James Bindseil 20 January 2015

IT security in local government

IT security in local government image

In recent years, the number of government data breaches, and increasing threats to public sector data, has forced local authorities to focus a lot more on compliance than previously.

While many understand the necessity of laws such as the Data Protection Act, ensuring compliance in a growing regulatory environment is becoming more complex. Employees are more regularly being expected to follow time consuming compliance protocols while carrying out the same day-to-day role that has always been expected of them.

According to a Ponemon report on data breaches, just one breach can cost an average of £3.6m. This significant cost demonstrates why the public sector is right to be concerned.

Local government especially will hold significant amounts of sensitive data, making the cost of a breach even greater. Investment in effective security regimes, combined with efforts to bridge the gap between IT and frontline staff is essential. The key to this in my view is providing user friendly technology combined with education throughout local government.

User friendly technology

Expectations around information sharing have transformed dramatically in the past couple of years. Local government is under immense pressure to deliver a high level of service, often to more and more people with fewer resources.

When compliance procedures and technology at the employees disposal are not user friendly, the overbearing strain on time forces staff to choose the path of least resistance, which often means foregoing established security protocols for more convenient and familiar options, including unsecured, personal email, mobile devices, and third-party file sharing sites like Dropbox.

IT cannot (and should not) prevent public sector professionals from providing an excellent service, but it is their responsibility to ensure the privacy of every member of the public whose data they hold. Most third-party tools present major risks, but can local authorities really blame employees for using them if they do not have a better means to move and access information?

It is the responsibility of IT departments and the leaders of organisations to equip staff with an effective means to move and access information securely. These tools must meet regulatory requirements, especially with regards to data protection, but most importantly, they need to meet the needs of the frontline staff that will be using them. If tools are easy to use, do not take up too much time and employees understand the necessity of sticking to them, procedures are much more likely to be followed.


A portion of ensuring compliance is putting some level of responsibility in the hands of all employees. Throughout local government, staff must be made aware of what constitutes unsafe behaviour. With the majority of data breaches resulting from internal error, this is particularly critical. Courses in compliance and privacy are required in many parts of local government, but technology is constantly evolving and, as a result regular communications about safe IT practices are becoming ever more important.

Critically, education about compliance and security should be paired with useful information about maximising productivity whilst remaining compliant. Collaboration between IT and employees using systems to make sure tools are most appropriate for their day-to-day circumstances will see strong results.

Unfortunately we live in an age where threats do exist, and government data remains to be a top target for cybercriminals. Greater focus on compliance in order to reduce the impact of a breach will naturally bring about challenges to day-to-day productivity, however, compliance protocols must not be allowed to limit employees, especially in local government, where resources are more often restricted.

James Bindseil is Globalscape president and CEO.

Supporting the most vulnerable in Herts image

Supporting the most vulnerable in Herts

Hertfordshire CC is investing £9.6m to support its most vulnerable residents in overcoming the repercussions of the pandemic. Scott Crudgington explains why the council is determined to remain ‘a county of opportunity’ for all.
For your free daily news bulletin
Highways jobs

People Technology / HRIS Analyst

Essex County Council
Up to £42174 per annum
The Opportunity The People Technology / HRIS Analyst will be responsible for supporting the ongoing management of people-based technology including England, Essex, Chelmsford
Recuriter: Essex County Council

Principal Energy Engineer

Surrey County Council
£45,734 - £51,725 per annum
Do you have experience in working with delivering carbon reduction measures into a range of building projects? Surrey
Recuriter: Surrey County Council

Wellbeing and Independence Practitioner - Safeguarding

Essex County Council
£27203 - £31370 per annum
Please note, this role is a Fixed Term Contract until the end of March 2022. With us, you can achieve more - for yourself as well as those you work England, Essex, Chelmsford
Recuriter: Essex County Council

Chief Fire Officer/Chief Executive

Essex County Fire & Rescue Service
c. £150,000
Are you ready for an exciting and rewarding opportunity Essex
Recuriter: Essex County Fire & Rescue Service

Housing Development Manager

City of York Council
£36,476 to £41,830 per annum
Do you want to play a key part in the delivery of “the UK’s most ambitious council-led housing programme in a generation”? York, North Yorkshire
Recuriter: City of York Council

Public Property

Latest issue - Public Property News

This issue of Public Property examines how how flexible workspaces can lead the way in regeneration for local authorities, Why local authority intervention is key to successful urban regeneration schemes and if the Government’s challenge of embracing beauty is an opportunity for communities.

The March issue also takes a closer look at Blackburn with Darwen Council's first digital health hub to help people gain control over health and care services.

Register for your free digital issue