Recommendations for Government IT in 2021
The year 2020 will go down in the books as one of the most challenging, yet technologically innovative years of our lives — innovation that happened seemingly overnight and continues to evolve. The need to adapt quickly has far surpassed the reluctance to change and comfort level of decades-old processes that so many of us relied on.
With this as the backdrop, we have learned that creativity, flexibility and a strategic approach were critical to staying productive in state and local government organizations.
Creativity: Early on, pivoting fast to digital workplaces became critical. As local government navigated these changes, creative solutions emerged: full desktop environments packaged up and sent home with employees, mobile wireless devices provided to employees and county wi-fi extended outside county-owned buildings into parking lots, just to name a few.
Flexibility: Planned projects that IT leadership may have been working on for several years went by the wayside or were — at best — delayed. While critical to the overall county technological improvement roadmap, there just were not enough hours in the day to handle unplanned pandemic-related technology needs.
Strategy: IT leaders had to be strategic as they responded quickly to county and employee demands. This included finding the most economical, yet beneficial way to fulfill the needs of both county citizens as well as county employees. Shifts in strategy included moving away from desktop computers to laptops, implementing secure virtual public meeting options, and ensuring that employees could work securely from their homes.
Policies and procedures were also critical. In those early months, I worked closely with county IT leadership through the National Association of Counties (NACo) Tech Xchange to develop templates and toolkits for virtual meetings and telework, as well as resource listings of low or no-cost solutions that industry partners were making available to local governments.
IT predictions for 2021
Now we have entered a new year. And while the need to stay flexible and creative is still paramount, planning for 2021 will put strategic vision at the forefront. We do not yet have a clear direction of what 2021 will bring, but IT leadership must forge ahead with a focus on what we know today. Based on predictions that I am already seeing from national government organizations, think tanks, and private industry, there are consistent themes:
- Social engineering is a top attack vector for hackers. For example, free COVID-19 tests and vaccine appointments will be leveraged heavily by threat actors in the new year. Scammers will utilize social engineering to dupe users into providing a mailing address, phone number and credit card number with a promise to verify their information and qualify for a free COVID-19 testing offer or to sign up for the vaccine.
- Internet of Things (IoT) will increase in response to on-premises return-to-work office strategies. IoT applications such as smart lighting, energy and environmental monitoring, and sensor-enabled space utilization solutions with remote management will be used to enhance employee safety and improve resource efficiency.
- Remote work will continue, which will result in heightened security needs. Securing or replacing Virtual Private Networks (VPNs) and implementing multi-factor authentication will be a #1 priority for many counties.
- Ransomware, along with Crimeware-as-a-Service is on the rise. The theft, marketing and selling of citizen data on the dark web is escalating and will continue to do so in 2021. No one is immune, including the supply chain and well-established providers.
County IT departments ramping up security
The good news is that county IT defenses are improving. These approaches are moving to the top of the security priority list:
- Password management and multi-factor authentication will help slow the rate of account-compromise attacks through phishing and data theft
- Risk-based access will reduce the burden on users by only requiring additional authentication when needed
- Security analytics, including monitoring of log information, will become standard
- Data governance will be given more than just a cursory approach
County government IT priorities
I believe that local government will settle into a new normal. A recent NACo Tech Xchange survey taken by county IT leadership has shown that counties are focused on similar priorities to 2020. As one can see, data governance is number four out of seven:
- Cybersecurity services
- IT leadership talent acquisition & retention (even more critical given the rise of telework opportunities)
- NACo Tech Xchange portal growth (like other online technology resource portals) to keep IT leaders connected and networking
- Data governance education and resources, including data asset inventory templates and a data toolkit
- Wide access and affordability to broadband
- Developing cloud adoption best practices
- Technology support and resource solutions for rural and smaller counties, especially in security
How IT leadership can prepare for the year ahead
While a strategic approach for 2021 will be critical, IT leaders must focus on providing technical services and completing projects responsibly, both from a financial perspective as well as an available resource perspective. Now is the time to develop a SWOT analysis of your existing IT team. Knowing the current strengths, weaknesses, opportunities, and threats will help IT leaders implement a strategic approach for 2021.
And of course, IT leaders will need fortitude in keeping projects and their team on track while remaining flexible to change. This does not mean that IT leaders sacrifice care and understanding of their team, but rather finding creative ways to manage expectations with limited resources and time.
Share this post!
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.