We put the IT in city®

CitySmart Blog

Friday, April 22, 2016
Nathan Eisner, COO

Nathan EisnerPatch management—what you might know as the applying of updates to software—is often an overlooked and even neglected task. Sometimes, cities may be too busy to apply them, don’t want to interrupt employees, or simply don’t think the timely application of patches is a big deal. Hey, as long as nothing breaks, right?

However, a recent story in the Atlanta Business Chronicle demonstrates exactly why patch management is important. Take something as innocent as a wireless keyboard and wireless mouse that you might use with your laptop. As Urvaksh Karkaria reports:

“Atlanta-based Bastille has discovered a vulnerability in wireless mice and keyboards that leaves billions of PCs and millions of networks vulnerable to remote exploitation via radio frequencies. Using an attack which Bastille researchers have named “MouseJack,” malicious actors are able to take over a computer through a flaw in wireless dongles, the company said in a statement.”
Scary, huh? Without applying patches and staying aware of security vulnerabilities, you expose yourself to unnecessary cyberliability. Here are some key considerations to help you think about the rigor of your patch management process.

Patch management is an essential element of cyber protection.

As vulnerabilities are found, vendors create a fix and make a patch available. But those patches still have to be deployed or rolled out by your IT staff or vendor. Many patches fix security holes and bugs in software. Not applying patches means that you are leaving security holes open for hackers to exploit.

Sometimes, cities turn patching off because they are afraid that an update will break their software. This is bad because you’re not fixing security vulnerabilities. As cities (and all government entities) are continually held to higher cyber security standards, a simple ongoing task like patch management becomes essential.

You need IT professionals overseeing patch management and following rigorous procedures.

Do not think you’re doing patch management when employees download and install Windows Updates to their computers. Patch management needs oversight by IT professionals. For example, what happens if you install a patch and it breaks something in your software? Would you know how to uninstall it and revert back to a previous state? IT professionals know how to test and apply patches, understand which patches are appropriate, and use strict procedures if something goes wrong with a patch.

Non-technical employees aren’t able to test patches before applying them.

An amateur sees patches released by a software vendor and applies all of them. An IT professional knows that all patches aren’t created equal. Before applying patches, they test them to make sure nothing breaks or a software flaw isn’t introduced. In our case, we run vendor patches through a variety of server and desktop configurations to test for errors. We “green light” those that pass successfully and then install them on your machines. If a patch creates a problem in our test environment, we don’t apply it. Instead, we communicate the issue to the software vendor. We only skip testing when the patch is deemed so critical to your security that it must be immediately applied.

Patches need to be applied to all of your machines regardless of their location.

Patch management loses effectiveness when your employees or IT staff only apply them to machines on your network at your building and skip machines in other locations. Nowadays, modern patch management allows IT staff or a vendor the capability to apply patches to servers and workstations regardless of location. Yes, that means your computer gets patches applied even if you’re on the road or working from home.

The main takeaway? You need to make patch management a regular, important part of your IT maintenance. Generally, that means experienced IT staff or a vendor overseeing patch management as part of their regular, proactive duties.

Are you patching your servers and computers regularly? Reach out to us with any questions or doubts about your patch management process.

Thursday, April 14, 2016
Victoria Boyko, Software Development Consultant

Victoria BoykoIt’s fun to get excited about ambitious website goals—a new website, a new online payment function, or a photo gallery highlighting your tourism or downtown development. Or maybe you’re so focused on day-to-day operational activities that you haven’t taken a look at your website in a while. Either way, it’s easy to neglect some obvious things that make your website—and your city—look bad.

Remember, your website is often the most common way that people get a first impression of your city. Whether or not you’ve recently redesigned your website, there are a few common mistakes that cities don’t realize leave a very bad impression on citizens, future residents, potential visitors, and businesses.

Here are six quick, low-budget ways that you can immediately improve your city’s website—no matter how old or new.

  1. Broken links. It’s annoying for people to come to your website, click on a link, and see an error page. Remember that your citizens and people researching your website are often looking for specific information. When they don’t find it, it’s like hitting a dead end. Broken links are usually caused if you’ve added or deleted pages over time but haven’t updated the links. Go through your website—especially your main pages if you’re time-strapped—to check for broken links.
  2. Outdated information. People get disappointed when they come to your website to see that the last news item was from 2011, a department’s contact information is for someone no longer at the city, or an advertisement is for an event that took place six months ago. You lessen trust by not actively keeping up a vital, worthwhile website and it may suggest that the city is asleep at the wheel. Keep important information up to date and take down information after it’s no longer needed.
  3. Misspellings and poor grammar. We hate to bring this up but a simple review of many city websites reveal a staggeringly high number of glaring misspellings and poor grammar. It’s worth the investment to pay for the services of a good writer and editor if someone on your city staff isn’t trained to do it. You may not think that typos are a big deal, but studies show that poor spelling and grammar ruin the credibility of a website.
  4. Too many “Coming soon!” items for too long. It’s okay to set up a website and have some “Coming soon!” notices for maybe up to three months after you launch. But we see many websites with “Coming soon!” notices for years. It’s embarrassing and frustrating if a page never gets uploaded with content or your city council never gets pictures next to their names. Either upload content within a reasonable period of time or just take a page down if you’re not going to show any content on it.
  5. Calendars with nothing on them. A citizen gets excited to see that you have a calendar. They’re ready to jot down the dates and times of meetings they are interested in, and…nothing. A blank calendar. If your website displays a calendar, use it. Populate it with city council meetings, public events, and other items of interest. A calendar is probably one of the most useful tools that your website provides but you need to maintain it.
  6. Too many items to choose from. A website may give you control over what links you want to provide, but be careful. Many websites offer too many link choices on the top or side of the page. Would you want to sift through a list of 52 random links to find what you want? Or would you rather quickly look through a list of 10 links that clearly organize information into understandable buckets? Think about how information is organized on your website in order to help people find what they want.

So, if you’re worried about budget for a new website, first take a look at your current website. Do you have any of the glaring issues listed above? These are extremely low-budget items to fix that have an immediate, big payoff. Remember, you’re always on audition. People are researching your website for a variety of reasons. The difference between getting more tourism dollars, an additional business relocating to your city, and more residents moving to your city versus losing them may be that first impression.

Once you fix the problems listed above, it’s just the beginning of really harnessing the power of your website. Read our New Year’s post for more tips and advice about how to make a city website work for you.

Thursday, April 7, 2016
John Miller, Senior Consultant

John MillerLike most things in life, documents have a lifecycle. They are born, they live, and they sometimes pass on to document heaven. If you have a document management system, you probably understand the document lifecycle more than most. And if you don’t have a document management system, your documents still go through this lifecycle—even if it’s chaotic and hard to track.

Why is the document lifecycle so important that we should analyze it? Why not just create the documents you need to create and get on with it? The short answer is that the more you understand your document lifecycle, the better you can manage the process in terms of document quality, consistency, and ease of use.

Let’s take a closer look at the steps and see why each step is important to examine.

1. Creation

Obviously, all documents need to be created. But have you ever thought about the complexity behind document creation? For example:

  • Do I create a document from scratch? If so, what software program do I use?
  • Do I use a template? Do I need to create template documents for others to use?
  • Are there specific requirements for a document such as a legal disclaimer or a specific structure?

Even more complex, you might need to title documents in a certain way, tag them with “metadata” (such as identifying the author, date created, city department, etc.) to make them easier to find, and make sure the document is accessible for people with disabilities. In other words, there can be a lot more to document creation than first meets the eye.

2. Storage

After you create the document, where does it go? Usually, this point of a document lifecycle is a mess at many cities. Documents may get stored on individual computers, flash drives, or unorganized shared folders on a server. Some questions to think through include:

  • How are the documents organized? Are they organized in a way that’s easy for all authorized people to find them?
  • Where are they stored? On a server? The cloud?
  • How much storage space do you have? Is it enough?
  • Who manages the documents? Who has administrative access and authority to make changes to the organizational structure?

3. Access

Accessing a document involves both ease of retrieval and authorization. In some cases, it may also mean how to access the files in order to transfer or share them somewhere else. This part of the document lifecycle is extremely important. Ask yourself:

  • Who is authorized to access specific documents?
  • How easy is it to find and retrieve documents?
  • Do people have the right software in order to view documents?
  • Are there appropriate restrictions on downloading, transferring, and/or sharing documents from the document management system to another location (like to another server, a flash drive, or someone’s individual computer)?

4. Editing, Review, and Approval

Before becoming finalized, documents need to be edited, reviewed, and approved by people who are often not the author. Instead of chaotically sending documents back and forth through email, many document management systems offer some ways to improve the quality of this step in the process.

  • When someone is editing, it may lock out the document so that no one else can edit it.
  • When people collaborate to edit, you might be able to see everyone’s individual edits taking place in real time.
  • When a document gets to the next step in a predefined process, it notifies the editor, reviewer, or approver and gets handed off automatically to that person (or persons).

These are steps you will need to set up in your document management system that align with your policies and procedures, and you can work with your IT staff or vendor to activate these kinds of features.

5. Retention and Disposal

This step of the process is an important legal step for cities. Depending on your city’s records retention policies that follow state law and local ordinances, you may have different policies for different documents. These can be set up by municipal-experienced IT professionals who are trained in following records retention law.

Basically, you’ll apply many of the same tips above to an archiving strategy that makes sure that:

  • Documents are archived in a place where they are easy to find, search, and retrieve.
  • Documents are automatically set up to be staged, reviewed, and purged at specific times.
  • Documents will be backed up onsite and offsite to ensure recovery in case of a disaster.

As you can see, the steps above are obvious but the thought behind each step isn’t. We accounted for a lot of complexity in certain steps that may not apply to your city. That’s okay. You may not require meticulous “metadata” or need multiple people collaborating on documents. However, you should give each step some serious thought depending on your particular needs. This will make sure you both comply with the law and also just make your overall document lifecycle process easier for everyone involved.

Questions about your document lifecycle? Reach out to us today.

Thursday, March 31, 2016
Anthony Fantino, Network Infrastructure Consultant

Anthony FantinoDo you think about hackers in an outdated way? For example, you might imagine lesser hackers as extremely intelligent yet rebellious teenagers in their basement trying to hack into someone’s servers or computers. And you might imagine more experienced hackers as part of international organizations that make concerted attacks on high-profile targets such as the United States government.

In reality, hacking has evolved like most information technology. It might surprise you to know that modern hacking is largely automated. That means hackers are using software to probe thousands and thousands of computers in order to look for weak spots. And once they find a weak spot, they attempt to break in.

That’s why your city is a target. You might think, “Why would some hacker target my small city?” They’re not. They’re scanning thousands of targets. Eventually, that scanning will find you—detecting your weak spot and exploiting it. Many incidents on the news discussing the aftermath of hackers attacking smaller, lesser known cities show that’s the case.

So, how do you avoid becoming a target? Here are five key areas where you may be leaving yourself open to hackers.

1. Human Error

We have to begin here because even the best security can’t prevent a human being accidentally giving a hacker access to a city’s information. How does that happen? Many people still get fooled by malicious email attachments, websites, and online software. Even “fun” things like online games and social media quizzes can contain viruses, malware, and spyware. You need to train employees about malicious online content and regularly review tips and advice with them. The easiest way for a hacker to get in is when someone lets them in the door.

2. Weak Passwords

SplashData got a lot of press recently when they published the most common weak passwords in 2015. Many, many people still use horrible passwords such as “123456” and “password,” and then wonder why they got hacked. Remember, hackers are using automated software to look for holes. That automated software includes easy tools to guess common and weak passwords that are easy to crack. You need long, strong passwords with a mix of letters, numbers, and special characters to help secure yourself.

3. Unsecured Wireless Access Points

You ever go to a coffee shop or public place and look for wireless access on your laptop? You probably notice some of the connections are secured and you need a password to access them. But some are “open” and you can hop on without a password. While open access points make it easy to get Internet access, they are incredibly dangerous if they’re set up that way at your city. Make sure every one of your wireless access points is secured—meaning the data is encrypted and access requires a password. Otherwise, you’ve left open another door for hackers.

4. A Firewall with Holes

Think of a firewall like you’re going into a secure government building like the White House. Guards at the gates will rigorously check each and every person who enters and who leaves to make sure that no threatening or suspicious people cause any harm to the President and his staff. We shudder to think what would happen if the White House lacked that security. Now, think of your firewall like White House security. If your firewall is improperly configured (or even non-existent), that means any hacker can enter in through a “gate.” Your IT staff or vendor can make sure your firewall is set up so that it’s inspecting all suspicious cyber-intruders and preventing them from entering.

5. Gaps in Your Operating System and Internet Browsers

An operating system such as Windows often delivers up a series of updates and patches every week or two. Similarly, Internet browsers such as Internet Explorer regularly update the software that allows you to access the Internet. If these updates and patches are not installed, you increase the risk of hackers exploiting known security gaps that companies work so hard to find and protect you from. Make sure your IT staff or vendor regularly applies updates and patches to your operating systems, Internet browsers, and any other software.

Your goal? Preventing hackers from attacking your city is similar to physical security. Make sure you don’t let suspicious users inside, and make sure you monitor and inspect the information going in and out. While there is always a chance of a hacker finding a way in, shoring up the security behind these five items will go a long way toward helping you fend off hackers.

Need to discuss cybersecurity in more detail? Reach out to us with any questions.

Thursday, March 24, 2016
Dave Mims, CEO

Dave MimsOver the past few years as cities have adopted IT in a Box, we’ve learned more about common questions that people have about it. Recently, we produced a brochure that encapsulates exactly what makes our services unique, relevant, and impactful for your city.

Typically, we write blog posts about common city-related IT issues or opportunities for technology to help you excel at citizen service. Here, we’re taking a rare blog post to talk a little about us. But it’s really about you. By expanding upon our brochure, we’ll help explain some of the answers to the common questions we get that center around the question, “What can I expect with IT in a Box?”


Municipal leagues often vet vendors that provide important services and products for cities. Once a product or service is approved by a municipal league, a city can rest assured that the product or service has had a positive impact on cities. IT in a Box is the preferred technology solution for the Georgia Municipal Association, Kentucky League of Cities, and Arkansas Municipal League. That’s a loud statement of trust in Georgia, Kentucky, and Arkansas.


Many technology vendors provide generic solutions applied to a wide variety of industries. Even if IT vendors do specialize, it’s rare to find a city-tailored technology solution. Sophicity is a rare IT vendor that has customized the entirety of its services—from websites to data backup—for cities.


Cost is usually a major issue for cities when considering technology solutions. As a result, we’ve worked extremely hard over the past few years to include a comprehensive set of technology services for municipalities at the lowest overall price point to give cities the biggest bang for their buck. We make sure that cities from smallest to largest receive the same services at the right scale for them. Plus, the price is flat and predictable each month, making budgeting simple.

Onboarding: How We Get You Started

Many cities ask us how we get IT in a Box rolled out at their city. We’ve got this onboarding process down to a science.

  • It starts with a plan and a roadmap. There are a lot of components to IT in a Box that include hardware, software, licenses, and services. Our step-by-step plan takes a city from their current situation to modernization with IT in a Box. We discuss, adjust, and schedule this plan with you in a kickoff meeting.
  • We will ask you about your priorities and adjust our plan around them. We will conveniently resolve any technology issues and address as many needs as quickly as possible. Maybe your printers are a major problem. Or your website keeps crashing. We build our plan around your most pressing issues and address those immediately rather than guide you through a cookie-cutter process.
  • We will clearly communicate with you upon arriving and upon leaving each day. We will not rush but instead take our time to answer your questions and address your needs. Communication is essential for onboarding a new technology service, and so we will tell you what to expect each day and what we accomplished each day. And during the day, we will answer any of your questions as we work to address your needs.

Day-to-Day Service: How We Take Care of You

Our day-to-day service receives a lot of praise from cities for its unique level of care that’s tailored to cities. Our secret? Just doing the basics well.

  • We will respond promptly to you. When you call, you will get an answer and talk to a human being.
  • We will ask for your priorities and set clear expectations with you. Just like with onboarding, we build our work around your priorities. You’ll know our plan, the expected end results, and when we will resolve problems.
  • We will regularly check in with you. Even if you don’t have any immediate issues, we check in and see how things are going on a regular basis. We don’t disappear.
  • We will communicate with you in non-technical language. Too many technology vendors still confuse their customers with overly technical language. We talk to you in non-technical language, one human being to another.
  • We will resolve your issues—and that means no ongoing or recurring issues. In other words, we don’t briefly put out fires just for them to rise up again. We look at the root cause of a problem and fix the root cause.

If you’d like to talk to us in more detail about our trusted, tailored, and affordable IT in a Box solution, reach out to us.

Thursday, March 17, 2016
Brian Ocfemia, Technical Account Manager

Brian OcfemiaYou might think that hiring IT support only when you absolutely need it might save you a lot of money. Especially if you’re a smaller city with only a few servers, computers, and users, it may seem easier to handle most of your technology issues yourself and only call an expert if something goes really wrong or becomes too technical for you to fix.

Unfortunately, a reactive IT approach hurts your bottom line indirectly and impacts you on many other dangerous levels despite the short-term immediate savings you glean. Even small businesses of one or two people are finding it more and more essential to use some form of proactive technology services and support for their business. With money and their business’s credibility on the line, they can’t afford to mess around.

Neither can you. As a city, you handle incredibly important information, serve citizens every day, and rely on technology to both stabilize operations and complete important projects. Here are five ways that a reactive technology approach hurts your city.

1. You never know your monthly IT costs, leading to an unpredictable budget.

You never know when your next crisis, fire, or repair will happen, and so you won’t know how much your technology services will cost each month or year. And when you deal with a crisis, you have little choice about spending that money. Unpredictable budget line items are bad for cities, and having a reactive IT strategy gives you a consistently unpredictable monthly technology cost.

2. Constant IT crises, fires, and repairs are signs of neglect.

It’s difficult to sound nice here, but we must be blunt. Just imagine a house or an office which often catches on fire, loses electricity, or gets flooded. Would you just fix the immediate problem and not look at the root cause? Many cities put up with technology environments that are the equivalent of these disastrous homes or offices by only dealing with immediate crises, putting Band-Aids on them, and not addressing their root causes. In the long-term, that kind of approach is not only negligent but also expensive because you never really solve the problem.

3. You may have a great deal of uncertainty related to data backup and disaster recovery.

If you’re only reacting to technology fires, then what happens in case of a server failure, a failed backup, or a virus that ravages a computer (or computers) holding sensitive information? Do you know for certain that your data can be recovered? Cities that rely on manual data backups performed by non-technical staff introduce a lot of risk into the process. We find that manual data backups are often not regularly tested—and they fail when most needed. Uncertainty grows even worse in case of a major disaster like a tornado, fire, or flooding.

4. You may leave yourself open to cyberattack from gaping security holes.

Only a proactive IT strategy with continual monitoring, management, and maintenance (by both human beings and automated software) ensures that you are not leaving yourself wide open for cybersecurity liability. As time goes on, more and more laws are passed that hold government agencies (including cities) more accountable for cybersecurity. That includes having adequate protection from hackers, viruses, and spyware along with training employees about not clicking on malicious websites and email attachments.

5. Employee morale and citizen service suffers.

So let’s say you limp along during those times when you’re in between crises and fires, with the hope of saving money. We will bet that several things tend to constantly happen that affect both employees and citizens such as:

  • Incredibly slow servers and computers that slow work down to a crawl.
  • An incredibly slow website that might often crash, preventing citizens from finding information and paying online.
  • Slow or limited Internet access that prevents work and efficient information gathering.
  • Long wait times until technical issues get resolved.

When you let these problems linger, employees grow frustrated, citizens get angry, and productivity gets stuck in the mud. And that leads to further problems like employee turnover, angry citizens at city council meetings, and stalled projects if they are never addressed.

These major problems grow unsustainable over time and may only remain acceptable if it’s your status quo. Sure, it looks like you’re saving money on the surface but the unpredictable costs, fires, uncertainty, and poor operational delivery all lead to lost money and productivity—not to mention a series of embarrassing situations that you have to constantly explain to employees and citizens.

A proactive approach will take care of these issues and save you money over the long run. If you find yourself in a reactive technology situation, reach out to us to hear more about the benefits of proactive IT services.

Thursday, March 10, 2016
Nathan Eisner, COO

Nathan EisnerWant to ruin a city clerk’s day? Say the words, “Open records request for an email.” These kinds of information requests are a giant hassle and we’ve written about their excessive cost. In many cases, cities are at an extreme disadvantage because they use obsolete, outdated email systems or consumer grade email systems that not only make email records hard to find but also may place the city at legal risk.

A modern email system with enterprise-class features will eliminate many of the worries that cities go through when fearing an email open records request. While we’ve talked more about the cost reductions of a modern email system in the past, here we discuss four specific ways that a modern email system will help with open records requests.

  1. Centralized and managed emails. If you have an older email system, you might have limited storage on your email server. That means employees will often store emails on their own computers in local archives. When that happens, it’s difficult to retrieve emails and keep them secure. You also risk losing emails because you’re relying on non-technical employees to archive this information as well as hoping their workstation doesn’t experience a failure. And if you happen to use a consumer-grade, cheap email solution, then you risk issues not only with reliability but also compliance. A modern email system will allow your IT staff or vendor to host the system in a secure compliant location, centralize emails, and manage security, permissions, and archiving.
  2. Ability to retain emails. Modern email systems can be configured to store emails for however long your city deems appropriate—and even retain them indefinitely if you’d like. For example, you can set up your email system to automatically retain emails for a specific length of time, notify you when that period expires, and purge the emails for you.
  3. Advanced email search ability. One problem with many inferior email systems is search and retrieval. When you search emails, you often need to find specific words, phrases, conversations, attachments, and other granular information. For example, modern email software would help you with queries like finding all emails that mention “123 Main Street,” all emails sent between John Doe and Jane Doe, or all emails with Form X attached.
  4. Ability to prevent email deletion. Without a properly managed email system, it’s easier for employees to delete emails accidentally or maliciously. That makes the city liable if someone requests to see those emails as open records. A modern email system offers ways for emails to be retained and searchable even if an individual employee decides to delete them on his or her computer. For example, you might consider putting a “legal hold” on emails so that they cannot be purged or altered accidentally.

Ideally, you should not only modernize your email system to make open records management easier but also rely on IT staff or a vendor with extensive experience in retrieving those kinds of emails. With a modern email system and the right expertise supporting your city, you will be able to significantly cut down on the time and cost in processing an open records request.

Reach out to us if you have additional questions about emails and open records requests.

Thursday, March 3, 2016
Dave Mims, CEO

Dave MimsOne of the biggest technology service demands we see at cities is a need for ongoing vendor management. What does that mean? In many cases, it includes things like getting on the phone with a software vendor to resolve technical issues or helping cities purchase computers that specifically meet their needs and budget. But other than immediate issues that need instant resolution, there are quite a few other long-term reasons why ongoing vendor management helps a city’s operations and positively affects its bottom line.

1. Making sure vendors focus on a city’s specific issues and priorities.

Without IT vendor management, it’s easy to get distracted by a vendor’s upselling and irrelevant product features that sidestep your issues and priorities. Vendors need to understand your city’s business priorities and ongoing operational needs in order to focus on your problems. To keep vendors focused, we often work to include them in your city’s planning and seek to understand how they can best help you.

2. Understanding that cheapest is not the best.

It’s understandable to save as much money as possible. But IT vendors usually don’t sell easy-to-evaluate commodities. The cheapest solution may not meet your business needs and the lower quality result may hurt you financially more than the savings you gained. An IT vendor manager can help you evaluate solutions in terms of value rather than strictly on price. Plus, if you know you’re getting the right value for the cost, then you’re also less likely to regularly switch vendors because you’re always looking for the lowest price.

3. Reevaluating contracts and browsing for vendor alternatives.

At the same time, you also don’t want to stay with IT vendors that aren’t meeting your needs or overcharging you. When we first start working with a city, we often take a look at existing contracts to ask:

  • What services is the vendor supposed to provide—and are they providing those services?
  • How do those services compare in breadth and cost to other similar services on the market?
  • Is the service modern compared with current services on the market? Or is it lagging behind the times?
  • Is the city receiving the full support that’s included in the contract?

Once those questions are answered, an IT vendor manager can then formulate a plan that better maximizes what a city gets out of existing vendors or prompts the city to shop for new vendors that better meet business needs.

4. Relying on experienced IT professionals to communicate with vendors.

We mentioned in the introduction that the most common vendor communications tend to be important but reactive—such as a software issue or need to purchase a computer. Beyond these communications, it helps for experienced IT professionals to set the tone of a vendor relationship and build it up positively. If vendors know that an experienced IT professional is overseeing their work, it will be easier for them to engage with your city and do exactly what they promise. With a good relationship established, you’ll also find that vendors respond more quickly and efficiently to both short- and long-term issues.

5. Holding your vendors accountable.

Ultimately, IT vendors need to deliver what they promised. We find a lot of cases when it’s unclear what a vendor is doing and what results they are producing. When selecting a vendor, requirements documents help define exactly what the vendor provides. After selecting the vendor, it helps to get reports that show relevant metrics or results (depending on the service provided). This reporting doesn’t have to be that fancy—but it should basically show that your city receives the results they expect.

Typically, building vendor relationships can be difficult for non-technical city staff (and even the limited number of IT staff onsite) because of the time and technical expertise it takes. Having municipal-experienced IT professionals manage these important vendor relationships ensures that you extract the most value for your investment. And because technology investments are often quite expensive, this kind of professional oversight is more essential than ever.

Have questions about your vendor management process? Reach out to us today.

Thursday, February 25, 2016
John Miller, Senior Consultant

John MillerAs investigators combed for information about the San Bernardino shootings, they relied on electronic information that the killers thought was destroyed. The killers assumed that by damaging their electronic devices (including throwing some of them in water) that all of their information would be destroyed.

However, it takes a lot more than smashing an electronic device to confirm that all data is successfully destroyed. That’s why the FBI could possibly still find information on the killers’ damaged electronic equipment.

From an IT point of view, we can learn from this incident and show why professionals need to decommission your hardware when you no longer need it. You might think you can do it yourself, but here are some issues you will encounter and mistakes you may likely make.

  1. Thinking that deleting or erasing data counts as decommissioning. Even if your computer offers you the option of “permanently” deleting files, it’s still not a sure bet that the data is fully gone. That’s because computers often don’t actually delete the data. Instead, a computer simply understands that new data can overwrite the old data if needed—and until it’s overwritten, it’s still there. Imagine having a bookshelf full of books that you want to throw out, but instead you only throw out a few old books at a time to create space for new books. If someone gets a hold of an unencrypted computer that you’ve tossed out or resold, then sensitive data may still be accessible because it’s actually still there.
  2. Failing to destroy the correct parts of a computer. An amateur might smash up their computer and toss it out, thinking they’ve destroyed the data. But there is usually a specific part that needs to be destroyed. For example, most of the information on a hard drive is often stored in a metal platter hidden behind layers of plastic, metal, and screws. You may smash your hard drive but fail to destroy or damage the metal platter. If someone gets a hold of that metal platter, they still may be able to retrieve information from it.
  3. Introducing the risk of safety issues. Many online tutorials talk about “surefire” ways to destroy a hard drive. But they often create serious safety hazards with flying parts, glass bits, and incredibly strong magnets. Smashing the hard drive with a hammer, burning it in a fire, or baking it in a microwave may sound fun and adventurous—but it’s also dangerous. Especially if you do it wrong.
  4. Negatively affecting the environment. Even if you do manage to crush and destroy a hard drive, it’s not good for the environment to throw electronic equipment into a normal garbage dumpster. There’s a reason that electronics recycling has become such a big industry. Electronics equipment is generally not good for landfills and there can be hazardous materials that expose city staff to health and safety issues. An IT professional will properly decommission your hardware and also recycle it in a way that benefits the environment.
  5. Failing to encrypt the information. You should always plan for a worst case scenario despite taking proper precautions. Even if an IT professional decommissions your computers, it’s still a great best practice to encrypt the information. That way, even if the slight chance exists that someone gets access to a piece of damaged yet still readable data, it becomes close to impossible that someone could even read the information.

Depending on how you want to decommission your hardware, IT professionals will safely and securely make sure that no information can be retrieved by a third party. Wiping a computer so that it can be reused means professionals using complicated software and a complex set of technical steps to ensure that the hard drive is completely erased. And hardware decommissioning and disposal is similarly left in the hands of trained IT professionals.

Need help decommissioning hardware? Reach out to us with any questions.

Thursday, February 18, 2016
Alicia Klemola, Account Manager

Alicia KlemolaIn the old days (and yes, in IT that does not necessarily mean that many years ago), it was common for a single IT person or even a non-IT person to handle many of the ongoing technology-related issues at cities. For cities that could afford it, some hired an IT person who served more like a repairperson. When problems arose, the “repairperson” would arrive onsite, put out the fire, and leave.

As technology evolves and becomes not only more complicated but also more critical to the functioning of cities, the IT staff or repairperson model reveals significant limitations. But many cities often think of a 24/7 helpdesk as too expensive or a “nice to have” that may be overkill.

Here are five important ways your city can benefit from a 24/7 helpdesk—and why they are not just “nice to have” anymore.

  1. Always available. We don’t live in a 9 to 5 world anymore. People check email before and after work—and on weekends. Your community expects to engage with your city services 24x7 such as paying a bill online, visiting your city website, learning about what happened at council meetings, contacting your police department, and more. Each of those operations and services rely upon technology that must be up and available 24/7. For technology issues and disruptions that can happen at all hours of the day, you need a helpdesk that is always available.
  2. “We’re on it.” That’s what any city employee wants to hear when they encounter a technology issue. Today, you may be in a situation where you may not even get an issue addressed for days. In the meantime, the issue halts your work or lessens your productivity. A 24/7 helpdesk responds to your problem and puts someone “on it” quickly.
  3. Accountability for all reported issues. Each reported issue gets assigned a ticket number and someone is held accountable for that issue until it’s resolved. Plus, you can always check the status and current estimated resolution time to see the progress that’s been made. It’s often frustrating when you report a problem and you don’t know if it’s even close to completion. A 24/7 helpdesk builds in accountability from the ground up.
  4. Proper problem escalation and troubleshooting. As you might know from projects around your house, every problem doesn’t require a hammer. Different problems require different resources and solutions. A 24/7 helpdesk can quickly figure out if you’re having a basic, common issue that can be resolved in minutes remotely or if it’s a severe enough issue for someone to address onsite. Historically, reactive IT services often use any small issue as an excuse for an onsite visit. A 24/7 helpdesk works as efficiently as possible and will often remotely resolve many issues quickly—negating the need for an onsite visit.
  5. A deeper well of diversified knowledge. A good 24/7 helpdesk will be staffed with a variety of skilled engineers. Depending on your problem, any person answering the helpdesk will have a wealth of knowledge and specialized engineers at their fingertips. While a single IT staff person or point of contact at a small IT vendor may know a lot, he or she can’t know everything. A 24/7 helpdesk distributes a lot of knowledge and specialization in an efficient way so that your problems are more correctly diagnosed, escalated to the appropriate potentially specialized resources, and resolved more quickly.

If there’s a theme with these benefits, it’s that you get a lot of bang for a very small buck. 24/7 helpdesks evolved out of a need for efficiency and responsiveness—requiring quick problem resolution with the most knowledge on hand. As time has gone on, 24/7 helpdesks have become more cost-effective and affordable for smaller cities.

Exploring a modernized IT services solution in which your IT needs are taken care of 24/7? Contact us to chat further.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 |