Cass County IT reports Duo rollout, SharePoint migration and rising business-email compromise incidents
Get AI-powered insights, summaries, and transcripts
Sign Up Free
Summary
County IT detailed recent hardware and software upgrades, a near-complete multi-factor authentication rollout, migration of a large Human Services SharePoint and repeated business-email compromise (BEC) attacks; staff proposed decommissioning an older authentication server and described training and grant activity.
County IT staff gave a progress update on multiple information-technology projects, telling commissioners the county has completed a large-scale printer refresh, nearly finished a multi-factor authentication rollout, migrated Human Services files to a modern SharePoint and is testing new phone and in-vehicle hardware for law enforcement.
The presentation said the county has renamed and secured every printer and copier, moved those devices to an isolated network, and tightened security settings. IT reported a 99% completion rate on the Duo multi-factor authentication rollout, with the remaining accounts assigned to employees on medical leave or personnel who rarely come in. Staff said decommissioning the AD FS server (used since 2014 to authenticate offsite email and VPN connections) is the next step now that Duo is widely deployed.
Officials said decommissioning AD FS will remove one attack surface that enables brute-force attempts on accounts whose email addresses are long-known. The IT presenter said such brute-force attacks consist of automated “dictionary” password tries and that removing AD FS will reduce vulnerability points.
Staff also described a migration of roughly a quarter-million Human Services files off a SharePoint instance dating to 2011 to a modern SharePoint during Labor Day weekend; the presenter said the work took about 21 hours and improved file structure and security. A hardware refresh for 2025 is complete and Windows 11 deployment is underway, with under 20% of endpoints remaining and full automation of the rollout.
On telephony, IT is evaluating cloud-based phone systems and headsets for most users and physical handsets for areas such as the jail. The presenter said licensing models differ (concurrent calls, per-user, per-extension) and the county is testing vendors and hardware. Law-enforcement antenna and in-vehicle equipment purchases have arrived and are being installed by Mid States for patrol vehicles.
Cybersecurity was a major focus. Staff reported an increase in phishing and business-email compromise reports that now account for roughly 30% of daily tickets, some of them false positives triggered by mass emails from outside vendors. The presenter gave two recent examples: a spoofed-sounding principal email that targeted a school point of contact and a LinkedIn job-scam message that linked to a suspicious .shop site. The presenter said attacks are increasingly targeted (“spear phishing”) and warned elected officials and staff to exercise heightened scrutiny of unexpected requests.
IT staff outlined attendance at Wild West Hackfest in Deadwood and described review of multi-factor authentication prompting frequency to balance security and user fatigue. The presenter also said he sits on a state-local cybersecurity grant board; the presenter said the grant program had been renewed after advocacy and that North Dakota had $16–17 million allocated across the state. He reported federal pushback over MS-ISAC (Multi-State Information Sharing and Analysis Center) subscription arrangements and said federal guidance currently discourages states from using grant funds to pay for MS-ISAC subscriptions when run independently.
No formal action was taken during the presentation; commissioners asked clarifying questions about recent high-profile incidents in other jurisdictions and the status of information-sharing services. IT staff said they would pursue regional information-sharing discussions and follow up on grant details.