#
 

Articles from Parking Today

Following is a full article from Parking Today's print magazine.

Browse more articles

Search for articles

AKA

Man the Data, Scan the Ports

June, 2022

Kevin Uhlenhaker

It was great to see everyone at the PIE show in Reno last month. If you didn’t attend this year, you missed out. John and the entire Parking Today crew put on an incredible show. The show featured many varieties of new parking technologies and systems. While new technology can bring many new features and benefits to your organization, it also brings new requirements for the technical maintenance of those systems. Our question this month addresses challenges dealing with ongoing needs introduced by technology.  


Dear Kevin,


I run a small, but growing parking operation, and we use an outsourced IT company for our basic IT needs. Things are fine now, but I wonder if we should be doing more proactively for our IT security. I am not technical, and it all just seems a bit overwhelming. 


Flustered in Florida 


Thanks for the question. Regular maintenance is crucial for any complex system, whether mechanical or electronic. It gets even more complicated when these systems are intermingled. While people know they should perform regular maintenance on their vehicles, many don’t do anything until something breaks. While this approach works in the short term, it rarely works in the long term leading to costly repairs.


Additionally, some people enjoy maintaining their vehicles themselves, but most of us need the help of a professional. The same is true of parking technology. Regular preventive maintenance is essential not just for the physical parts of your system but also for the digital ones. One of the critical but often overlooked maintenance areas is ongoing system security. 


The topic of network security is expansive, but here are a few keys to help your general understanding. The first are ongoing network scanning tools. These tools scan a network and its devices to look for security issues. There are two main types of network scans. 


The first is a port scan. This scan checks for open ports and generates a report. An easy way to think of a port is a communication pathway into and or out of your computer. If your computer were a house, ports would be the doors and windows. A port scan effectively checks which of these are currently open and lets you know, so you can close and lock them. 


A more advanced network scan is a penetration or vulnerability scan. This scan attempts to use known bugs, security issues, and frequent problems to break into your network or your devices. While a port scan checks for open doors and windows, a penetration scan would try to pick the locks, jimmy the door, and even knock to see if you will open the door for them. 


These scans should be run regularly, as things on your network will change, so regular scans are essential. While you could buy software to do these scans yourself, you likely would be better off finding an IT expert to make recommendations on which tools to use, interpret the results, and then help put in place fixes, policies, and procedures to help reduce the overall risk of adverse situations.  


In addition to technology, investing in improving your team’s IT security knowledge is another key component to overall IT security. Many times, the best way for people to gain unauthorized access to your systems is just by asking. Social engineering uses deception to gain access to private information.


It is often used to gain direct access and knowledge from unsuspecting people. Most people assume that the person they are dealing with is sincere, so they are typically willing to share information. 


One way to help avoid this tactic is to educate your team about security hygiene. Several web-based programs provide easy-to-understand training presentations and tests, to help ensure understanding and document completion. 


Much like any other ongoing maintenance, IT security must be a routine activity to help ensure the security of your computer systems and data. It can never be a “set it and forget it” activity.


With the help of an experienced IT professional, scanning tools, and staff education, you can help improve the security of your IT systems. 


Good luck with your IT security improvement process. It is like any other preventive measure. It helps reduce the likelihood and lower the impact of any damage. 


If you have a question that you would like answered or would like to drop me a comment, please reach out to me at kevin.uhlenhaker@flashparking.com. 

#