IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Collaboration, Cybersecurity Work Helped One Jurisdiction Win in Digital Counties Awards

This Northern California county doubled down on moving to the cloud, kept cybersecurity policies updated and maintained lines of communication during the COVID-19 pandemic – all of which helped it land in the winners’ circle in the 19th annual Digital Counties Survey from the Center for Digital Government.

Home to around 100,000 residents across 974 square miles – a population about the size of the Arden-Arcade area of metropolitan Sacramento – Nevada County did well in the 19th annual Digital Counties Survey from the Center for Digital Government,* released earlier this month. The county placed fifth in its population category, up to 150,000 people.

The county’s move to telework during the COVID-19 pandemic was one initiative that helped it get where it needed to be. Officials enhanced VPN and remote support capabilities, as well as provisioning of laptops — but made sure to update teleworking, flexible scheduling and cybersecurity policies. These, in turn, stimulated other security-related policy updates. And with so many working remote, Nevada County implemented multifactor authentication for all forms of access from outside its internal network.

More specifically on cybersecurity, the county implemented the Multi-State Information Sharing and Analysis Center’s (MS-ISAC) Albert product for enhanced threat monitoring; implemented the National Institute of Standards and Technology (NIST) cybersecurity framework and started doing assessments, ratings and gap analyses; and adopted an enterprise information security program. The Nevada County Board of Supervisors approved an enterprise information security program in 2018 laying out the agency’s cybersecurity road map. Officials have written and implemented a security incident management plan and policy, Nevada County CIO Steve Monaghan told Techwire via email, noting that a part of this is a ransomware playbook outlining roles and responsibilities and a “graphical process flow for the steps and decisions to take during a ransomware event.”

Not surprisingly, going virtual meant doubling down on cloud. Nevada County migrated its SharePoint, email, various cybersecurity systems and telephone system to the cloud – the latter, a replacement for a 20-year-old system. Also moved to cloud were an e-recording module for the clerk-recorder, case management for the district attorney and board meeting support functions. Plans are to move the county’s financial system to the cloud ahead of replacement. Monaghan said the county chose to move its existing on-prem financial solution to the cloud via its current vendor, a strategy he said “moved us to their latest release of their financial suite, increases our disaster recovery capabilities for the platform and saves money by reducing the server footprint in our data center.” It should also provide a few more years for officials to work on the overall business requirements and RFP for a new system, the CIO added.

The county also showed a dedication to collaboration and customer support. With telework no longer a temporary solution, an employee has been put on the task of gathering data and feedback to support a telework policy and to gauge work satisfaction. The IT department has convened webmasters from across the enterprise to share best practices and make the county’s presence on the Internet more consistent. In an effort to standardize content creation and make it easier, Nevada County fields a “countywide content creators’ team” whose members share best practices, site updates, features and training, Monaghan said, adding that the team is now working on a “website look and feel refresh that we hope to roll out by year’s end.”

Portions of this article originally appeared in Government Technology's* coverage of the 2021 Digital Counties Survey.

*The Center for Digital Government, Techwire and Government Technology are part of e.Republic.