundred percent security. But with each new score, motivation also increases. In addition, the reports are used as proof to third parties, such as cyber insurance companies. Users rate the SaaS platform as particularly helpful in the daily work process. "The user-friendly interface across all levels, from servers to vulnerabilities to recommended actions, speeds up work and is a real added value."
More on the Topic
More IT Security for Municipalities: Automated Support for IT Managers
Request your personal Live-Demo now
Identify and reduce your cyber risks through a comparable and understandable overview of your IT security. Let our experts advise you and find out how LocateRisk can help you solve your cyber risks.