CitySmart Blog

Thursday, November 20, 2014
Clint Nelms, COO

While open records and Freedom of Information Acts (FOIA) vary from state to state, they generally share a common theme: Government records are open to the public unless exempted by law. That means cities need to always prepare to respond to open records requests or Freedom of Information Act requests. They can be politically messy but, more importantly, quite expensive.

That’s why it’s good to have processes and technology to handle these kinds of requests as quickly and inexpensively as possible. How expensively can a technology-equipped city handle a request versus a city without the proper technology? Let’s look at some examples.

We’ll keep the cities anonymous, but we’ll analyze four records requests. For each request, we show how many hours it took us to complete an open records or FOIA request with a city optimized to handle the process. We also provide an estimate based on our municipal experience of how long it takes without the technology.

City Request

Sophicity Time

Normal Projected Time

City 1

14

42

City 2 - Request 1

10.5

31.5

City 2 - Request 2

11.75

35.25

City 2 - Request 3

10.25

30.75

Average

11.625

34.875

For non-contracted IT services, we can average the cost of handling an open records or FOIA request at $150/hour. In some areas of the country, a company or person may charge less, but it usually balances out because less experienced (cheaper) staff or vendors will take significantly longer to complete the same task.

That means the normal projected cost for an open records or FOIA request at 34.875 hours per request is $5,231.25.

However, when your city becomes “optimized” to handle open records or FOIA requests through the right processes and technology, the cost goes down significantly. How do we drive this cost down?

Typically, cities without process and technology optimization:

  • Have email hosted by different email providers and located in different places.
  • Have email located on employee workstations or servers scattered across a city’s office, network, or at people’s homes.

Because email that is relevant to the open records or FOIA request is not centralized, it will have to be located (in a time consuming fashion), reviewed (in a time consuming fashion), and then extracted for the legal team to review. All of this activity is handled by the city’s IT team or the hourly support vendor, which is costly.

We keep costs down by using a cloud email solution that centralizes city email services and makes it easy for us to run any required searches. When email is centralized and accessible in one place, it’s much easier to run searches without having to dig and investigate across many decentralized locations. Plus, modern cloud email software is built in with search-friendly tools that make searching much easier and quicker.

It also helps that our staff has extensive experience with handling these requests for municipalities. That allows us to handle these kinds of requests more efficiently than an IT resource who has never processed one before. Even at $150/hour, an optimized environment cuts each open records or FOIA request cost by a third. Even better, under a service such as Sophicity’s IT in a Box, any labor for a record request is included. That means no additional fees and no extra invoices.

To optimize your ability to handle open records or FOIA requests and cut your costs:

  • Switch to a cloud email solution that centralizes your email in one place. Cloud email also helps you avoid mixing up personal and professional email.
  • Establish an email archiving policy that follows the law and helps your employees quickly find information.

To talk more about the cost of your email open records or FOIA request, please contact us.

Thursday, November 13, 2014
Nathan Eisner, CMO

The “cloud” has become part of mainstream technology terminology, but it’s still a word that confuses a lot of people. Partly, that’s because the word is vague and also because it’s not really a new technology—just a powerful augmentation of existing technologies like servers and data centers.

First, the “cloud” means that your data and applications are stored and run on the internet as opposed to your local computer or network. In the past, you would typically access your data and applications from an onsite computer or server. For large amounts of data or powerful applications, you might traditionally also have used a data center. Many organizations like to use data centers to store data and run applications because these facilities are designed to prevent physical intrusion to your servers and they rarely lose power or Internet connectivity.

Cloud service providers are actually massive data centers that remove the need for you to own or lease servers at a typical data center. Instead, advanced cloud technology allows you to essentially “subscribe” to an application or service over the Internet like turning on a utility without even bothering to own or lease any machines. In your mind, the machines might as well just “go away.”

There are two types of clouds that you can use. 

  • Public clouds. More commonly used, especially by cities, public clouds offer a way for multiple organizations to store their data and applications in the same place—securely.
  • Private clouds. Less commonly used, private clouds are instances in which a single or small number of organizations store their data and applications in a data center and access their applications and/or data from outside locations. Whether you own or lease the equipment, you know that the machines being used are only used for you or a small number of organizations.

Whether it’s a public or private cloud, your data and applications are accessed over the internet. But why go with the cloud?

Public clouds are a great solution for cities because the cloud providers have implemented redundancy (e.g. power, Internet connections, etc.) and security measures that a city simply cannot afford. This means better maximum uptime and a lower risk of a security breach. It also means a much lower cost than running your servers in-house. When cloud providers like Amazon, Google, and Microsoft are running cloud infrastructure, believe us when we say nobody has more resources to invest in redundancy and security than these companies!

The cloud also makes it easier for you to access your data and applications from anywhere on any device. It removes your dependence on hard-to-use VPN connections and other remote access technology that’s becoming more and more obsolete every day.

While it seems like the cloud moves your data farther and farther away from you, the public cloud has really existed since the beginning of the Internet when people started using email. When you think about it, any kind of web based email is actually a cloud application because you access the service over the Internet without needing to maintain your own servers.

An increasing percentage of technology that we use every day is moving to the cloud. And this is a good thing because of its increased reliability and security. Don’t be afraid of the cloud. Despite bad press when there is a rare incident with a cloud provider, the reputable public cloud providers have an outstanding security record (as seen by many government organizations using them). If you follow some basic rules for security (such as having good passwords), your chances of having your data compromised through the cloud are very low.

To learn more about the cloud, please contact us.

Friday, November 07, 2014
Dave Mims, CEO

There might seem to be a wide disconnect between how you run your network infrastructure and how you serve citizens. Servers are one thing, service is another. But they are more tied together than you’d think at first glance. That’s because the quality of your technology infrastructure affects:

  • How fast you respond to citizens.
  • Having the right information on hand when you respond to citizens.
  • The safety and security of your information.

We write quite a bit about our preference for cloud hosting as the preferred infrastructure when possible, so we won’t reiterate those details. The slant of this post is to get you thinking about the state of your technology now and how it might affect the quality of your relationships with citizens.

Here are some common technology problems we see at cities that end up negatively impacting citizen relationships.

  1. Too many software systems. When citizens call in with requests or inquiries, their information might get stored in one piece of software. Then, they may interact with another department with different software and the citizens have to repeat their information all over again. You might experience that frustration as a customer when calling up large banks or cable companies. A technology assessment allows you to take a look at your environment, potentially reduce and consolidate software, and save money in the process. Once consolidated, you’ll find that your citizen service (related to information collection and access) increases.
  2. Scattered and fragmented information. Have you ever looked up information about citizen requests and inquiries like a detective? Maybe you hunt through several databases, search through your emails, and even ask people with years of institutional knowledge. Document management systems, citizen relationship management software, and other solutions exist that can help your city centralize information. It often takes a lot of work to centralize that information and migrate it to a consolidated system, but that effort pays off in the long-term by improving your efficiency and citizen service.
  3. Outdated software. It’s all too common that many cities use software that is just simply too old to handle the modern demands of the Internet and mobile devices. You’ve probably experienced technical support calls where the person helping you has to waste valuable minutes waiting for software to load. Or you’ve experienced retail stores where a clerk can’t help process your transaction because their computer froze. It’s embarrassing when old, outdated software slows down or prevents you from serving citizens. A technology assessment can identify weak points and suggest more modern options that will help you improve service.
  4. Citizen service access limited to normal office hours. The Internet and mobile devices have shattered the notion of the 9-5 workday. Yet, many cities still limit their services to a 9 a.m. – 5 p.m. schedule. What if citizens report issues or problems before or after hours? What if they start up conversations on social media? What if they want to pay a bill or join a committee while at home, at a coffee shop, or while traveling? The cloud allows cities to adapt their underlying technology to a mobile world. Once essential hardware and software resides in the cloud, both citizens and city employees can access important information and applications while on the go, anytime/anywhere, from any device.
  5. No visibility into citizen data, patterns about problems, and signs of opportunity. Without centralized data collected and stored in modern software, cities run the risk of failing to generate reports that may identify problems with citizen service or signify opportunities to improve service. Older software (especially if it’s siloed and separated from other important data) can limit the amount of reporting you can do. While it still takes some time to identify what data is important to you and what you want to report, it’s best to start thinking about collecting data that allows you to identify problems long before citizens storm a council meeting or you realize you’ve been underpaid in revenue by citizens, cable companies, or lodging providers.

If any of these points hit home, we recommend at least conducting an assessment to identify areas of highest opportunity for improvement. You may have a limited budget, but if service is crippled or you’re failing to collect revenue from lack of insight, then you’re losing money anyway. Remember, it’s your highest priority to serve citizens. They are your customers. No matter how great your city staff treats citizens, if technology fails, then your city staff fails. Great technology supports great service, and we hope you now better see the connection between the “boring” back end technical side and the excitement of successfully serving a citizen.

To talk more about assessing your technology, please contact us.

Thursday, October 30, 2014
Alicia Klemola, Account Manager

While there isn’t a debate anymore about the benefits of cloud hosting, governments and businesses still balk at moving into the cloud. A recent article from Marketplace highlights a few of those legitimate concerns from various government organizations that have made the shift along with various privacy experts sounding off.

Any remaining objections usually come down to two points: 

  1. Is the cloud secure?
  2. Does the cloud follow all privacy laws?

From here, organizations usually talk themselves into the false sense of security that comes from sticking with their own onsite servers or those they own or lease at a data center. But cloud hosting can overcome these two objections. In fact, the Marketplace article even states that Australia, a country with some of the strictest privacy laws, has moved into the cloud. They wouldn’t do that if it wasn’t secure.

Let’s look at some of the key reasons why cloud hosting is worth considering, starting from the two objections and then expanding out into a few other points. 

1. The cloud tends to be more secure than your onsite servers or servers co-located at a data center.

We’ve written before about a false sense of security that goes like this: If you can see your own servers, they must be safer and more secure. In the article, the CIO of the state of Wyoming says, “Folks say, 'It’s more secure because I control the server.' Well, yeah, but I can pick it up and walk out to my car with it. And that citizen data isn’t secure anymore.” Companies like Microsoft, Google, and Amazon host your information in cloud data centers that are like fortresses. From physical security to information security, they have the most industry-leading resources on hand to protect your data—resources that you or smaller data centers simply lack.

2. Cloud hosting providers are usually reputable as a result of their reliability and following strict legal and regulatory compliance.

When so many large organizations now rely on the cloud, that means those organizations have forced cloud hosting providers to be competitive. That means upholding strict service level agreements (SLAs) and following legal and regulatory compliance to a level unmatched by any other hosting entity. If absolutely needed, they can even carve you out private clouds or create you an onsite cloud. With multiple Internet connections, massive amounts of redundant backup power, and data spread out across different cloud hosting facilities across the country or world, cloud hosting providers give you the best assurance of reliability and privacy to date.

3. Cloud hosting providers ensure even better data backup and disaster recovery than onsite servers or data centers.

Because cloud data is accessed from any device, it’s hard to lose data or a place to access it. Cloud hosting providers offer such robust reliability and uptime that it’s extremely rare for them to lose your data. While losing power or an Internet connection may prevent you from accessing your data, you won’t lose it. As a result, cloud hosting adds to your data backup and disaster recovery resources, meaning you can rebound from a bad weather event, fire, or theft much faster.

4. You can access data anytime or anywhere.

Because cloud hosting providers require strict yet easy-to-set-up permissions for only authorized users, you can breathe a sigh of relief when employees access business data from home or through their mobile devices. Traditional servers or data centers require that employees only access data while at the office or through difficult-to-use VPN connections. With the cloud, your employees can work from anywhere as if they’re at the office—without losing one iota of security or privacy.

5. Moving to a cloud hosting provider usually cuts your costs significantly.

Think about it. No more onsite hardware to purchase or maintain. No more data center servers to buy or lease. So why does the cost of shifting to a cloud hosting provider drop so much? Think of cloud hosting like a utility. Is it more cost-effective to buy your own electricity generators, or to use the collective power of an energy company that provides you electricity for a low cost due to the scale of their operations. Cloud data centers work the same way. By storing data in cost-efficient ways at such large hosting centers, those hosting centers pass on the cost savings of scale to you because they are more efficient than any onsite servers or data centers you could use.


We encourage you to ask cloud hosting providers and vendors your toughest questions about security, privacy, and reliability. Better yet, find their biggest and most conservative customers—the ones who would have the most privacy concerns—and hear what their business stakeholders and technology experts have to say. Like the CIO of Wyoming in the Marketplace article, you’ll find that many people have thought through most of these concerns—forcing the competitive cloud hosting providers to deal with these issues. The good news? You now benefit from any trial and error that occurred many years ago when this technology first started out, and you can slash your costs while upping the quality of your technology infrastructure.

To talk more about cloud hosting, please contact us.

Thursday, October 30, 2014
Nathan Eisner, CMO

Seemingly every day, a news story breaks about yet another security breach and more data stolen from an organization. We hear about big organizations such as Kmart and government operations such as the Oregon Department of Employment, but we don’t often hear about smaller organizations. Because hackers pick easy targets, smaller cities are even more at risk than larger entities. And that’s a major driver behind Kentucky’s House Bill 5 that our CMO, Nathan Eisner, recently spoke about during a talk at the Kentucky League of Cities annual conference.

Nathan Eisner talks to KLC about cyber security 

The language of House Bill 5 is quite clear and includes the following provisions:

  • Requires public agencies and nonaffiliated third parties to implement, maintain, and update security procedures and practices, including taking any appropriate corrective action to safeguard against security breaches.
  • Requires public agencies that maintain personal information to notify persons impacted by security breaches.
  • Requires that public agencies establish reasonable security and breach investigation procedures.

While specific to Kentucky, House Bill 5 is reflective of similar legislation and expected best practices around the United States. So, cities must take reasonable steps to protect their data and, in the event of a security breach, notify affected parties. This situation makes security much more urgent for cities, but they often ask us, “What now? How do we protect our data?” Those were common questions we heard at Nathan's conference session on cyber security.

KLC Session on Cyber Security

The good and the bad news is that many methods of shoring up security are easy. Good because fixes are relatively easy to implement. Bad because it suggests that the biggest threat to most cities is your own staff. A little education goes a long way toward making your staff—both your IT and non-IT employees—aware of activities they can do every day to make sure that your city stays as secure as possible.

Here are some areas you can tackle immediately.

Passwords

A recent study by a technology research company in California found that one out of three people had their passwords written down somewhere around their desk. Many people used obvious passwords such as a child’s name, pet name, college mascot, birthdate, etc. Overall, researchers figured out passwords for 50% of the people in the study. Before you laugh, ask yourself, “How secure are your city’s passwords?”

To make sure your passwords aren’t opening up major security holes:

  • Do not write passwords down and leave them lying around.
  • Use a password on all of your devices including your computer, smartphone, iPad, etc.
  • Do not use obvious passwords that are easy to guess.
  • Use long and complex passwords with uppercase and lowercase letters, numbers, and symbols.
  • Do not save passwords to websites and applications on your Internet browser.
  • Rotate your passwords periodically.

Virus Attacks

A few years ago, a city finance officer was contacted by their local bank. Wire transfers in the amount of $90,000 were attempted from the finance officer’s computer. Compromised by a virus, the computer was remotely controlled by an outside party. Luckily, the local bank’s fraud prevention efforts saved the city from any significant financial damage. But imagine if the transactions had been allowed to complete. The city and the bank would have had to spend money on legal action and recouping any financial loss. That’s real money lost—all because of a simple computer virus.

To combat viruses, we recommend that you:

  • Install antivirus software on every computer.
  • Audit your antivirus software regularly by confirming that it’s installed and licensing is up-to-date.
  • Educate your staff about the common sources of viruses such as email attachments and websites.

Data Backup

Last year, we heard about a city’s server that became infected with a virus. That server contained the city’s financial system. The city’s backup system failed to recover the data. The city had backed up the data, but they did not test their backups. And what happened? They lost 13 months of financial records. To get that data back, their only recourse was to hire contract labor to re-enter every transaction manually. Talk about a lot of significant unplanned expenses!

With data backup, start by asking some important questions:

  • What data is critical to your city?
  • How will your city be affected when that data cannot be accessed for extended periods of time?
  • How will departments such as public safety function without access to their data?

Once you get a better sense of your data needs and priorities, apply the following best practices.

  • Perform onsite backups of important city data.
  • Perform offsite backups to recover your data from events like theft and catastrophic disasters.
  • At a minimum, back up your data daily.
  • Remove human interaction—and reduce error—by automating your data backup.
  • Plan what you will do in a disaster, such as a fire or tornado.
  • Test your backups regularly.

Security Updates

Recent studies have shown that

  • 80% of cyberattacks can be prevented by keeping computers up to date.
  • Applications like Adobe Reader and Java are more likely to be exploited than Windows.
  • Most people ignore messages on their computer about installing updates.

To stay up on security updates, make sure your IT staff or vendor ensures the following:

  • Let those updates run on people’s computers. Make sure your employees don’t ignore them.
  • If you have servers, make sure your IT staff or vendor updates them.
  • Upgrade any applications that have reached “end of life”—which means that the software is so old that the vendor has stopped supporting it.

Physical Security

Don’t forget the old-fashioned way of stealing! Protecting city data also involves protecting physical equipment. A stolen backup drive or a disgruntled employee with a USB stick can be just as harmful to your city as a hacked computer. To tighten up your physical security:

  • Have employees lock their computers when away from their desks.
  • Ensure that servers and network equipment are locked up in a secure room.
  • Store any external media such as USB drives or backup tapes in a safe place.
  • Use encryption on your data if possible. If someone does steal your data, it will be useless to them.

Websites

Last year, citizens trying to reach a particular city’s website found nothing but advertisements on it. What happened? The website had been hacked and all of the city’s content was replaced by ads. The hacker found a weak spot by infiltrating the city’s utility billing system through a hole in the online bill pay software. If the problem lingered, a citizen going to the city’s website, thinking it was a trusted source of information, could have been infected with spyware or malware. That citizen’s private information may have been stolen and the city would have been liable.

To ensure a problem like this never happens, make sure you:

  • Ensure that your city’s website is hosted by a reputable provider.
  • Know where your city’s website is hosted.
  • Ask your website’s hosting provider to have your site objectively audited for potential risks by a third party.

Remember, cybercrimes affect all cities—not just the big ones. Be proactive, ask questions, and stay informed. Use this post as a guide to get you started, identify gaps, or check up on any doubts you have with your IT staff or vendor.

If you want to talk more about cyber liability, please contact us.

Thursday, October 16, 2014
John Miller, Senior Consultant

Just when you’ve gotten used to the idea of shifting your servers and software applications to the cloud, you might hear about the option of moving your phone system there too. Many businesses and organizations still rely on landlines or maybe even a Voice over Internet Protocol (VoIP) system that may run on a server in your office or at a data center. Isn’t the phone something distinct from the rest of your data and software? Why would you move it into the cloud?

When VoIP came out many years ago, it primarily stunned a lot of people because it made them realize that phone information could be reduced to packets of data transmitted over the Internet. That meant you could treat your phone system the same way you treat a software application, and you used an Internet connection to communicate with other people instead of landline technology. But VoIP was software and usually required an onsite or data center-hosted server to run the application. With the cloud, you even remove the need for a server.

Despite this advance in technology, you might wonder about the practical reasons for moving your phone to the cloud. Here are some compelling reasons that hit home with the businesses and organizations we work with. 

1. Immediately cut costs.

Without a landline connection, you essentially just pay for an Internet connection. Because landline equipment is expensive to maintain, landline providers pass on that cost to you. And if you use traditional VoIP, you’re paying for server hardware and maintenance. Cloud phone systems just need an Internet connection (that you already have and pay for), and you often set up the system in minutes. With no hardware or equipment costs getting in the way, your phone costs go way down.

2. Quickly fix problems and add features.

Landline providers move extremely slowly— to implement your service, to repair equipment, to fix problems, to resolve issues, and to add features to your service. Cloud phone systems are maintained in cutting-edge data centers, and there is very little to implement or fix. Problems are often just glitches resolved in minutes, and features can be added in the same amount of time. True, traditional VoIP service also benefits from quick problem resolution and added features, but the cloud can be even faster because your IT staff or vendor are not spending time maintaining your VoIP servers.

3. Receive all of your communications in one place.

Cloud software simply has advantages that landlines lack. Because landlines do not transmit Internet data, they cannot integrate phone data with your software. Cloud phone software sees everything as data. That means voicemails, faxes, text messages, multimedia, and emails can all go to the same place in software such as Microsoft Outlook. Traditional VoIP does this too, but cloud phone software data can be even simpler to set up, integrate, and manage.

4. Add and subtract numbers and features with a click.

Landlines make it difficult to scale up and down. Usually, you’re locked into a set number of lines and features and it can be difficult to change quickly. To help with scaling up and down as your business and organization grows and shrinks, cloud phone software allows you to add and subtract phone numbers and features with a simple click. Your monthly fee adjusts based on what you actually need—and you’re not locked in based on what you were sold.

5. Take your office phone with you everywhere.

Cloud software makes it extremely easy to essentially carry your office phone with you everywhere. That’s impossible with a landline. With cloud phone software, you install a mobile app that connects to the software from anywhere. Access the mobile app, and then any call that comes into your office number rings your mobile phone. This helps businesses and organizations make it easier for employees to work remotely, keeping personal and professional phone data separate.


Some businesses and organizations might still need landlines for critically important functions that need to stay up if power goes out, such as 911 call centers. Otherwise, for most common business needs, cloud phone software is a compelling option. If you’re still happy with your traditional VoIP system, you may just want to do a cost analysis to compare it against cloud phone software. Similar to other cloud software, you might find an additional cost savings in getting rid of hardware, giving employees more mobile flexibility, and making it even easier for your IT staff or vendor to manage your phone services.

To talk about cloud phone software in more detail, please contact us.

Thursday, October 09, 2014
Brian Ocfemia, Technical Account Manager

Matching our experiences with watching cities embrace the cloud, we liked a recent August GovTech article that outlined the thoughts of technology leaders from the city of San Francisco to the state of Delaware. While each government entity’s challenges are complex and unique, they all agree that moving to the cloud is helping them with many essential business and operational functions.

While it can seem like the needs of extremely large cities and states don’t necessarily relate to small and medium cities, we find that the article included several aspects about the cloud that can impact your city’s budget and operations. Here are some important points we’ve extracted from this article that will convince you to take a closer look at the cloud if you haven’t yet shifted over from a more traditional setup.

1. Your investment is an operational expense, not a capital expense.

Paying from month to month eases the burden of what used to be a multi-year capital expense commitment for servers and licenses. Moving data and applications to the cloud works more like a utility that you turn on rather than equipment you buy. We’ve seen many small and medium cities reduce their technology expenses and get rid of expensive hardware by moving to the cloud.

2. You can add or subtract users, and add technology resources with a click.

Scalability and flexibility for your business needs directly impacts your bottom line. Traditionally, cities tended to get locked into a certain number of software licenses and technology features. If you purchased it, you couldn’t get rid of it until the contract ended. With the cloud, you can add or subtract users depending on your real-time staffing needs, which helps if you suddenly gain a burst of employees or have to let many go. Also, it helps if you can turn off certain features or tools in the cloud and only use them when you need them—trimming costs while doing so.

3. You can set up your cloud technology quickly.

Without hardware installation and configuration, you can often set up your cloud technology over the Internet in hours. We often help set up a city’s applications, storage space, document management, or website rather quickly. Data migration from old systems may still take a lot of time and planning, but the cloud technology and tools are ready to go as soon as possible. Configuration takes place in easy to use dashboards, allowing your IT staff or vendor to get you set up in the cloud almost immediately.

4. Your employees can access the cloud through mobile devices.

The cloud makes it easy for people to securely access files, documents, data, and applications without having to be at the office or use difficult VPN connections. It’s becoming more routine and expected for people to access data remotely when they work from home, travel, or stop at any place with public wireless access. The cloud allows you to provide that mobile access with ease while keeping data secure.

5. You still have options to protect your most sensitive data in-house.

We often hear, “But we have sensitive data that we absolutely cannot risk by having in a public cloud.” While public clouds are often more secure than any IT environment you can set up, we understand that cities may be wary about extremely sensitive information going into the cloud. Cloud providers offer many hybrid options including private clouds (meaning that you have your own cloud network walled off from any other data) or simply keeping certain servers locked down and secure in-house if you absolutely don’t want that data in the cloud. For the rest of your data, you can still take advantage of the cloud’s cost savings and benefits.

If you’re still wary about the cloud, articles like the one in GovTech should reassure you that major cities and states would not move to the cloud if they haven’t already evaluated the major risks. We encourage you to explore your options by talking to an IT professional or service provider experienced in working with municipalities. They should have experience with crafting hybrid cloud solutions for municipalities so that you know they are looking at your situation objectively (rather than applying a cookie-cutter cloud solution). The cloud can save you a lot of money, offer you more flexibility, and still provide you the data security you need.

To talk about the cloud in the more detail, please contact us.

Thursday, October 02, 2014
Nathan Eisner, CMO

A recent story reported in PC Magazine and other news outlets talked about a vicious form of malware that affected many retail point of sale systems. The most disturbing fact? Up-to-date antivirus and software patches failed to prevent this malware from taking over the point of sale systems, stealing information, and wreaking havoc.

Stories like these tempt small businesses and city governments to throw up their hands. If antivirus and patching can’t prevent malware and hackers stealing information, then how can you really secure yourself?

In fact, there’s plenty you can do. A common misconception is that antivirus serves as the be-all-end-all solution for protecting your information. But antivirus is only one tool to prevent such dangerous attacks. Here are some others. 

1. Back up your data, both onsite and offsite.

The best defense is often having a plan in case the worst happens. If your data is stolen, held for ransom, or corrupted, then you need to have an automated onsite and offsite data backup and disaster recovery solution in place. No antivirus software is perfect. Even if it’s a rare event, there is always a chance you can get hit by a virus. If a computer or server is so infected that it needs to be wiped clean and decommissioned, it’s essential that you have that data backed up. 

2. Train employees about phishing and malicious links, emails, and attachments.

All of the antivirus software in the world won’t prevent a virus if an employee clicks on a malicious website link or opens a suspicious attachment. Hackers and cyber criminals play on the human factor. After all, if a person gives them permission to access company or government data by clicking on something, they are inside your gates at that point. The more your employees show wariness and caution about suspicious links, emails, and attachments, the less chance that a virus will creep past your antivirus software.

3. Build strong network security.

While your antivirus software might be great, it has to work overtime when many virus attempts are getting inside your network. Perform a network assessment to judge the strength of your firewall, the ease or difficulty of unauthorized user access, administrator password strength, and wireless access points. If your network security is weak, the chances of an attack succeeding are much greater because more threats are getting inside your network. Even the best antivirus software shows its weakness when too many threats hit it at once on a daily basis.

4. Use enterprise antivirus software with people managing it.

Off-the-shelf antivirus software installed ad hoc on people’s computers is simply not good enough for businesses or government. Enterprise antivirus software is managed by people. Because businesses and government entities are such high targets by having intellectual property, money, and sensitive data potentially exposed, the stakes are higher. When IT professionals are helping managing your antivirus, they can more easily spot red flags and respond to virus attacks immediately. They stay on top of virus threats in a way that individual non-technical users simply can’t do. 

5. Encrypt your data.

Even if hackers can access your data, encryption can make that data useless to them. Many high profile data breaches in the past few years were made worse when the data stolen wasn’t encrypted. Compared to the cost of data loss, fines, and emergency remedies, the cost of encrypting data is quite a bargain. Especially for your most sensitive information, encrypting data on your servers and computers is essential and a great way to frustrate hackers.


Despite the fear of malware attacks that crippled organizations like UPS and Supervalu, there is more to protecting your network than simple antivirus. To take next steps, we recommend assessing the strength of your data backup, network security, and encryption. Shore up any holes. Then make sure that IT professionals are managing your antivirus while complementing that service with employee training that mitigates the risk of someone clicking on an attachment with a virus. By applying a more holistic strategy, you’ll up your cyber security and decrease your cyber liability.

To talk about cybersecurity in more detail, please contact us.

Thursday, September 25, 2014
Clint Nelms, COO

IT vendors are both an expensive investment and a commitment. Like any relationship, a good IT vendor is often hard to find but it’s a great thing once you find one. And like any relationship, there are signs indicating when it’s bad, and when it’s good.

I know. We’re an IT vendor, so you might be a bit suspect if we were to share our four signs of when you should break up. Instead, we’ve collected specific points and complaints that we’ve heard from actual city decision makers from a large number of sales meetings this year. These insights include customers, prospective customers, and other decision makers who have had good and bad experiences with IT vendors.

Here are the things they point out as red flags. If you’re seeing these signs repeatedly, then city decision makers nearly all say you need to look for a new IT vendor. 

1. Your IT vendor confuses you with too much technical language.

We often hear, “If you ask our IT vendor for the time, he tells you how to build a clock.” Great IT vendors speak to you in concise, relevant business terms. That means taking something complex and making it simple. Or simply just sharing the bottom line about a particular issue. Throwing around too much technical mumbo-jumbo isn’t a sign that your IT vendor is brilliant—it’s a sign that they’re likely hiding behind confusing language and not explaining or understanding your business problems correctly.

2. Your IT vendor blames and passes on responsibility to other vendors.

We’ve written about the discipline of vendor management and why it quickly becomes one of our most popular services for our customers. We make sure other vendors stick to your business requirements, ensure proper installation and configuration, and work with vendors on technical issues. Bad IT vendors will routinely blame other vendors for IT problems, throw up their hands, and say that the hardware or software vendor needs to fix the problem themselves. It’s a classic complaint about IT service providers. Instead of working with software vendors when there is a problem, they point the finger at the software vendor and say. “It’s their problem, not mine.”

3. Your IT vendor always wants you to buy something.

Many IT vendors often get your business because they seem so cheap. Then, once they’re inside, they start telling you, “That costs extra” when you thought many services were included. They may also try to sell you hardware, software, or other products as a remedy to a real technical issue. It’s another classic complaint. Many IT providers make money from reselling hardware (or worse, from building and selling their own hardware). The best IT providers simply provide services without trying to upsell you at every given opportunity.

4. Your IT vendor implements their own policies instead of working in partnership with you.

A good IT provider listens to your city when implementing any technology-related policies that affect your operations (such as security policies). That requires true consulting—working with cities to craft policies tailored to your organization. Unfortunately though, many lazy IT vendors simply implement a standard policy without discussing what your city considers appropriate. This situation can result in your staff unable to fully function because they are locked down too tight by an arbitrary policy that may not fit your organization.  


The common theme of these red flags isn’t surprising. These bad IT vendors simply don’t listen to you, they don’t do the hard work of strategizing and customizing their services to your needs, and they don’t accept the responsibility of creatively and efficiently solving your technology problems. Instead, they try to cut costs through shortcuts and cookie cutter services that may do you more harm than good. Look instead for an IT vendor that listens to you, crafts services around your needs, and accept the responsibility of managing your IT environment—including working with other hardware and software vendors to resolve problems.

To talk more about selecting the right IT vendor, please contact us.

Thursday, September 18, 2014
Dave Mims, CEO

Mr. Stan Brown, City Manager, Oakwood, GAAs you or others you know have probably experienced, tablets (such as Surfaces, iPads, Nooks, Nexuses, etc.) have entered our lives as a way to both increase our productivity and entertain us. They are easy to use and provide many of the same functions as traditional desktops or laptops—without the hassle. Because tablets provide you on-the-go email, document access, and Internet access, we find they are also becoming essential productivity tools for mayors and council members, as well as others involved in council meetings.

In fact, we've heard over and over that cities want tablets—especially for elected officials. Based on this feedback, we’re happy to announce that IT in a Box will include tablets for council members.

So, why tablets? And why IT in a Box? With IT in a Box tablets, you’ll experience the following benefits.

  • Go paperless. Tablets help eliminate the costly, burdensome process of your city printing and delivering paper meeting agendas and related documents.

  • Enjoy the ease of modern technology. Access agendas, documents, the Internet, and other productivity tools with a swipe of your finger.

  • Mr. Andrew Hartley, City Attorney, Georgetown, KYTake your IT in a Box tablet wherever you go. IT in a Box tablets aren’t just for council meetings. Carry your tablet everywhere for secure, anywhere / anytime access to your city email, calendar, Internet, documents, and more.

  • Keep your data secure and protected. Keep your data secure and protected with the latest antivirus, antispam, software security patching, and automated tablet maintenance—all included with IT in a Box.

  • Be prepared for open records requests. Your city email account clearly separates city business from your personal email, making it easy to respond to open records requests.

  • Enjoy full 7 days a week IT support. Technical issue? We’ll support you whether you’re in the office, working from home, or on the road—7 days a week.

  • Microsoft productivity software included. IT in a Box tablets come with commonly used software such as Microsoft Outlook, Word, Excel, OneNote, and more.

  • Full Windows 8.1. Run the same applications from your tablet that you do on your desktop or laptop!

Mr. Jim Windham, Councilman, Oxford, GAAt this time, we are currently piloting the use of IT in a Box tablets and collecting feedback to make this service even more effective for you before rolling it out.

A big thank you goes out to Mr. Andrew Hartley (City Attorney at Georgetown KY), Mr. Stan Brown (City Manager at Oakwood GA), and Mr. Jim Windham (Councilman at Oxford GA) for signing up to be our early adopters (aka testers). Each represents a vital role in council meetings, so gaining their feedback and perspectives will be very beneficial. We plan to fully roll out the IT in a Box tablets in January 2015.

To learn more about this service, please contact us

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 |
Contact
Contact a Sophicity Consultant Now To Find Out How We Can Help Reduce Your IT Costs Go
bottom