State-of-the-art technologies for the citizens of a town steeped in tradition
Memmingen is an independent town in the Bavarian administrative region of Swabia. The former imperial town is the regional center as well as the school, administrative and commercial center in the Donau-Iller region. With 43,837 inhabitants, the town in Upper Swabia is the fifth-largest town in the administrative region of Swabia. The origins of Memmingen date back to Roman times. With its many squares, town houses and patrician houses, palaces and city fortifications, the old town is one of the best-preserved cities in southern Germany. Thanks to good transport connections by road, rail and air, it is also the transport hub of Upper Swabia, the Allgäu and Central Swabia.
The serious attack on a district administration in Saxony-Anhalt clearly shows that it’s not just companies that are the target of ransomware attacks. For the first time, a cyber attack caused a state of emergency to be declared. Community-related services were unavailable or only partially available for more than 207 days. The figures published in the BSI status report (Federal Office for Information Security) give a good insight into the risk situation at federal level. For example, around 44,000 e-mails containing malicious programs were intercepted every month in the government networks by automated antivirus protection measures during the reporting period.
Stefan Schönhals, Head of the Office for Information and Communication Technology of the town of Memmingen and Information Security Officer is only too aware of the threat situation:
„The town administration of Memmingen employs around 750 people, working with sensitive and personal data. Our area of responsibility includes securing administrative processes for everywhere from old people’s homes to municipal utilities and municipal sewage treatment plants. Our extensive population data and critical infrastructure facilities are an enticing target for cybercriminals. Cyber attacks on municipalities are particularly effective in terms of publicity, directly affect the citizens, cause commotion and disrupt public services.“
The urgent need for comprehensive IT security in public administration has also been recognized at state and federal level: The creation of an information network for public administration—known as IVÖV for short—is the aim of the Network Strategy 2030. It was formulated at federal level as part of a conference of IT representatives with the aim of longterm further development of IT network infrastructures in public administration. It takes account of the increased demands in the area of communication capability for the entire public administration in Germany, new technical developments and the increased security requirements, including those caused by events such as the Ukraine war.
The coronavirus pandemic has also led to accelerated digitalization in public administration in recent years. Not all administrative procedures can be digitally managed, however. Therefore, the movement of people in city administration is still an issue. Schönhals identified, for example, open network sockets as possible gateways for connecting the administration network to infected unknown devices — not only through visitors to the municipal facilities, but also through employees. The IT team did not have an overview of the end devices in the network, such as private laptops. In addition, there was no overview and control over third-party devices added to the network by external service providers carrying out maintenance on city facilities. “Now we are informed when and where an unknown device is plugged in, and only devices approved by the IT department will be accepted.”
- Maximum security through granular access control and precise network segmentation
- Monitoring and control of all devices in the network (live inventory management)
- Ensuring the integrity of the network by only granting network access to defined (owned and approved) devices
- Protection of administrative IT against attacks on sensitive, personal data
- Support for the implementation of the German Data Protection Act (BDSG) and the State Data Protection Act (LDSG) and the fulfillment of the requirements of the Basel Agreement Basel II/III
The topic of network security was discussed with the IT security consultant of CyProtect AG. The manufacturer-independent cybersecurity service provider has maintained a long-term partnership with macmon secure GmbH, which specializes in network security. When deciding in favor of macmon NAC, after a public tender, the good price-performance ratio of the Berlin-based macmon secure was also an important factor for Schönhals. “Now, the employees in the IT department couldn’t imagine life without macmon.” The macmon Network Bundle, an efficient tool for network protection, is being used to provide a comprehensive overview of all devices in the network, live inventory management, immediate alerts when unknown devices are connected and the initiation ofautomatic countermeasures.“ This not only increases security, but also reduces our administration work,” comments Schönhals. In addition to the use of software solutions, Memmingen is also focusing on prevention: “In order to improve our IT security, we implemented internal e-learning training courses, as many employees were not even aware of possible gateways for malware.”
As well as providing standard network access control, the IT expert believes one of the biggest advantages is the tool’s ability to automatically assign VLANs using group assignment. The VLAN Manager is an effective and time-saving management component for the simple introduction and automated operation of static and dynamic VLAN concepts. “The time saved by the automatic VLAN assignment when setting up and moving end devices is a major advantage. Previously, the VLANs had to be configured manually on the switch.”
The recent high-profile cyber attackson administrations have shown just how important it is to protect the IT infrastructure of a municipality, and have led to a rethink among local politicians. The increasing complexity of IT due to digitalization, the transfer of business processes to the Internet and new technologies create new vulnerabilities to cyber attacks. It is important to deal with these vulnerable areas quickly and comprehensively. A digital administration needs not only a modern, but also a secure infrastructure.