COLUMBIA CITY — The Columbia City Common Council is mulling a program that could help cinch down its already tight cyber-security to nearly impenetrable.
Don Smith and David Lefever of The Mako Group spoke to the board at its regular meeting Tuesday night and informed the council about recently-issued regulations from the Federal Trade Commission that will apply directly to the city.
The reason — being a municipality with utilities and paying customers.
According to Lefever, the city’s computerized databases hold customer payments and personal information that could make that very information vulnerable to hackers who specialize in identity theft.
“There’s a social responsibility of the city to protect that data,” said Lefever.
Lefever added that “anything private that would be disastrous if it got outside the city walls” falls under the auspices of what his company excels at protecting.
The Red Flags Rule was created as part of the Fair and Accurate Credit Transactions (FACT) Act of 2003. The FTC directive charged financial institutions and creditors to institute prevention programs designed to battle identity theft.
Enforcement of the regulation has been delayed five times, most recently until Dec. 31.
But according to Lefever, an addition to the rules that applies to Columbia City was made Dec. 7.
Lefever, who told the board he himself had once been a victim of identity theft, said the FTC made amendments to the definitions of creditor, which identified municipal utilities as falling under the rule.
Smith and Lefever said the service they provide creates an independent oversight of the computer systems of the city and its various utilities to check the fire walls of those systems and to provide consultation on any weaknesses that might exist. In addition, a training program educates city employees on how to keep those systems safe.
“It creates a bubble around the city that you don’t have now and that you need,” Lefever said.
“What we think you need right now is to get in “Red Flag” compliance.
Mayor Jim Fleck agreed that extra protection and awareness would be in the city’s best interest.
“The last thing we want is for someone’s identity to be stolen and we’re culpable,” said Fleck.
If the city hires The Mako Group, Lefever said his firm of auditors would work closely with city Director of Communications Terry Wherry to monitor the city’s protection programs already in place.
The Mako Group’s program is threefold — training, a written policy and an audit.
The mayor asked Smith and Lefever for a contract that could be reviewed by the city, particularly City Attorney Marcia McNagny.
“The positive for the city is that it has been proactive in this,” said McNagny.