Contact us

If you’ve got a story or event for the GPSJ website, e-mail Stuart Littleford at

July 2022
« Jun    


Smart Cities: Taking a Security-Minded Approach to Open and Shared Data

By Sascha Giese, Head Geek at SolarWinds

In our increasingly crowded urban settings, delivering better, safer, and more sustainable environments for citizens is central to both short- and long-term national and local government strategies.

As a result, the accelerating development of smart cities is driving huge advances in technology and the use of data across the world. Building the infrastructure and systems required to collect and process information from citizens and devices alike meant global revenues from smart city projects was in excess of US$129 billion last year alone.

Several core technologies are key to building a successful and integrated smart city infrastructure. These include performance monitoring and infrastructure management, which are employed to provide full-stack visibility across hybrid IT infrastructures and applications. In particular, their role is to monitor and troubleshoot network and application performance issues across fixed and wireless links.

Next is application, user experience, and web app monitoring, which provides visibility into

the health of key applications and sites, including software as a service (SaaS) use cases. These tools are also used to reveal application dependencies and related performance across the smart city networks.

Underpinning everything are IT security and automated vulnerability management tools, which help save time and dramatically improve IT security. And when performance or reliability issues come to light, support desk solutions are vital to help authorities track tickets and optimise resolution rates and reporting.

Security and Service

Given the growing complexity and integration of the data sets required to operate a smart city, security has become a particular priority. In response to the rise of risks such as ransomware, smart city infrastructure needs to implement technologies to not only monitor vulnerabilities but also aggregate logs and automate threat responses, even dividing up network segments for triage reasons.

Security information and event management (SIEM) systems, for instance, can aid in the detection of new attack vectors by monitoring logs. In addition, the city’s IT team can employ device configuration management to help eliminate known vulnerabilities, establish baselines to monitor configuration drift, and back up device configurations to recover from failures by successfully managing vulnerabilities.

In this context, service management also plays a key role because smart city technology creates a wide range of support requirements needing to be reported, tracked, and resolved quickly and efficiently. For instance, problems may arise from VPN or connectivity issues, and in larger cities, tracking these service desk demands and managing delivery can present huge resourcing problems. As a result, putting remote access tools in place to manage systems and endpoints and help resolve technical issues is a crucial part of the infrastructure equation.

Data Decisions

Given the size and complexity of today’s smart cities—and the huge scope there is for their continued growth—focusing on the security of shared and open data is essential to maintaining public confidence and support.

City authorities must carefully assess the chances data may be misused. Depending on what data is collected, for example, it’s possible to monitor the route taken by individual citizens on their journeys around a city, their commutes to and from work, or where they go as part of their social lives. Though there are circumstances where access to this information may be considered crucial to personal and general public safety, citizens don’t want to be in a situation where they feel every move they make is being unnecessarily monitored by smart city technologies.

As the scope for gathering data across smart cities increases, so does the range of applications and services—and the associated potential risk. Last year, for instance, the Mayor of London announced almost £1.5 million of investment in air quality monitoring, which would support 195 sensors creating real-time data shared publicly via the Breathe London website.

Using this information, authorities can take preventive measures to maintain air quality. When public transit vehicles enter locations with higher pollution levels, for example, they can be switched to an all-electric mode. When air quality deteriorates, some towns use the data in public awareness announcements to encourage people driving or walking to find alternate routes.

As these innovative applications are implemented, security and compliance become more difficult, not least because of the increase in data volumes and complexity. Organisations are becoming more aware of their regulatory requirements, and the impact of legislation like UK-GDPR means administrators are increasingly responsible for data integrity and protection. As a result, smart city administrators are responsible for not just securing these expanding volumes of data but also ensuring they and their third-party partners don’t misuse it.

Clearly, there must be a dividing line between the nature and volume of data being collected and the ways it can be used. At the same time, this data must be kept safe from cybercriminals, nation-state adversaries, or anyone who would seek to exploit it for unethical or illegal purposes. Striking the right balance will prove essential to the effective long-term development of our smart cities.

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>




This site uses Akismet to reduce spam. Learn how your comment data is processed.