Larimer County continuously monitors and strengthens our IT security to ensure our citizens and organizational partners trust the information they share and receive with the county.


Network Monitoring (Bitsight Score)

Larimer County 800 Advanced Last Updated: 2019-12-08

Larimer County partners with Bitsight to monitor our environment and provide a continuous rating of our cyber risk. Over 1,500 organizations are using BitSight Security Ratings to monitor their business ecosystem. Using an approach similar to credit ratings for financial risk, BitSight customers are able to gain insight into the security posture of third parties as well as their own organization. The Ratings are calculated on a scale of 250-900, with a higher rating indicating better security performance. BitSight is the most widely adopted Security Ratings platform in the world.

The average Bitsight Rating for Government/Politics industry is 650.

Security and Operations Team

Larimer County has a team whose mission is to work in collaboration with all Larimer County staff, elected officials and business partners to support the confidentiality, integrity, and availability of Larimer County’s digital assets and technology systems.

The following five functions are used to foster an operational culture that is aware of, and dynamically adapts to, cybersecurity risk.  

  1. Identify – Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
  2. Protect – Develop and implement the appropriate safeguards to ensure delivery of IT services.
  3. Detect – Develop and implement the means to identify the occurrence of a cybersecurity event.
  4. Respond – Develop and implement the actions required to deal with a detected cybersecurity event.
  5. Recover – Develop and implement resiliency plans and to restore any capabilities or services that were impaired due to a cybersecurity event. 

Partnerships

Larimer County has made strategic technology investments that enables the delivery of high-quality services to our citizens. We are equally invested in protecting these technology assets from current and future threats. To that end, we continue to strengthen our collaborative relationships with Federal, State and Local agencies to enhance our mutual protection and ensure reliable, secure and effective services.

Two such agencies are the Multi-State and Elections Information Sharing & Analysis Centers. These partnerships provide us with the necessary resources to help keep critical County operations available. 

MS-ISAC Logo   EI-ISAC


Online Security

Web Encryption

Every page, form and document hosted on larimer.org is encrypted - meaning visitors can trust a secure connection between their browser and our site when browsing pages or completing a form on larimer.org. When visiting an encrypted site note the lock icon, near the web address:

Screenshot of Encryption Lock on Larimer.org

 

We work especially hard to maintain high levels of encryption, and for our efforts have attained an rating on Industry standard Qualsys SSL Labs Site Review:


A-screenshot

(You can view our real time rating on SSL Labs Site)


Secure Site Hosting

Pantheon Logo

Larimer.org is proud to call Pantheon.io Hosting Home.

The Pantheon platform provides:

  • Container-based infrastructure
  • Automated, one-click core updates
  • Denial of service(DDoS) protection
  • Automated security monitoring
  • Network intrusion protection
  • Automated HTTPS
  • Vulnerabilities and Incident Response

  • SAML/SSO/2FA
  • Role-based change management
  • Automated backup and retention
  • Secure code and database access
  • Secure integration to resources
  • Secure datacenter
  • Privacy Shield & US-Swiss Safe Harbor Certified

Review Pantheon's Security benefits


Vulnerability Scans

In addition to encryption, we monitor our site monthly for security vulnerabilities and weaknesses using industry leader and third party Trustwave.