Pandemic Challenges for Our LA - Freedom of information requests

Title or Description
Pandemic Challenges for Our LA
FOI Number
15232
Date Received
19/05/2021
Type of Request
FOI
Request or Question
I would like to submit an FOI request regarding the challenges your council has faced during the pandemic.Specifically, I would like responses to the following questions:Question1)      a)       How many people do you employ?
b)      How many of your employees were moved to remote working from March 2020?
 
2)      
a)       Did COVID-19 and the move to remote working mean you had to make additional investments in security in order to support remote working? 
b)      If yes, how much (if possible)?
3)      
a)       (If answered YES to question 2 (a) above) Where did the budget for additional investments in security in order to support remote working come from?
a.       From the wider IT budget
b.       From reducing investment in other services
c.       From council savings
d.       From selling council assets – e.g. property.
4)      Does your organisation plan to continue using remote working more post-COVID-19 than it did pre-COVID-19?
a.       Yes
b.       No
5)      For each of the following, can you indicate whether you a) have invested more in the item below after March 2020, and b) plan to invest further in the future.
a.       Secure VPN access for remote workers
b.       Encryption for remote workers (e.g. software encryption, thumb drives)
c.       Identity and access management
d.       Security Information and Event Management (SIEM) tools (e.g. Splunk)
e.       Endpoint security
f.        Increased security training for remote workers
g.       Security posture assessment to understand any impacts from the move to remote working and identify any gaps in security
ANSWER OPTIONS:
a.       We have invested more
b.       We plan to invest further in the future
6)      Have any of your employees been prevented from working remotely because it wasn't possible to guarantee secure access to data?
a.       Yes
b.       No
7)      
a)       Have you had reported to you and/or identified any cyber-attacks made against remote employees (e.g., phishing, man-in-the-middle attacks, brute force attacks against VPNs)?
a.       How many of these were identified / reported from March 2020 onwards?
b.       How many were identified / reported in the 12 months before March 2020 (i.e. March 2019 – February 2020)?
 
 
Response
1)      
a)       As of 02.06.2021 excluding casual staff and elected members = 4997
b)      Unfortunately Scottish Borders Council do not hold the information you have requested. Therefore we give notice under s17 of FOI(S)A 2002 and declare that the information is not held.
2)        No
3)       near
4)       Yes
5)    
a.     a.       We have invested more
              b.       We plan to invest further in the future
b.     a.       We have not invested more
              b.       We do not plan to invest further in the future
c.      a.       We have not invested more
              b.       We do not plan to invest further in the future
d.       a.       We have not invested more
              b.       We do not plan to invest further in the future
e.      a.       We have not invested more
              b.       We do not plan to invest further in the future
f.        a.       We have invested more
              b.       We plan to invest further in the future
g.     a.      We have not invested more
              b.       We plan to invest further in the future
6)       No
7)      
a)       Yes
a.       55 phishing and 1 man-in-the-middle reported
b.       40 reported phishing