Westchester County was selected to receive the honor from the New York State Forum because of its "Public Internet Protection Act" -- a law that mandates minimum security measures for businesses who use wireless networks.
"Getting this kind of recognition on a statewide level just confirms what we've known all along -- that network security is a significant issue and it's vital that we take steps to protect customers against identity theft and computer fraud," said County Executive Andy Spano. "Too many businesses are maintaining unsecured networks and putting us all at risk."
The New York State Forum presents awards each year to recognize the outstanding work in the area of Information Resource Management by New York state and local government organizations. Westchester was chosen in the "policy" category for its excellence in effective implementation of information technology to meet business goals in New York State.
Westchester's law, passed in April 2006, appears to be the first of its kind in the U.S. (and perhaps the world). The law applies to all commercial businesses that collect personal customer information such as social security numbers, credit card or bank account information, and also have a wireless network. Companies must take minimum security measures to "secure and prevent unauthorized (wireless) access to all such information." Security measures can be as simple as installing a network firewall, changing the system's default SSID (network name) or disabling SSID broadcasting.
In addition, businesses that offer public Internet access must "conspicuously post a sign" advising customers to "install a firewall or other computer security measure when accessing the Internet."
As part of the new law, the County has also published a new brochure and Web site to educate consumers about how to prevent identity theft.
