CitySmart Blog

Thursday, June 25, 2015
John Miller, Senior Consultant

John MillerIf you work for a larger city, you might understand why hackers target it. The size of an Atlanta, a Lexington, or a Little Rock attracts a lot of cybercriminals, but those cities also spend a great deal on resources to defend themselves. We often hear that hackers should consider smaller cities to be so inconsequential that these cybercriminals wouldn’t bother attacking them.

Wrong.

The media only reports on the biggest hacking and data breach cases, leading many of us to think that only large government organizations get attacked. But many data and cybersecurity breaches occur at smaller cities that go mostly unreported and unnoticed.

So why do hackers go after your small cities? Here’s why.

  1. Hackers look for easy targets. Similar to the mentality of burglars or robbers going after unarmed, defenseless people or breaking into cars with visible valuables in them, hackers often see small cities as easy targets due to relatively unsophisticated security. It’s the same reason why individual computers without proper firewalls or antivirus software usually become compromised. With so many cities in the United States, hackers are betting on the chance that their security is not up to snuff.
  2. Smaller cities unfortunately often do have weaker security. It’s unfortunate that cities often live up (or down) to a hacker’s expectation. Vulnerable hardware, software, network equipment, wireless access points, physical security, and weak points are usually more frequent at a smaller city that hasn’t taken the time to examine its security weaknesses. If the probability increases for hackers to exploit these smaller cities, hackers will target those cities.
  3. Smaller cities tend to forget about internal security weaknesses. Many smaller cities at least invest in a firewall and some antivirus software. Usually, that will take care of many external hacking threats. But what about internal threats? Many data breaches are the result of weak server and computer passwords, users given access to data that they should not be authorized to access, and employees clicking on malicious websites and email attachments. Without also addressing the sources of internal threats, your city will be incredibly vulnerable to an attack.
  4. Smaller cities often have vulnerable, open wireless access points. Often overlooked, unsecured and unencrypted wireless access points are easy points of entry for hackers. Larger cities might have more physical obstacles that make it hard to sniff out any wireless access points, but smaller city buildings are usually modest in size and easy to get near. You need to secure and encrypt all wireless access points to shore up this weakness.
  5. Smaller cities often don’t have IT staff or a vendor providing ongoing, independent monitoring and maintenance to look for security anomalies. Again, if cities just have a firewall focused on external threats, it’s like having a guard only watching for intruders that approach a building—rather than understanding if something is going on inside a building. Independent monitoring and maintenance identifies and raises red flags about both internal and external attacks. Unusual repeated log-in attempts, abnormally high data usage, or unidentified users accessing data should alert your IT staff or vendor. They will then flag these events as possible security risks and investigate further. Without that kind of internal, as well as external, monitoring, you might miss an attack that originates from inside your city.

Hackers bet on your probable lack of security. For a quick assessment, ask the following questions that we posed in a recent webinar:

  • Are my passwords strong enough to prevent hackers from stealing city information?
  • Is my city at risk for getting a computer virus that allows hackers to steal information?
  • Is outdated software and a lack of regular software maintenance leaving me open to a cybersecurity attack?
  • Is my technology physically protected from unauthorized people stealing data or equipment?
  • Is my city website secure and hosted by a reputable provider?

More questions about the state of your cybersecurity? Reach out to us and we’ll help give you some answers.

Thursday, June 18, 2015
Brian Ocfemia, Technical Account Manager

Brian OcfemiaIf you owned a restaurant where the power continually went out, fires constantly erupted in the kitchen, and food always went bad, you could approach this problem in two ways. You could mess with the wiring every time, use the fire extinguisher every time, and throw out the bad food every time, doing the best you can to work around these obstacles. Or, you could investigate and remedy the root cause of the power outages, the fires, and the bad food so that these problems went away for good.

Obviously, you would choose the second approach. However, many cities unfortunately put up with information technology that parallels the first approach. Servers fail. Your website constantly goes down. Your tape backup never seems to work. Many cities just put up with these ongoing problems, moving from fire to fire. And some IT vendors are good at keeping many cities at the fire level, billing for these constant, ongoing issues without ever really curing them for good.

These kinds of problems affect how you serve citizens and how much work your employees can accomplish each day. Fighting fires every day is unwise for our restaurant owner, and it’s unwise for your city. Here are some steps your IT staff or vendor needs to take in order to cure your IT problems for good.

  1. Set up an ongoing IT monitoring and alerting system. Most IT staff or vendors use some type of monitoring and alerting software, but the quality and rigorousness can vary. Make sure your monitoring and alerting software gives you deep data that uncovers problems such as performance issues, outages, downtime, and security risks. At the same time, you don’t want software that gives you too much noise that confuses rather than clarifies any issues that arise.
  2. React to alerts, and collect data about how you fix them. Similar to what any IT vendor will do, you will react to any urgent alerts and remedy any problems impacting your city. At the same time, alerts will surface that indicate issues on the horizon. It’s at this point that you will be able to proactively address problems based on what the monitoring and alerting software is telling you. Usually, we attack a lot of urgent and near-term issues early on when working with cities that previously had a more reactive IT staff or vendor.
  3. Look for patterns in the problems you’re fixing. This is where the restaurant analogy comes into play. The difference between a below average and above average IT staff or vendor is usually at this step. You’re looking for deeper causes to ongoing problems, and that means investigating deeper than just fixing an immediate issue. An IT professional will start taking a deeper look at hardware, software, network equipment, wireless devices, Internet and phone connections, and mobile devices.
  4. Fix core problems. Your IT staff or vendor might report to you that repeated server failures are symptoms of a server over five years old that will continue to fail due to age. Corrupt data backup tapes may show symptoms of a cheap, outdated, and unreliable form of data backup that can’t handle the current demands of daily city information. A website constantly going down may indicate that it is old and poorly built compared to modern websites. Core problems then get addressed by fixes that are permanent, not temporary, such as moving your data and software applications to the cloud, upgrading to an automated data backup system, or launching a new website.
  5. Monitor, fix, and repeat. Once you fix your various glaring core problems, it’s tempting to think you’re fine and let your eye off the ball. But information technology monitoring and maintenance is an ongoing process that requires professional vigilance. Your goal is to see as few problems as possible, but hardware, software, and equipment will always grow older and experience problems and glitches. Staying on top of these problems is the best way to keep city operations smooth and to maximize your original IT investments.

While some cities may think that spending money on continuous monitoring and maintenance is expensive and overkill, especially when they don’t experience IT problems anymore (which is good!), just think of our restaurant example. We’ve all experienced certain businesses that just “get by” or eventually go out of business if they can’t take care of their core problems. While cities can’t go out of business, they can certainly inhibit good business by flailing around with solvable IT problems. Put out your IT fires for good, instead of dealing with a daily dose of fires every day.

Questions about your city’s IT monitoring and alerting? Drop us a line.

Thursday, June 04, 2015
Nathan Eisner, COO

Nathan EisnerWhile it’s important to prepare for disasters, many forms of data loss occur from common, everyday scenarios. However, we find that many arguments for the importance of data backup and disaster recovery focus on “big fear events” such as fire, tornado, or flooding. True, those things do happen with enough frequency to be concerned, but it’s often easier for cities to put off investing in data backup because these scenarios seem rare and unlikely.

But there are more common data loss culprits. More situations exist that can literally happen at any second that increase your city’s risk of data loss every day. If you’re not protected against these extremely common scenarios, then you’re placing your city’s data at extreme risk.

What kind of data loss scenarios are most common? Here are just a few.

  1. Employees deleting files or data by accident. Employee error is the most obvious and common form of data loss. In cities with poor data backup policies, files are sometimes only stored on one person’s computer. In other cases, important software systems may hold data on a server where an employee accidentally deletes something like important billing information. If you don’t have a good onsite and offsite data backup system, these employee errors could lead to permanent data loss.
  2. An employee accidentally downloading a virus. This situation can happen even to the best of us. The scary thing about viruses is that even with good antivirus software, an employee can still click on a malicious website or email attachment and let a virus in—similar to letting a thief in through the back door of a building. While good antivirus software may still protect you after the virus is downloaded, viruses often result in deleted or stolen data from servers and computers that need to be quarantined. You need to prepare for the worst case scenario for any virus situation.
  3. A power outage. Power outages especially place your data at risk if you are maintaining your own IT environment and do not have proper data backup equipment and procedures in place. Most data centers have backup generators that keep servers running while a power outage is assessed and fixed in order to maintain business continuity. Cloud data centers are even better, where multiple data centers across various geographies replicate your data so that a power outage in one data center doesn’t mean total data loss or lack of access. If you maintain your own servers and computers without proper data backup processes in place, you risk losing data.
  4. Server, computer, or device failure. Too many cities still improperly store and thus improperly back up their data. Instead of centralizing data storage on servers (either onsite, at a data center, or in the cloud) and backing up that data, important data is still stored on individual computers or mobile devices. Computers and mobile devices fail, and employees damage or lose them. That means any data stored on those devices is gone. Server failures without onsite and offsite data backup also place your city at extremely high risk of data loss.
  5. Untested data backup media. Cities that still use tape, external hard drives, or some other form of manual, portable data backup media often do not perform data backups on a regular basis or test those backups. This situation often sneaks up on cities. You actually think you’re doing the right thing. But then, when you lose data, you find out that a city employee hadn’t backed up your data for two weeks. Or, you start restoring the data and you find that 75% of your backup media is corrupt and won’t work. If you’re not testing your data backup, you’re risking data loss.

Having served cities for many many years, we can attest that these scenarios are unfortunately common. Like insurance, cities need to protect their data and ensure that city operations do not shut down merely because of a simple, common event such as an employee mistake, virus, or server failure.

To talk about data backup in more detail, please contact us.

Thursday, May 28, 2015
Alicia Klemola, Account Manager

Alicia KlemolaLet’s face it. Technology is often a pain, something you struggle against. You want your employees productively working, you’ve got important city business to conduct, and you’ve got that important city council meeting tonight. Like hitting your head against an invisible brick wall, technology can often frustrate you and prevent important tasks from getting done.

What’s more frustrating is that it’s like fighting an invisible enemy. Your IT staff or vendor might give you overly technical reasons for any issues, but all you know is that these issues are slowing down your progress—and possibly even losing you money.

In many cases, this arises from reactive technology support where you’re always putting out fires. Going deeper into the root causes, we find that the following issues are usually the core of what’s wrong—and what you need to fix in order for the fires to stop.

  1. Old, aging technology. It’s easy to think of servers, computers, and other hardware like a car or building. You want to get the most out of your investment, and you want to use it until it dies. The sad reality is that hardware lifecycles for servers and computers tend to be 3-5 years. For laptops and mobile devices, it’s closer to 2-3 years. You may even maintain the hardware perfectly, but the Internet, software, and applications constantly evolve and become more complex than older servers and computers can handle. Those older machines will slow down and cost your city valuable time when they aren’t very responsive.
  2. Inefficiently used software. Over time, many cities accrue siloed software applications that inefficiently help solve key problems. For example, city hall might have a document management system with one or two user licenses. The municipal court department won’t have a document management system at all, but they realize they need one. Or, they may even purchase their own document management system. When there are two pieces of software meant to solve the same problem, there will be inefficiencies, errors, and conflict.
  3. Technology underkill. Another source of continual frustration is when you heavily rely on what little technology you have to take care of all your city’s needs. We understand that cities have tight budgets, but if your website is constantly going down, your servers fail on a regular or semi-regular basis, or you lose data permanently after a disaster, then your lack of technology investment hurts your city. Even more important, a lack of technology investment increases the risk of a cyberattack that can potentially impact your city beyond day-to-day operations and become an embarrassing news story.
  4. No technology blueprints. By blueprints, we mean planning and using technology to think about how you can achieve your city’s goals. When you don’t plan out how you’re using your technology, you increase the risk of experiencing outages, lost employee productivity, and cyberattacks. Beyond crises, technology also helps you think about how to better serve citizens through your website, online payments, or better software to improve services. Involving IT staff or a vendor experienced in municipal IT strategy can accelerate the success of important city projects and objectives.

Once these root causes are addressed, we find that many of the everyday battles and struggles with technology almost miraculously go away. If you feel that only an expensive technology investment can get rid of your current problems, many times the opposite is true. Streamlining your technology and cutting out inessential investments can help you only use what you need to run your city. It’s also a time to consider transitioning many of your expensive technology investments into the cloud, where they are often cheaper, better maintained, and more efficient and secure.

To talk about your everyday technology struggles in more detail, please contact us.

Thursday, May 21, 2015
Dave Mims, CEO

Dave MimsFacebook recently started offering verified page badges for state and local governments. Verified page badges were originally created back in 2013 for celebrities and well-known brands to reduce confusion, fraud, and duplicate content for Facebook users while better protecting the reputation and credibility of celebrities and brands.

As people rely more and more on social media as an important source of information, it becomes clear that state and local governments are subject to the same problems as celebrities and brands. This recent GovTech article provides a good summary of the release of Facebook’s new verified page feature for state and local governments and how to verify your profile.

Savannah Verified Profile

But why should you care? Here are some reasons why you need to establish and verify your Facebook profile as soon as possible.

  1. Your city’s credibility matters. If other cities start to verify profiles and you don’t, your city profile page will not look credible. Plus, if there are fan-created city profiles, parody city profiles, or city profiles attacking you, then people may go to those Facebook pages rather than yours. Even if a Facebook profile page is run by a dedicated “fan” who is trying to be helpful, they could still be posting inaccurate information in your city’s name that your citizens may believe to be true. The “Verified Page” badge will establish that your city’s Facebook page is the official, credible source of information coming from your city.
  2. Verified pages show that more and more people are using social media to get information. The increasing need for verified pages shows that social media increasingly becomes more and more of a serious source of content for people. Social media platforms like Facebook continue to evolve, mature, and serve as a central collection of information for millions of people. Facebook users connect with friends, news outlets, businesses, entertainment, and, yes, government organizations for real-time information on the go. You need your city’s information on Facebook to serve the needs of people there.
  3. Facebook’s focus on state and local governments for verified pages means you need a social media plan. If anything is a wake-up call for your city to create a social media plan, it should be Facebook’s intentional creation of verified page badges for state and local government organizations. It’s a sign that Facebook is meeting an important demand for people, or they wouldn’t waste time with this offering. That means it’s time for you to create or reexamine your social media plan, which includes how you’re using Facebook. Are you providing essential, important, relevant information to your Facebook followers?
  4. You now have more authority to shut down damaging or slanderous Facebook pages. If someone operates a Facebook page that pretends they are your city or if they are misleading people about your city, then it’s easier as the owner of the official, verified version of your city’s page to work with Facebook to shut down misleading unofficial sites. Until you receive your verified page badge, you may have to work harder to prove to Facebook that another site is unofficial and shouldn’t be representing your city.
  5. A verified page comes up first in Facebook search results. Without a verified page, your city may come up in search results with a bunch of other unofficial or irrelevant Facebook pages that make it hard for people to get to your page. But with a verified page, it’s much more likely that your city will be the first or second result that a person sees when typing in the name of your city. That makes it easier for people to search for and access your city’s Facebook page.

From our perspective, the verified Facebook pages for state and local government are an overdue, necessary feature that helps citizens find important information and connect better with the information your city broadcasts. But this also means you need to step up your Facebook game as a city. Think about getting your verified page badge, more regularly sharing important information on Facebook, and engaging more with people on social media. That way, your city becomes even more of a part of your citizens’ lives every day.

Questions about how this whole verification thing works? Send us a note and we’ll do our best to answer.

Friday, May 15, 2015
Georgia Municipal Association

With technology so fast-paced today, cities are pressured more and more to modernize their information technology. But investments in IT infrastructure, websites, document management, and ongoing support all typically add up to a lot of cost. However, the City of Jonesboro knew that it needed a better website to engage citizens, securely stored documents following state records retention schedules that were also accessible anytime/anywhere, and proactive IT maintenance and support that lessened problems instead of just reacting to fires.

In one fell swoop, the City of Jonesboro’s investment in IT in a Box—which GMA constructed as one package to keep the costs of essential city technology as low as possible—gave the city a new, more service-friendly website, removed any worry as to the security and integrity of documents needing to follow state records retention laws, and provided experienced IT professionals that support the city without the costs of hiring additional staff.

Ricky Clark, City Clerk at the City of Jonesboro, took the time to discuss the importance of a website that engages citizens, documents stored in the cloud, and even a “Taste of IT” that shows the human side of GMA’s technology service.

Websites are often the first thing many people see when they research a city. How has your new website improved the way the City of Jonesboro interacts with citizens and web visitors?

It’s more welcoming and inviting, showing we are a friendly, homelike city that’s deeply involved with our residents. The biggest theme that I focused on with the website was transparency. When I arrived at the city, we received a lot of phone calls about things that people should have been able to easily to look up on the website. But the information just wasn’t available. For a small municipality, the key to a tight knit government is having a hands on approach with our residents. With that in mind, I tried to think of any questions that citizens would ask or information that citizens would need. We also included useful features like email notifications. Overall, we helped make useful and important information more transparent and accessible 24/7/365. Having this kind of website also helps with economic development because there are businesses that may want to relocate to your city.

How did your new website also help your staff internally?

Before our new website, we had to send all of our content to our website hosting provider and they posted it for us. That caused a significant delay. With our current website, we upload our own content. No more delays or waiting periods. If we have an emergency or special event that we want to communicate immediately, we can post the information right away.

Talk about how Sophicity supports the city of Jonesboro through its staff and helpdesk, and why that kind of support is important for cities.

If we have an issue, we simply submit a ticket detailing that issue just as if we had IT staff in house. The ticket is put into a queue and then Sophicity’s engineers remedy or fix the problem. What’s neat is that they can fix many issues remotely without traveling to our city. Plus, I like how Sophicity provides us a single point of contact for all of our issues. That makes it easy to communicate with them. We also have tracking capabilities and can escalate an issue if it’s urgent.

Sophicity also knows which software vendors have state contracts, and so they help us get hardware and software much cheaper than if we were to purchase it from a retail store. Just recently, Sophicity helped us get two printers for the cost of one. Plus, my staff doesn’t have time to call different vendors to source any necessary hardware, software, equipment, and parts. Sophicity does all of that for us.

City clerks obviously deal with many documents on a day-to-day basis. Why is modernized document management important, and how does Sophicity help you with that?

We have a document repository stored in the cloud. That’s where all of our information that used to be stored on our onsite mainframe systems now resides. With the different document retention policies that I have to follow as a city clerk, it’s important for me to know that our documents are protected and have some form of integrity all of the time. Sophicity gave us an offsite document repository to store all of our information, so we don’t have to worry about losing documents if our building burned down.

It’s also much easier—and cheaper—to find and access documents. For example, if someone asks me a question about minutes from a 1993 meeting, it’s simple for me to just go onto the document repository online from anywhere and retrieve those documents. No more looking through the paper minute books at the office. Once a city digitizes its files and stores them in the cloud, the sky is the limit as far as searching capability, access, and time savings.

For cities that are hesitant about moving forward to modernize their information technology, what advice would you give them?

Look at it from an analytical standpoint. Total up the amount you are paying for IT infrastructure, document repositories, cloud services, etc. and compare that cost to the cost you would pay per license with IT in a Box. Think of someone’s salary and benefits, and then compare that cost with IT in a Box where you don’t have to worry about additional personnel costs.

Before you knock it, give it a try. At least get a demonstration and see how things work. For example, the cost of a simple website alone will be around $15,000-$20,000 or more depending on how complex you want it. By contrast, IT in a Box provides cities a website and a lot of other great software under one package. And those aspects of the IT in a Box package are going to be the way governments are headed with their IT infrastructure anyway.

As cities know, it’s not possible to have 100% operational uptime, so I feel the best way to handle that situation is to have someone actually maintaining and monitoring your IT 24/7/365. With IT in a Box, you only pay for licenses that you use under your specific plan—and you don’t pay the full cost of salaries for the engineers that help you out.

We heard a rumor about something called “A Taste of IT.” What is that?

To show their support for the day-to-day operations staff at the city of Jonesboro, Sophicity drove down, brought hamburgers, hot dogs, and plenty of other food, and cooked it up for us. It was not only a Taste of IT, but it gave us the face of IT. We saw the faces of the people who were behind making our systems operate from day to day. Our employees and elected officials enjoyed it. Many times in city government, we work with companies but never see them. We simply cut them checks. A Taste of IT proved that Sophicity goes above and beyond to show that they’re thankful for our business. In my book, that goes a long way.

Thursday, May 14, 2015
John Miller, Senior Consultant

As body camera technology becomes more talked about and implemented at cities, it’s easy to focus only on the actual body cameras. But similar to buying and implementing any shiny new toys—whether it’s new software or buying new computers—the purchase of a new technology that’s integrated with an existing poor technology infrastructure will only lead to frustration and risk.

A recent article in GovTech talks about this issue from a cloud standpoint and brings up some important points. But for small and medium cities with few staff and limited information technology resources, we feel there are some higher-level, more basic questions that need to be asked.

  1. Where will you store your body camera data? Just think about the hours and hours of video footage coming from cameras that will be recording during the entire shifts of multiple officers—24/7. If you think normally storing large videos is difficult or expensive, just imagine this data explosion. Luckily, the cost of data storage has come down significantly in the past few years, but that means you need to shop around for a more inexpensive and scalable solution if you haven’t explored your data storage needs in quite some time. If you’re storing data onsite right now, you may want to consider more economical solutions like a data center or a cloud service that others manage for you.
  2. How will you manage, retain, and dispose of the data? The answer to this question involves a full understanding of the law, regulations, and your own internal policies along with using technology to make this data management as easy as possible. Work with IT professionals who understand data and information retention policies so that you keep and dispose of video footage in a timely yet legal manner. You never want to be placed in a situation where you “lost” data or deleted it before you were legally allowed to do so.
  3. Who gets access to the data? This video footage will be some of your city’s most private, sensitive public safety information. Security and authorization will become more important than ever. You need to be clear on who can authorize specific data, and that authorization process needs to be easily manageable. Weak passwords, poorly physically secured rooms, or everyone in a department or office getting admin access is not acceptable with this kind of information. Security measures also need to counter the chances of people hacking into your servers or snatching information away on thumb drives in order to access this video footage.
  4. How will the video footage be accessed? Obviously, searching through hundreds or thousands of hours of video footage is a formidable challenge if you have shoddy ways of storing the data. A good data storage system will allow for clear labeling, user-friendly searching (like how you search for documents on your computer), and ways to search within videos to view and collect smaller clips within larger amounts of video footage. When evaluating body camera technology, make sure you understand how a police officer would search for, locate, and retrieve specific video footage—quickly.
  5. How will you back up your body camera video footage? We recently wrote a much longer article about this specific issue, but it’s worth reiterating that backing up your data is essential for information of this caliber. From a server failure to a full-on disaster like a tornado, you need to make sure none of this video footage is lost. Test your data backup and disaster recovery at least quarterly to ensure that it’s actually working. Offsite data backup storage has become relatively inexpensive, and there are many cloud solutions available that also ensure the highest security—such as encrypting your data while it’s in transit.

It’s great to get excited about body camera technology, and it’s less exciting to think about your boring, backend information technology. But without the right data storage, retention policies, security, management, and data backup plan in place, your body camera technology investment could become a gigantic waste or risk a legal disaster. Body cameras are another sign that technology is accelerating at light speed—so make sure your information technology is keeping pace.

To talk about body camera technology in more detail, please contact us.

Thursday, May 07, 2015
Brian Ocfemia, Technical Account Manager

To get the most eyeballs, the media will obviously publish headlines with the most sensational stories about cybercrime. It’s easy to read stories about the Sony hacking, the Target data breaches, or cyberterrorism worries from national governments and think that those are the most common nature of cyber-attacks. However, those kinds of events are rare. Additionally, such sophisticated hackers often go after very high profile targets’not your small- or medium-sized city.

This is an important point because you’ll feel helpless if you think these are normal security threats. You’ll feel that it’s too expensive to invest in data security when it’s impossible to prevent the best cybercriminals from stealing your information. But it’s the most common, everyday threats that actually cause the most damage to cities. And you can prevent most of these threats with relatively inexpensive information security investments.

Instead of worrying about the rare instances of governments or James Bond-level villains coming after your city, you need to be worried more about the following realistic, common security threats.

  1. Employees and anyone with internal access to your data. One of your biggest threats will always be someone with internal access to information. Those people may be disgruntled, angry about being terminated, or working on the inside to steal money or information. Obviously, you don’t want to be paranoid about everyone you work with, but you will want to make sure that your information is only available to authorized users. It’s dangerous if anyone can walk into a server room or log in to an important software program. Even authorized users should have their access monitored to help flag any suspicious activity. You may also want to consider background checks for employees and any vendors handling your sensitive data.
  2. Viruses. We’ve written many times how even the best-intentioned, most IT-savvy employees can still get a virus. Accessing city information through an employee accidentally downloading a virus is low-hanging fruit for hackers. It opens up a door to your data that allows hackers to steal it, hold it for ransom, or funnel money to their bank accounts. Enterprise-class antivirus software, monitored by your IT staff or vendor, will go a long way toward preventing common viruses from crippling your city.
  3. Weak passwords. It’s amazing how many weak passwords are still used by not only individuals but also IT administrators. Hackers are always trying to get into people’s email and social media accounts, and more sophisticated hackers try to access servers and software with sensitive information. If you’re using passwords like “123456” or “password” just so it’s easier for you to remember them, you’re opening up your city to significant security threats. Requiring complex passwords (with numbers, letters, and special characters) that must be changed every few months will help fend off this basic form of attack.
  4. Poor IT management. Managing servers, workstations, network infrastructure, software, data, and information requires highly skilled, experienced IT professionals—even for smaller cities. If your IT staff or vendor is overwhelmed, inexperienced, or incompetent, they may not identify major security threats, update software regularly with security patches, maintain antivirus and antispam software, monitor and manage authorized access for users, and enforce basic security policies across the city.
  5. Little to no encryption. Simply encrypting your data also prevents many serious security issues. If a laptop is stolen, the information will be worthless to the thief. If a hacker tries to get access to payment information as it’s exchanged on your website, the information will look like gobbledygook to that person. Learn from the example of the State of South Carolina. They could have spent chump change on encryption but instead paid tens of millions of dollars in the wake of the massive data breach—all stemming from an employee clicking on an email attachment with a virus.

Everyday security threats are what you need to be most worried about. Every scenario listed above is something that threatens you on a daily basis. And these are security threats you can absolutely protect against. Most importantly, cyber security is not just a technology issue. Experienced IT professionals must work in tandem with city administrators to set and clarify policy, and employees must be trained to detect basic security threats and only receive authorized access to information. Worry about protecting yourself against 99% of the most common security threats, instead of worrying about the rare 1%.

To talk about cybersecurity in more detail, please contact us.

Thursday, April 30, 2015
Dave Mims, CEO

How much is your city at risk for a devastating security breach or permanent data loss? Do you need a quick way to assess your current cybersecurity readiness?

In case you missed our Georgia Municipal Association (GMA) presentation and live webinar on April 24, 2015, GMA has provided the audio recording and slides. Use this information to ask yourself:

  • Are my passwords strong enough to prevent hackers from stealing city information?
  • Is my city at risk for getting a computer virus that allows hackers to steal information?
  • Will I fully recover my data in the event of a server failure or a disaster like a tornado?
  • Is outdated software and a lack of regular software maintenance leaving me open to a cybersecurity attack?
  • Is my technology physically protected from unauthorized people stealing data or equipment?
  • Is my city website secure and hosted by a reputable provider?

While you probably hear stories in the news about security breaches at large government organizations where data is stolen and often permanently lost, know that this isn’t just a big government problem—it’s a major problem for small and medium cities. In our webinar, we provide small city examples of real situations that can cripple cities like yours.

Don’t become a victim to a security breach or lose your data unnecessarily. Listen to our GMA webinar or review the presentation slides to assess if your city has cybersecurity gaps that make you vulnerable to attack.

Friday, April 24, 2015
Nathan Eisner, COO

As your city grows or you buy more IT equipment, you might run into difficulties as the entire setup starts to get a bit unwieldy. And with the plethora of now common information technology items such as high-speed Internet, mobile devices (like smartphones and tablets), and cloud computing, it becomes harder and harder to identify how everything needs to be connected. For example:

  • Employees might have trouble checking email or opening documents with their smartphones.
  • Printers don’t seem to hook up to all computers properly, and so different offices and departments buy their own.
  • Data from one software application doesn’t transfer at all to another software application.
  • You’re not sure how new technologies like body cameras for public safety might integrate with your current technology environment—or if it’s even possible.

When information technology needs to grow along with an organization, it becomes harder and harder to scale without the help of IT professionals who know how to connect all of your hardware and software together. There are a few areas that will impact your city negatively unless you have the proper IT support.

  • Mobile devices connected to your office computers. Are your employees able to check email, open files, and access office information through their mobile devices? As you’ve probably experienced, you’re often on the go—at home, on the road, or traveling—as part of your job. That means we often stay connected and communicate throughout the day with our mobile devices. Mobile devices need to be properly synced with office computers so that the experience is seamless for important business applications. Otherwise, your productivity will take a sharp downturn.
  • Printers, fax machines, and scanners connected to your office computers. One cause of high costs and inefficiency at cities is the number of printers, fax machines, and scanners that crop up when they are improperly connected to your IT network. When properly set up, these machines will serve the greatest number of office computers in the most efficient way possible. You may need to invest in newer machines if you’ve been using some for five to ten years. When you invest in new machines, you will buy fewer and connect them to more computers.
  • Software applications connecting to other software applications. You might run into issues such as financial information from one software application not connecting to another software application. To compensate, you may manually reinput data, wasting precious staff time. Analyze if your current software applications duplicate a lot of tasks or fail to transfer data easily to other software applications. With the right requirements, you might be surprised to find out what’s on the market and that some software modernization might solve a lot of these inefficiency problems.
  • Remote workers and users connecting to the office’s IT network. Similar to the mobile connection issues above, this is a different variation on the same problem. In this case, we’re including desktop computers that an employee might use at home along with vendors, consultants, or outside users who may need access to information. In this case, you need to make sure that employees using their desktop at home not only have access to the same information as if they were in the office but also receive IT support while working remotely. For outside users such as vendors. you need to especially make sure that they have appropriate permission and that only authorized users are allowed to access city data.
  • Onsite data connecting to offsite storage. Especially important for data backup, you want to make sure that any offsite storage is properly synced up with onsite data changes throughout the day. Offsite storage is especially important for disaster recovery. If there is a fire or natural disaster like a tornado, you want to make sure you back up your data offsite so that you’re still operational—even if your facilities are destroyed. By setting up an onsite backup during the day, you should be able to send any data changes offsite at the end of each day in order to accommodate most disaster recovery scenarios.

As you can see, the multiplication of devices (desktop, laptop, mobile), software applications, and remote worker needs has made information technology more and more complex over the years—even for smaller cities. A small city used to be able to get away with a few computers and some off-the-shelf software, but today a setup like that introduces too much risk if something goes wrong. To make your city operations hum along like clockwork, you need help and assistance to connect all of your IT together and make sure that it’s helping—not hindering—your productivity. And especially when new technologies like body cameras will become required and standard for your cities, you want to make sure your basic technology foundation is set up properly so that you can scale and integrate new technologies with ease.

To talk about IT connectedness in more detail, please contact us.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 |
Contact
Contact a Sophicity Consultant Now To Find Out How We Can Help Reduce Your IT Costs Go
bottom