City OKs More Money to Investigate Systems

a cyber forensics company, will continue to audit and provide consulting for the city’s Information Technology after questionable practices in the department led to a federal and state investigation. 

The commission on Tuesday unanimously authorized an additional $113,365 in payments for Sylint to include:

• management consulting for the Information Technology Department to assist in resolving Exchange e-mail problems uncovered during the initial investigation;

• cyber security audit to address “potential vulnerabilities” uncovered during the first investigation; and

• continued and expanded computer forensics investigation.

John Jorgensen of Sylint told the commission that he polled two F.B.I offices, the federal Department of Housing and Urban Development and the Florida Department of Law Enforcement about whether they want to proceed with their criminal investigations and they all said yes.

Jorgensen revealed Tuesday night that there haven’t been updates to the e-mail Exchange system or other systems in years, putting support and security in jeopardy. Another “lateral concern” was deemed founded, but Jorgensen would not say specifically what that was because it relates to the criminal investigation.

“We are very concerned the system has some vulnerabilities to it that allow outside access and would internally effect the city's information,” he said.

However, no report from the original audit was produced, which concerns Vice Mayor Terry Turner. He reluctantly supported the motion.

“I have reservations about spiraling costs and I hope this is the end,” he said.

The discussion came just hours after . Sylint’s initial audit, discussed at a special Jan. 6 city commission meeting,  after examining the . The city’s Information Technology director and manager were subsequently placed on paid leave. 

The Audit and Clerk’s office will review Sylint’s work weekly to see if it needs to continue, end or be re-evaluated, according to city documents. 

Deputy Manager Marlon Brown, who is part of the accusations for having access to sensitive e-mails, requested outside counsel to be at future Sylint interviews to maintain fairness, but city attorney Robert Fournier said he is unsure if counsel would be allowed to sit in on all interviews with law enforcement.

Jorgensen added that outside counsel was present at all interviews during the first phase of the audit. 

Here’s how each bullet point will be investigated, and how much it will cost:

Item

Task

Hour Estimate

Cost Estimate

1

Investigation of missing emails expanded. Sampling expanded to 5 more computers and associated email accounts.

36

$7,380

2

Review of SQL email backend to confirm or resolve “lost” email cause, the extent of the “lost” email problem, and a proposed resolution of the problem.

36

$7,380

3

Investigation of unauthorized email searches and associated production of “.pst” files expanded. Additional computers and review of “search” logs.

36

$7,380

4

Lateral expansion of email investigation (if necessary).

20

$4,100

5

Coordination and protocol development for interviews with Law Enforcement of individuals either providing information or associated with unauthorized activity.

8

$1,640

6

Interface, conduct interviews and coordination of information discovery with Law Enforcement (as needed ‐ dependent on law enforcement participation and evidence discovery).

36

$7,380

7

Determine potential Breach of PII, PHI or PCI statutes or standards

32

$6,560

Total:                                                         220                            $45,100

Here is the breakdown on management consulting:

Item

Task

Hour Estimate

Cost Estimate

1

Develop network and functional flow diagrams for the network, specifically including the Exchange email system to include the EHS.

16

$3,280

2

Establish a system documentation plan and problem remediation plan (particularly addressing email and critical document concerns). Execute and oversee the implementation of the plan. Results of the Expanded Forensic Investigation will be incorporated into this Plan.

16

$3,280

3

Review and document current system operations logging. Output of review will be provided to the Expanded Forensic Investigation. Develop system operational logging processes per discussions with Sylint. Test the functional operation of the  email system.

16

$3,280

4

Develop IT immediate, 3 month, 6 month and one year “Objective Plan”, including project summaries and review.

24

$4,290

5

Begin implementation of the “Management Objective Plan” and resolution of problems currently known and problems uncovered by the Expanded Forensic Investigation. Meetings with IT staff and Audit & Clerk’s Office (three meetings envisioned with pre-meetings with staff and preparation)

15

$3,075

6

Assist IT Staff development of City wide Policies and Procedures regarding the email systems to include Exchange and EHS.

32

$6,560

7

Assist IT Staff development of Policies and Procedures for network operations, to include lateral operations.

32

$6,560

8

Review and document system’s Access Rights and Privileges current status. Establish Rights and Privileges to safeguard City of Sarasota enterprise network, to include lateral networks.

32

$6,560

9

Conduct IT department management actions conducive to building cohesive, responsive and effective operations.

0

0

10

Address operational requirements, evaluation, implementation, of ongoing and future projects to determine budgetary obligations and projections. Provide IT Tasking and Budgetary objectives for 6 months, 1 year and 3 years.

32

$6,560

11

Establish and exercise and Cyber Security Incident Response Team.

16

$3,260

12

Other tasking as requested by Audit & Clerk’s Office.

0

-

Total

231

$47,355

Here’s the breakdown of the cyber security audit:

Item

Description

Hour Estimate

Cost Estimate

1

Examine and establish Security measures to safeguard City of Sarasota resources and assets upon suspension of two IT managers

10

$2,050

2

Safeguard Confidential and Exempt Information: Audit & Clerk’s Office; Human Resources; Lateral Offices; City Attorney’s Office; and other identified offices.

32

$6,560

3

Conduct Cyber Security Audit of lateral system

16

$3,280

4

Conduct Security Audit of Communications Systems

16

$3,280

5

Conduct Security Audit of email systems

12

$2,460

6

Provide a Security Audit Report and Recommendations

16

$3,280

Total

102

$20,910