While there isn’t a debate anymore about the benefits of cloud hosting, governments and businesses still balk at moving into the cloud. A recent article from Marketplace highlights a few of those legitimate concerns from various government organizations that have made the shift along with various privacy experts sounding off.
Any remaining objections usually come down to two points:
From here, organizations usually talk themselves into the false sense of security that comes from sticking with their own onsite servers or those they own or lease at a data center. But cloud hosting can overcome these two objections. In fact, the Marketplace article even states that Australia, a country with some of the strictest privacy laws, has moved into the cloud. They wouldn’t do that if it wasn’t secure.
Let’s look at some of the key reasons why cloud hosting is worth considering, starting from the two objections and then expanding out into a few other points.
Think about it. No more onsite hardware to purchase or maintain. No more data center servers to buy or lease. So why does the cost of shifting to a cloud hosting provider drop so much? Think of cloud hosting like a utility. Is it more cost-effective to buy your own electricity generators, or to use the collective power of an energy company that provides you electricity for a low cost due to the scale of their operations. Cloud data centers work the same way. By storing data in cost-efficient ways at such large hosting centers, those hosting centers pass on the cost savings of scale to you because they are more efficient than any onsite servers or data centers you could use.
To talk more about cloud hosting, please contact us.
Seemingly every day, a news story breaks about yet
another security breach and more data stolen from an organization. We hear
about big organizations such as Kmart and government operations such as the Oregon Department of Employment, but we don’t often hear
about smaller organizations. Because hackers pick easy targets, smaller cities
are even more at risk than larger entities. And that’s a major driver behind Kentucky’s House Bill 5 that our CMO, Nathan Eisner, recently spoke about during a talk at the Kentucky League of Cities annual conference.
The language of House Bill 5 is quite clear and includes
the following provisions:
While specific to Kentucky, House Bill 5 is reflective of similar legislation and expected best practices around the United States. So, cities must take reasonable steps to protect their data and, in the event of a security breach, notify affected parties. This situation makes security much more urgent for cities, but they often ask us, “What now? How do we protect our data?” Those were common questions we heard at Nathan's conference session on cyber security.
The good and the bad news is that many methods of shoring
up security are easy. Good because fixes are relatively easy to implement. Bad
because it suggests that the biggest threat to most cities is your own staff. A
little education goes a long way toward making your staff—both your IT and
non-IT employees—aware of activities they can do every day to make sure that
your city stays as secure as possible.
Here are some areas you can tackle immediately.
A recent study by a technology research company in
California found that one out of three people had their passwords written down
somewhere around their desk. Many people used obvious passwords such as a child’s
name, pet name, college mascot, birthdate, etc. Overall, researchers figured
out passwords for 50% of the people in the study. Before you laugh, ask
yourself, “How secure are your city’s passwords?”
To make sure your passwords aren’t opening up major
A few years ago, a city finance officer was contacted by
their local bank. Wire transfers in the amount of $90,000 were attempted from
the finance officer’s computer. Compromised by a virus, the computer was
remotely controlled by an outside party. Luckily, the local bank’s fraud
prevention efforts saved the city from any significant financial damage. But
imagine if the transactions had been allowed to complete. The city and the bank
would have had to spend money on legal action and recouping any financial loss.
That’s real money lost—all because of a simple computer virus.
To combat viruses, we recommend that you:
Last year, we heard about a city’s server that became
infected with a virus. That server contained the city’s financial system. The
city’s backup system failed to recover the data. The city had backed up the
data, but they did not test their backups. And what happened? They lost 13
months of financial records. To get that data back, their only recourse was to
hire contract labor to re-enter every transaction manually. Talk about a lot of
significant unplanned expenses!
With data backup, start by asking some important
Once you get a better sense of your data needs and
priorities, apply the following best practices.
Recent studies have shown that
To stay up on security updates, make sure your IT staff
or vendor ensures the following:
Don’t forget the old-fashioned way of stealing!
Protecting city data also involves protecting physical equipment. A stolen
backup drive or a disgruntled employee with a USB stick can be just as harmful to
your city as a hacked computer. To tighten up your physical security:
Last year, citizens trying to reach a particular city’s
website found nothing but advertisements on it. What happened? The website had
been hacked and all of the city’s content was replaced by ads. The hacker found
a weak spot by infiltrating the city’s utility billing system through a hole in
the online bill pay software. If the problem lingered, a citizen going to the
city’s website, thinking it was a trusted source of information, could have
been infected with spyware or malware. That citizen’s private information may
have been stolen and the city would have been liable.
To ensure a problem like this never happens, make sure
Remember, cybercrimes affect all cities—not just the big
ones. Be proactive, ask questions, and stay informed. Use this post as a guide
to get you started, identify gaps, or check up on any doubts you have with your
IT staff or vendor.
If you want to talk more about cyber liability, please contact us.
Just when you’ve gotten used to the idea of shifting your servers and software applications to the cloud, you might hear about the option of moving your phone system there too. Many businesses and organizations still rely on landlines or maybe even a Voice over Internet Protocol (VoIP) system that may run on a server in your office or at a data center. Isn’t the phone something distinct from the rest of your data and software? Why would you move it into the cloud?
When VoIP came out many years ago, it primarily stunned a lot of people because it made them realize that phone information could be reduced to packets of data transmitted over the Internet. That meant you could treat your phone system the same way you treat a software application, and you used an Internet connection to communicate with other people instead of landline technology. But VoIP was software and usually required an onsite or data center-hosted server to run the application. With the cloud, you even remove the need for a server.
Despite this advance in technology, you might wonder about the practical reasons for moving your phone to the cloud. Here are some compelling reasons that hit home with the businesses and organizations we work with.
Cloud software makes it extremely easy to essentially carry your office phone with you everywhere. That’s impossible with a landline. With cloud phone software, you install a mobile app that connects to the software from anywhere. Access the mobile app, and then any call that comes into your office number rings your mobile phone. This helps businesses and organizations make it easier for employees to work remotely, keeping personal and professional phone data separate.
To talk about cloud phone software in more detail, please contact us.
experiences with watching cities embrace the cloud, we liked a recent August GovTech article that
outlined the thoughts of technology leaders from the city of San Francisco to
the state of Delaware. While each government entity’s challenges are complex
and unique, they all agree that moving to the cloud is helping them with many
essential business and operational functions.
While it can
seem like the needs of extremely large cities and states don’t necessarily
relate to small and medium cities, we find that the article included several
aspects about the cloud that can impact your city’s budget and operations. Here
are some important points we’ve extracted from this article that will convince
you to take a closer look at the cloud if you haven’t yet shifted over from a
more traditional setup.
Paying from month to month eases the burden of what
used to be a multi-year capital expense commitment for servers and licenses.
Moving data and applications to the cloud works more like a utility that you
turn on rather than equipment you buy. We’ve seen many small and medium cities
reduce their technology expenses and get rid of expensive hardware by moving to
Scalability and flexibility for your business needs
directly impacts your bottom line. Traditionally, cities tended to get locked
into a certain number of software licenses and technology features. If you
purchased it, you couldn’t get rid of it until the contract ended. With the
cloud, you can add or subtract users depending on your real-time staffing
needs, which helps if you suddenly gain a burst of employees or have to let
many go. Also, it helps if you can turn off certain features or tools in the
cloud and only use them when you need them—trimming costs while doing so.
Without hardware installation and configuration, you can often set
up your cloud technology over the Internet in hours. We often help set up a
city’s applications, storage space, document management, or website rather
quickly. Data migration from old systems may still take a lot of time and
planning, but the cloud technology and tools are ready to go as soon as possible.
Configuration takes place in easy to use dashboards, allowing your IT staff or
vendor to get you set up in the cloud almost immediately.
The cloud makes it easy for people to securely access
files, documents, data, and applications without having to be at the office or
use difficult VPN connections. It’s becoming more routine and expected for people
to access data remotely when they work from home, travel, or stop at any place
with public wireless access. The cloud allows you to provide that mobile access
with ease while keeping data secure.
We often hear, “But we have sensitive data that we
absolutely cannot risk by having in a public cloud.” While public clouds are often more
secure than any IT environment you can set up, we understand that cities may be wary about
extremely sensitive information going into the cloud. Cloud providers offer
many hybrid options including private clouds (meaning that you have your own
cloud network walled off from any other data) or simply keeping certain servers
locked down and secure in-house if you absolutely don’t want that data in the
cloud. For the rest of your data, you can still take advantage of the cloud’s
cost savings and benefits.
still wary about the cloud, articles like the one in GovTech should reassure
you that major cities and states would not move to the cloud if they haven’t
already evaluated the major risks. We encourage you to explore your options by
talking to an IT professional or service provider experienced in working with
municipalities. They should have experience with crafting hybrid cloud
solutions for municipalities so that you know they are looking at your
situation objectively (rather than applying a cookie-cutter cloud solution).
The cloud can save you a lot of money, offer you more flexibility, and still
provide you the data security you need.
To talk about the cloud in the more detail, please contact us.
A recent story reported in PC Magazine and other news outlets talked about a vicious form of malware that affected many retail point of sale systems. The most disturbing fact? Up-to-date antivirus and software patches failed to prevent this malware from taking over the point of sale systems, stealing information, and wreaking havoc.
Stories like these tempt small businesses and city governments to throw up their hands. If antivirus and patching can’t prevent malware and hackers stealing information, then how can you really secure yourself?
In fact, there’s plenty you can do. A common misconception is that antivirus serves as the be-all-end-all solution for protecting your information. But antivirus is only one tool to prevent such dangerous attacks. Here are some others.
Even if hackers can access your data, encryption can make that data useless to them. Many high profile data breaches in the past few years were made worse when the data stolen wasn’t encrypted. Compared to the cost of data loss, fines, and emergency remedies, the cost of encrypting data is quite a bargain. Especially for your most sensitive information, encrypting data on your servers and computers is essential and a great way to frustrate hackers.
To talk about cybersecurity in more detail, please contact us.
IT vendors are both an expensive investment and a commitment. Like any relationship, a good IT vendor is often hard to find but it’s a great thing once you find one. And like any relationship, there are signs indicating when it’s bad, and when it’s good.
I know. We’re an IT vendor, so you might be a bit suspect if we were to share our four signs of when you should break up. Instead, we’ve collected specific points and complaints that we’ve heard from actual city decision makers from a large number of sales meetings this year. These insights include customers, prospective customers, and other decision makers who have had good and bad experiences with IT vendors.
Here are the things they point out as red flags. If you’re seeing these signs repeatedly, then city decision makers nearly all say you need to look for a new IT vendor.
A good IT provider listens to your city when implementing any technology-related policies that affect your operations (such as security policies). That requires true consulting—working with cities to craft policies tailored to your organization. Unfortunately though, many lazy IT vendors simply implement a standard policy without discussing what your city considers appropriate. This situation can result in your staff unable to fully function because they are locked down too tight by an arbitrary policy that may not fit your organization.
To talk more about selecting the right IT vendor, please contact us.
As you or others you know have probably experienced, tablets (such as Surfaces, iPads, Nooks, Nexuses, etc.) have entered our lives as a way to both increase our productivity and entertain us. They are easy to use and provide many of the same functions as traditional desktops or laptops—without the hassle. Because tablets provide you on-the-go email, document access, and Internet access, we find they are also becoming essential productivity tools for mayors and council members, as well as others involved in council meetings.
In fact, we've heard over and over that cities want tablets—especially for elected officials. Based on this feedback, we’re happy to announce that IT in a Box will include tablets for council members.
So, why tablets? And why IT in a Box? With IT in a Box tablets, you’ll experience the following benefits.
At this time, we are currently piloting the use of IT in a Box tablets and collecting feedback to make this service even more effective for you before rolling it out.
A big thank you goes out to Mr. Andrew Hartley (City Attorney at Georgetown KY), Mr. Stan Brown (City Manager at Oakwood GA), and Mr. Jim Windham (Councilman at Oxford GA) for signing up to be our early adopters (aka testers). Each represents a vital role in council meetings, so gaining their feedback and perspectives will be very beneficial. We plan to fully roll out the IT in a Box tablets in January 2015.
To learn more about this service, please contact us.
With the media using its usual scare tactics, it’s tempting to follow their alarmist lead and view the recent celebrity cloud nude photo hacking scandal as a sign that the cloud is an unsecure place to store data, files, and documents. After all, if private nude pictures cannot be protected from hackers, then how will you protect your business’s much more important confidential information and intellectual property? One alarming fact you’ve probably read is that many of the celebrities said they had deleted their photos long ago. Yet, those photos were still found by hackers in the cloud despite this deletion.
Let’s slow down a bit and digest this incident. First, despite their celebrity status, these people are still non-technical individuals—not IT experts. Many common individual errors in personal data privacy were committed by these celebrities. And the flaws mostly came down to weak passwords and a misunderstanding of how cloud security works.
For your business or city, we offer some reassurances in the wake of the scandal to let you know where these celebrities messed up and how your business should differently operate.
Be very careful about syncing cloud data to other devices. Ideally, you should store data and allow access to it from one central cloud location. If the data replicates itself locally on various devices, you open up the risk of your data appearing in a less secure location. It may be easier for a hacker to hack a personal device rather than your cloud servers. But if your sensitive data is encrypted and only accessible via your cloud servers (with view-only mobile access), then it’s much harder for a hacker to grab that data.
To about cloud security in more detail, please contact us.
In many organizations, email is quite simply a mess. Sometimes, you might have loose policies where you can keep any email forever as long as there is storage space. In other cases, you might have arbitrary or necessary storage limits where you are responsible for deleting emails just to make room for more email. Either extreme is not healthy for a business or government organization.
You might say that keeping emails is understandable, for obvious reasons. If emails are needed for legal reasons or a city receives an open records request, it’s important that emails are accessible. As long as the email is somewhere, everything is fine. Right?
Actually, there’s much more to email archiving than just storing your emails in any old place. In this post, we offer up five reasons why you need to have business-class email archiving in place at your organization.
Your records management is extremely important when you are bound by law to produce emails. For businesses, you may need to produce emails as the result of following a contract, responding to a legal request, or complying with something like Sarbanes-Oxley. For government, you may need to respond to open records requests and correlate your archived email with record retention laws. You don’t want to be caught in a situation where you’re legally bound to produce an email and you are unable to do so. That failure could result in lawsuits and expensive fines.
To talk about email archiving in more detail, please contact us.
Our Focus | Products | Resources | Company | Contact | Sitemap | Login
© 2009-2014 Sophicity, all rights reserved. Sophicity®, "We put the IT in City”, and the Sophicity logo are registered trademarks of Sophicity.