Dear Gloria Zimba,

 

Freedom of Information Request Case ID 202101356

 

Thank you for your request for information received on 15 December 2021 in
which you asked for the following information:

 

1. Do you have a formal IT security strategy? (Please provide a link to
the strategy)

A) Yes

B) No

 

2. Does this strategy specifically address the monitoring of network
attached device configurations to identify any malicious or non-malicious
change to the device configuration?

 

A) Yes

B) No

C) Don’t know

 

3. If yes to Question 2, how do you manage this identification process –
is it:

A) Totally automated – all configuration changes are identified and
flagged without manual intervention.

B) Semi-automated – it’s a mixture of manual processes and tools that help
track and identify configuration changes.

C) Mainly manual – most elements of the identification of configuration
changes are manual.

 

4. Have you ever encountered a situation where user services have been
disrupted due to an accidental/non malicious change that had been made to
a device configuration?

A) Yes

B) No

C) Don’t know

 

5. If a piece of malware was maliciously uploaded to a device on your
network, how quickly do you think it would be identified and isolated?

A) Immediately

B) Within days

C) Within weeks

D) Not sure

 

6. How many devices do you have attached to your network that require
monitoring?

A) Physical Servers: record number

B) PC’s & Notebooks: record number

 

7. Have you ever discovered devices attached to the network that you
weren’t previously aware of?

A) Yes

B) No

 

If yes, how do you manage this identification process – is it:

A) Totally automated – all device configuration changes are identified and
flagged without manual intervention.

B) Semi-automated – it’s a mixture of manual processes and tools that help
track and identify unplanned device configuration changes.

C) Mainly manual – most elements of the identification of unexpected
device configuration changes are manual.

 

8. How many physical devices (IP’s) do you have attached to your network
that require monitoring for configuration vulnerabilities?

Record Number:

 

9. Have you suffered any external security attacks that have used malware
on a network attached device to help breach your security measures?

A) Never

B) Not in the last 1-12 months

C) Not in the last 12-36 months

 

10. Have you ever experienced service disruption to users due to an
accidental, non-malicious change being made to device configurations?

A) Never

B) Not in the last 1-12 months

C) Not in the last 12-36 months

 

11. When a scheduled audit takes place for the likes of PSN or Cyber
Essentials, how likely are you to get significant numbers of audit fails
relating to the status of the IT infrastructure?

A) Never

B) Occasionally

C) Frequently

D) Always

Your request is being processed under the provisions of the Freedom of
Information Act 2000 and you will receive a response within 20 working
days of receipt of your request, meaning you will receive a response on or
before 18^th January 2022.

 

Kind regards,

 

Henrietta
Information Governance Officer

Email: [1][email address] | Web:
[2]www.wiltshire.gov.uk

 

[3]www.wiltshire.gov.uk/wisc

 

dangos adrannau a ddyfynnir

Dear Gloria Zimba,

 

Freedom of Information Request Case ID 202101356

 

Thank you for your request for information received on 15 December 2021 in
which you asked for the following information:

 

1. Do you have a formal IT security strategy? (Please provide a link to
the strategy)

A) Yes

B) No

 

2. Does this strategy specifically address the monitoring of network
attached device configurations to identify any malicious or non-malicious
change to the device configuration?

 

A) Yes

B) No

C) Don’t know

 

3. If yes to Question 2, how do you manage this identification process –
is it:

A) Totally automated – all configuration changes are identified and
flagged without manual intervention.

B) Semi-automated – it’s a mixture of manual processes and tools that help
track and identify configuration changes.

C) Mainly manual – most elements of the identification of configuration
changes are manual.

 

4. Have you ever encountered a situation where user services have been
disrupted due to an accidental/non malicious change that had been made to
a device configuration?

A) Yes

B) No

C) Don’t know

 

5. If a piece of malware was maliciously uploaded to a device on your
network, how quickly do you think it would be identified and isolated?

A) Immediately

B) Within days

C) Within weeks

D) Not sure

 

6. How many devices do you have attached to your network that require
monitoring?

A) Physical Servers: record number

B) PC’s & Notebooks: record number

 

7. Have you ever discovered devices attached to the network that you
weren’t previously aware of?

A) Yes

B) No

 

If yes, how do you manage this identification process – is it:

A) Totally automated – all device configuration changes are identified and
flagged without manual intervention.

B) Semi-automated – it’s a mixture of manual processes and tools that help
track and identify unplanned device configuration changes.

C) Mainly manual – most elements of the identification of unexpected
device configuration changes are manual.

 

8. How many physical devices (IP’s) do you have attached to your network
that require monitoring for configuration vulnerabilities?

Record Number:

 

9. Have you suffered any external security attacks that have used malware
on a network attached device to help breach your security measures?

A) Never

B) Not in the last 1-12 months

C) Not in the last 12-36 months

 

10. Have you ever experienced service disruption to users due to an
accidental, non-malicious change being made to device configurations?

A) Never

B) Not in the last 1-12 months

C) Not in the last 12-36 months

 

11. When a scheduled audit takes place for the likes of PSN or Cyber
Essentials, how likely are you to get significant numbers of audit fails
relating to the status of the IT infrastructure?

A) Never

B) Occasionally

C) Frequently

D) Always

 

Under the Freedom of Information Act 2000 (the Act) the Council is obliged
to:

▪ Let you know whether we hold the information you have requested
▪ Provide you with the requested information, if held, (subject to any
exemptions to disclosure that may apply)

 

I can confirm that the council holds the information you requested which
is as follows:

 

1. Do you have a formal IT security strategy? (Please provide a link to
the strategy)

A) Yes

B) No

 

2. Does this strategy specifically address the monitoring of network
attached device configurations to identify any malicious or non-malicious
change to the device configuration? n/a

A) Yes

B) No

C) Don’t know

 

4. Have you ever encountered a situation where user services have been
disrupted due to an accidental/non malicious change that had been made to
a device configuration?

A) Yes

B) No

C) Don’t know

 

5. If a piece of malware was maliciously uploaded to a device on your
network, how quickly do you think it would be identified and isolated?

A) Immediately

B) Within days

C) Within weeks

D) Not sure

 

6. How many devices do you have attached to your network that require
monitoring?

A) Physical Servers: 61

B) PC’s & Notebooks: 4500

 

7. Have you ever discovered devices attached to the network that you
weren’t previously aware of?

A) Yes

B) No

 

If yes, how do you manage this identification process – is it:

A) Totally automated – all device configuration changes are identified and
flagged without manual intervention.

B) Semi-automated – it’s a mixture of manual processes and tools that help
track and identify unplanned device configuration changes.

C) Mainly manual – most elements of the identification of unexpected
device configuration changes are manual.

 

8. How many physical devices (IP’s) do you have attached to your network
that require monitoring for configuration vulnerabilities?

Record Number: 4750 (approx.)

 

9. Have you suffered any external security attacks that have used malware
on a network attached device to help breach your security measures?

A) Never

B) Not in the last 1-12 months

C) Not in the last 12-36 months

 

10. Have you ever experienced service disruption to users due to an
accidental, non-malicious change being made to device configurations? Yes

A) Never

B) Not in the last 1-12 months

C) Not in the last 12-36 months

 

11. When a scheduled audit takes place for the likes of PSN or Cyber
Essentials, how likely are you to get significant numbers of audit fails
relating to the status of the IT infrastructure?

A) Never

B) Occasionally

C) Frequently

D) Always

 

Information supplied under the Act may be subject to protection under the
Copyright, Designs and Patents Act 1988. You may use the information we
have provided in response to your request under the terms of the [1]Open
Government Licence.

 

If you are dissatisfied with the response to your request you can ask for
a review of the handling of your request for information. Details of the
complaints procedure are below.

 

Best wishes,

 

Daniella Heard

Information Governance Officer 

Wiltshire Council | County Hall | Bythesea Road | Trowbridge | BA14 8JN

Email: [2][email address]  | Web:
[3]www.wiltshire.gov.uk 

Tel: 0300 456 0100 (Customer Services)

 

Freedom of Information Complaints and Review Procedure

Any person who has requested information from Wiltshire Council which has
been dealt with under the Freedom of Information Act is entitled to make a
complaint and request an internal review of the handling of their request
if they are dissatisfied with the response they have received.

 

Requests for review of a Freedom of Information requests should be made,
in writing, which includes email, to:

Freedom of Information and Records Lead

Information Governance Team

Legal and Governance

Wiltshire Council

[4][email address]

 

Please include the Case ID number, the date of your request and details of
why you are asking for a review. Requests for a review should be brought
to our attention within 40 calendar days of our response to your request.

 

Any request for a review will be acknowledged in writing confirming the
reasons for the review. The review will be allocated to someone who is
independent of the original decision. The person

conducting the review will set a target date for a response with the
intention to complete the review within 20 working days. In more complex
cases the review may take up to 40 working days.

 

The reviewer will conduct a full review of the handling of the request for
information and the decisions taken, including decisions taken about where
the public interest lies in respect of exempt information where
applicable. The review enables a re-evaluation of the case taking into
account any matters raised by the requester.

 

On completion of the review the reviewer will contact the requester with
the result of the review. If the requester is still dissatisfied with the
council's handling of their request they should contact the Information
Commissioners Office (ICO). The ICO can be contacted using the following
details:

 

Information Commissioners Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Tel; 0303 123 1113 (local rate)

       01625 545 745 (national rate)

Email; [5][email address]

 

From: Information Governance <[email address]>
Sent: 15 December 2021 17:19
To: Gloria Zimba <[FOI #816691 email]>
Subject: (DH) 20101356 RE: Freedom of Information request - Information
Technology Request

 

Dear Gloria Zimba,

 

Freedom of Information Request Case ID 202101356

 

Thank you for your request for information received on 15 December 2021 in
which you asked for the following information:

 

1. Do you have a formal IT security strategy? (Please provide a link to
the strategy)

A) Yes

B) No

 

2. Does this strategy specifically address the monitoring of network
attached device configurations to identify any malicious or non-malicious
change to the device configuration?

 

A) Yes

B) No

C) Don’t know

 

3. If yes to Question 2, how do you manage this identification process –
is it:

A) Totally automated – all configuration changes are identified and
flagged without manual intervention.

B) Semi-automated – it’s a mixture of manual processes and tools that help
track and identify configuration changes.

C) Mainly manual – most elements of the identification of configuration
changes are manual.

 

4. Have you ever encountered a situation where user services have been
disrupted due to an accidental/non malicious change that had been made to
a device configuration?

A) Yes

B) No

C) Don’t know

 

5. If a piece of malware was maliciously uploaded to a device on your
network, how quickly do you think it would be identified and isolated?

A) Immediately

B) Within days

C) Within weeks

D) Not sure

 

6. How many devices do you have attached to your network that require
monitoring?

A) Physical Servers: record number

B) PC’s & Notebooks: record number

 

7. Have you ever discovered devices attached to the network that you
weren’t previously aware of?

A) Yes

B) No

 

If yes, how do you manage this identification process – is it:

A) Totally automated – all device configuration changes are identified and
flagged without manual intervention.

B) Semi-automated – it’s a mixture of manual processes and tools that help
track and identify unplanned device configuration changes.

C) Mainly manual – most elements of the identification of unexpected
device configuration changes are manual.

 

8. How many physical devices (IP’s) do you have attached to your network
that require monitoring for configuration vulnerabilities?

Record Number:

 

9. Have you suffered any external security attacks that have used malware
on a network attached device to help breach your security measures?

A) Never

B) Not in the last 1-12 months

C) Not in the last 12-36 months

 

10. Have you ever experienced service disruption to users due to an
accidental, non-malicious change being made to device configurations?

A) Never

B) Not in the last 1-12 months

C) Not in the last 12-36 months

 

11. When a scheduled audit takes place for the likes of PSN or Cyber
Essentials, how likely are you to get significant numbers of audit fails
relating to the status of the IT infrastructure?

A) Never

B) Occasionally

C) Frequently

D) Always

Your request is being processed under the provisions of the Freedom of
Information Act 2000 and you will receive a response within 20 working
days of receipt of your request, meaning you will receive a response on or
before 18^th January 2022.

 

Kind regards,

 

Henrietta
Information Governance Officer

Email: [6][email address] | Web:
[7]www.wiltshire.gov.uk

 

[8]www.wiltshire.gov.uk/wisc

 

dangos adrannau a ddyfynnir