AUGUSTA, Maine (NEWS CENTER) – It seems every day there is talk about another hacking investigation. It might even make you question what it might mean for the state of Maine.
Just weeks ago, there was a data beach involving the Department of Labor. It impacted a job listing service contracted out by the department.
That incident compromised more than 12,000 social security numbers and other personal information of Maine residents. An investigation is ongoing.
NEWS CENTER got an inside look at one of the state’s data centers and spoke to the people in charge of keeping Mainer’s information secure—everything from tax information, to drivers’ license data and even fishing licenses.
“Certainly we’re paying attention because it’s not only the volume of attacks, it’s the sophistication of the attacks,” Jim Smith said.
Smith is the Chief Information Officer for the Office of Information Technology for the State of Maine. He oversees a total of 16 agencies.
“The bad guys are just getting much better at probing—at getting information, really tricking people to get in and get information—so we have a heightened awareness,” he said.
Within all of the agencies, Smith said more that 38 million emails are received each year.
Of those, a total of 15 million (or 40%) are stopped due to some level of suspicious content.
Many of those emails are self-reported by some of the nearly 11,000 state employees—all of whom are required to take training on how to best identify vulnerabilities, such as phishing emails.
“The training is extremely important because in the end the human being is both the most vulnerable, but also the greatest potential for us to be able to prevent the next big event,” Associate CIO Victor Chakravarty said.
Chakravarty said that the state has looked to outsourcing to cloud-based service more in order to save taxpayer dollars.
At the end of the day, they both admit that threats are inevitable, but insist they are prepared.
Gov. LePage has proposed in his latest budget that the Office of Information Technology be its own cabinet-level department. Smith said it places greater emphasis on the importance of their role in the state.
So what can you do to keep your information safe?
“If I were to say one thing actually I don’t think people do enough, they don’t trust themselves enough. You know when something isn’t right,” Michael Knupp said.
Knupp suggests always ensuring that the site you are on is secure when inputting private information. That means there will be some kind of lock icon and the address with start with “https.”
He also said that we often overshare. Knupp recommends only using one credit card strictly for online purchases, as opposed to debit cards, as wells as leaving out phone numbers and addresses on some sites when they are not required.
“I’m kind of a believer in things like being aware of your digital footprint, and maybe trying to limit your scope in terms of things like that,” he said.