Three of the five largest councils in England are unable to identify potential security breaches to IT systems in real time, freedom of information (FOI) requests have revealed.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
This means most top councils in England are unable to respond immediately to potential attacks or investigate breaches quickly.
Data management firm LogLogic sent freedom of information (FOI) requests to 20 of the largest councils in the UK, asking detailed questions about the progress and management of government
Connect Secure Extranet (GCSx) is the government-wide programme that provides a secure private wide-area network (WAN) that enables local authorities to share data with central government.
To gain access to the GCSx, local government authorities have to comply with the Code of Connection (CoCo), and also Good Practice Guide 13 (GPG13), which mandates specific security and network controls for protective monitoring to prevent data leakage.
But the FOI requests revealed only three of the top five UK councils have implemented log management systems to help achieve compliance. Only two are keeping their log data for more than six months - as recommended for GCSx compliance - despite all five claiming to carry out annual compliance audits.
Only two were in compliance by keeping their data for six months or more, with two keeping log data for 0 to 3 months and another keeping its log data for 3 to 6 months.
With 60% not keeping the data long enough to enable proper investigations if they suspect a breach, breaches are likely to go un-noticed and unpunished due to lack of evidence, says LogLogic.
Several Scottish and Northern Irish councils refused to answer questions on data management on the grounds of national security, but responses from the biggest five councils in Wales indicate a far better position than that revealed in England.
In Wales, four of the five top councils said track and report in logs in real time, while the remaining council did not answer the question.
Four of the five also said they had implemented log management systems to assist with tracking and audit management.
Managing IT data from collection to storage and being able to report on it in real time is key to addressing the cornerstones of GCSx, says Bill Roth, vice-president at LogLogic.
"Overall I think the English and Welsh authorities have fared pretty well, but they were let down by the English authorities on being able to track and record in real time which is essential for monitoring and preventing sensitive data from leaking out of the GCSx," Bill Roth said.
Storing logs for the recommended six months plus time period is also critical for compliance and a surprising number fell short of that measure, said Roth.