County on constant guard against computer hackers
Hackers are constantly trying to breach Johnston County's computer system, requiring round-the-clock vigilance from the Technology Services Department.
Whether they’re trying to sow chaos or steal your money, computer hackers are relentless.
“We receive thousands of breach attempts daily,” says Jamie Briscoe, Johnston County’s assistant IT director. “It’s constant.”
And that means the County’s Technology Services department has to be constantly on guard.
“We have staff and software that is monitoring our network devices 24/7,” said Jeff Howard, director of Technology Services. “So if my staff’s asleep at 2 o’clock in the morning, a protocol is in place to block or kill suspicious activity.”
The County protects its devices too. “We have security on every single device that we have in Johnston County,” Howard adds.
The No. 1 vulnerability
Most often, hackers try random user names and passwords in order to breach Johnston’s network. And that’s why Johnston County has moved to an advanced authentication method.
“The password is the No. 1 vulnerability, and that’s why we work really hard to remove that risk,” Howard says.
When County employees log on to Johnston’s network, they don’t enter a password. Instead, they receive a notification on their smartphone requiring either a fingerprint or facial recognition.
“The password can’t be compromised using this form of authentication,” Howard says. “It’s a biometric facial scan or thumbprint that allows you access to your computer or to your laptop.”
Some passwords remain, but measures are in place to keep them safe as well.
“We have a password vault,” Howard says, referring to software that stores all county passwords. “So instead of having a password taped to the bottom of your keyboard, it’ll be in a password vault.”
Access to the vault is guarded and encrypted.
“To log into this vault, it’s going to send me a push notification to my phone,” Howard said. “Access requires another biometric scan.”
Even with the vault in place, Howard’s office is still working to reduce the need for passwords when possible. “I’ve tasked my staff with looking at these older applications and trying our best to move into a more modern authentication method,” he says.
Vendor security
Johnston’s computer servers hold little sensitive information about County taxpayers and customers. Instead, that information resides on either state servers or the servers of third-party vendors — the companies that send out bills, process payments, etc.
Like government, those companies are the targets of computer hackers too, which is why the County is careful about who it does business with.
“These companies have to meet a certain level of security standard to be able to store this information,” Howard says.
The criteria are many.
“If they want to have the ability to work with Johnston County, they have to answer a series of vetting questions,” Howard says, offering examples. “What security framework standards do you follow or are you certified in? How often do you do your security audits? Have you ever had a breach? Have you ever leaked data?”
Those vendors must back their answers with supporting documentation. “We use the industry standard ‘Trust but Verify’ method,” Howard says.
If vendors need access to Johnston’s network, the County both limits and monitors that access.
“They used to have direct access, and that was one of the things that I felt we needed to get a handle on,” Howard says.
Now, all third-party vendors access Johnston’s network via a secure VPN, or virtual private network, and must complete an approval process before connecting. The VPN keeps tabs on vendors when they access Johnston County servers or PCs.
“Once they get there, everything’s recorded,” Howard says. “There’s a video recording of their keystrokes. It’s time- and date-stamped. Everything’s documented.”
“We need to know every single thing that’s going on in this network,” Howard explains. “It’s not because we want to control what a user does. We are trying to prevent the network from being compromised.”
Johnston has protocols in place in the event one of its vendors suffers a breach.
“We have had vendors that have been breached, and we’ve immediately denied their access,” Howard says.
And the County doesn’t restore their access until it’s confident the vendor has closed the breach and taken steps to prevent another one.
Keeping pace with hackers
With technology, including AI, evolving so quickly, Howard’s office operates under the assumption that it’s always one step behind hackers. And that keeps them on their toes.
“We’re always trying to build that next wall,” he says, “trying to prevent that next vulnerability.”
Page last updated on: May 14, 2026