We put the IT in city®

CitySmart Blog

Thursday, August 20, 2015
Nathan Eisner, COO

Nathan EisnerAfter many cities modernize their technology, they end up asking, “Why did we wait so long?” The financial and productivity ripple effects are often so immediate and startling that it's like getting a positive boost of energy and morale. In addition, real financial impact results from both a reduction in capital expenses and operational expenses.

This post focuses on the cost savings that accompany a reduction in capital expenses for hardware and software. As you will see, there are many parts and pieces that affect your budget simply by focusing on the hardware and software you own or lease.

  1. Hardware. Your servers. Your workstations. Even your networking hardware like routers, switches, and firewalls. The more hardware you own and maintain onsite, the more costs you accrue. Not only do you need to purchase hardware but you also pay for installation, warranties, and licenses. Cloud services often reduce the amount of servers that cities own (and, as a result, the amount of networking hardware you own). If your workstations are more than five years old, you may also suffer from productivity issues that can be solved more cheaply by upgrading to brand new workstations. Computer hardware continues to get better and, at the same time, lower in cost.
  2. Software. Software often creates large expenses in a city budget. Purchasing software and user licenses, installation, data migration or integration with other software, and ongoing upgrades add up to a lot of money. Many advancements in software delivery, especially through the cloud, have lowered software’s overall costs—including lessening the hands on expenses of onsite maintenance. Assess if your aging software might be better served by a cloud solution to potentially decrease your overall costs by a significant margin.
  3. Procurement. With less hardware and software to manage, you will find yourself purchasing less hardware and software. Whether it’s your procurement office, your city manager, your city clerk, another member of your city staff, or your IT vendor helping you buy hardware and software, purchasing takes a long time. You write up requirements, post an RFP or RFQ, receive responses, assess them, interview vendors, and make a final selection. Even if you’ve streamlined parts of the purchasing process, it still takes up a lot of time.
  4. Asset management. The more you have, the more you need to track. As part of your asset management, you need to keep tabs on all hardware, software, networking equipment, warranties, and licenses. This activity requires dedicated attention to make sure all inventory is accounted for, all licenses are up to date, and that assets are replaced or upgraded in an appropriate timeframe.
  5. Managing the hardware and software lifecycle. Obviously, the upfront costs of hardware and software are significant, but there is also occasional maintenance, upgrades, repairs, and (eventually) decommission. The more hardware and software you manage onsite, the more of these costs pop up along the way. Especially for older machines, repairs and maintenance become more frequent, essential, and costly. That’s why the more hardware and software you can move into the cloud, the less costly your onsite maintenance.

Aging hardware and software suffers from two major disadvantages. First, it’s simply old, expensive to maintain, and unable to perform at a sufficient capacity. Second, it doesn’t make financial sense compared to modern and emerging technologies that save organizations money by simply eliminating the need to manage hardware and software onsite. Examine the costs of the areas above with your IT staff or vendor and explore if there are ways that you can save money.

Part 2 of this post will address operational expenses related to IT. If you have questions about your IT capital expenses, give us a holler.

Thursday, August 13, 2015
John Miller, Senior Consultant

As cybersecurity concerns continue to grow and grow, you will often hear that many data breaches occur because of employees clicking on suspicious emails. It’s obviously frustrating that an organization can implement the strongest firewalls, antivirus software, and antispam software and yet still get a crippling virus from a simple email.

While it’s smart to make sure you have as many preventative methods in place that block or warn people about suspicious threats before they even happen, even the best of us can still click on suspicious emails. Here are a few tips that will help employees keep from clicking.

1. Look at the email address of the sender.

Hackers have become good at creating sender names that at first glance seem legitimate, such as “GoogleNotify” in the example below. But take a look at the sender’s email address. It’s clearly not from a Google email account. Sophisticated hackers may use a name that looks more legitimate, but email addresses are often an area where most hackers fall short—making it easier to know it’s a fraud.


2. Ask yourself if the email is normal or typical?

Suspicious email attachments usually ask you to do something that you’ve never done before. If you feel immediate suspicion or you immediately wonder why an organization would send you this email, then that feeling is a red flag. For example, if the email says your bank suspended your account and you need to download a zip file attachment to restore it, ask yourself if that sounds right. If you’re in doubt, go to the organization’s website or call the organization to ask if the email is legitimate.

3. Is the email asking you to click a strange link or an attachment?

If the email seems unusually desperate to get you to click on a link or an attachment, that’s a red flag. Especially be careful about attachments. Any legitimate organization does not typically conduct business through having customers download zip files as a part of a transaction. And while many legitimate emails provide links, you need to assess your trust and past interactions with the organization sending the email. If it’s an email newsletter from a trusted organization with clear identifying information, you’re probably fine. But if the sender is asking you to do something odd such as accessing your email messages through a link (when you normally just go to your email account), then be extremely wary.

4. Is the email crystal clear?

If it is a vague communication, such as “Undeliverable messages. Get more information” be wary. Any professional organization would provide more information and context about a particular issue. A professional email provides a full description of what the organization asks of you and will provide contact information to not only handle any of your questions but also in case you want to verify that the email is not a scam if you have doubts.

5. Are you asked for sensitive information?

This is where the rubber meets the road for data breaches. Once you give out sensitive information like a password or social security number, your organization may be exploited. This is an area where your employees absolutely must err on the side of caution. No matter who asks for sensitive information, always confirm that request with someone in authority. When in doubt, confirm.

If a theme emerges with these questions, it’s that employees need a certain “street smart” mentality applied to email. And sometimes emails skirt the line. Recently, Facebook sent one of our employees a legitimate message that looked like a phishing attempt. That employee instead went to Facebook directly to handle the problem instead of clicking through any link in the email—just to be sure. In another instance, a similar looking email supposedly from Apple turned out to be a phishing attempt. Erring on the side of caution should be your employees’ rule of thumb, and it’s something to constantly communicate to them to help avoid viruses and data breaches.

Concerned about data breaches through email? Contact us to talk in more detail about this problem.

Thursday, August 6, 2015
Alicia Klemola, Account Manager

Alicia KlemolaWhile document management systems seem logical for much larger cities, they often at first seem like overkill for smaller cities. We even admit there is a tangibility and reassurance about paper that electronic files still don’t give us. You can touch them, hold them, and know those paper documents are there.

However, paper documents involve many risks that are dangerous if you rely on them. That’s true even if you make copies of those paper documents. While you may always need some paper documents in certain cases, here are five reasons why you need to switch over to a document management system that digitizes as many of your files as possible.

  1. Paper files are more difficult to access. What would you rather do? Spend time (minutes, hours, or even days) down the hall going thru file cabinets looking for a specific set of documents? Or at your computer pulling up those same documents in seconds from a document management system? Accessing a lot of specific information contained in paper documents can take a long, long time. That’s staff time wasted doing something tedious and inefficient. With a document management system, you search and find information just like you would search on Google.
  2. Paper is too easily damaged or misplaced. Whether it’s wear and tear from handling documents over a long period of time or immediate damage from flooding or fire, paper documents are too easily ruined. Also, they can be misplaced—accidentally thrown away, misfiled, or lost. Electronic files that are backed up live on without damage. If someone deletes or corrupts a file, you can usually restore it through a backup copy.
  3. Paper is it. There is no backup. Sure, you can make additional paper copies of a document and even store them in a different place. But that really makes the problem worse. With electronic documents, you can back them up in a variety of ways—onsite and offsite. That way, even a disaster like a tornado or fire will not destroy your files.
  4. Paper takes up too much space. Your city buildings offer you limited space, and that space is expensive. If you can get rid of most of your paper, you can free up entire rooms instead of having to acquire more space or cram too many people into limited offices. You can also get rid of clunky, large file cabinets.
  5. Eliminating paper reduces your costs. Think of how much paper and toner you use each year. That’s a lot of money, especially to smaller cities. By getting rid of that cost, you can have a positive impact on your city budget. That also means you use printers less, giving them a longer shelf life.

Despite paper’s reassuring qualities, you can see that paper makes less and less sense from a business perspective each year. Time saved, freed up space, and the reduced costs of paper and ink save you money. Furthermore, your liability goes down. If your paper documents are destroyed, the financial repercussions are much higher than if you use a backed up electronic document management system.

Interested in discussing the benefits of document management versus paper in more detail? Reach out to us with your questions.

Friday, July 31, 2015
Victoria Boyko, Software Development Consultant

Victoria BoykoFor many cities, it’s challenging enough to modernize their websites. It creates a big visual shift for your city, it takes an investment of time and money, and it opens you up to new website features that you need to learn. But we see many great new city websites suddenly go dead due to one culprit: content.

Content is information. Text, images, audio, video. It’s what you create to communicate important information to citizens. But content creation is hard, time-consuming, and sometimes expensive. It’s easier to write up some copy and leave it on your website for as long as possible.

However, today’s Internet-savvy citizens expect more from city websites than ever before. Much more. Websites are no longer a novelty or secondary source of information. Today, your website is often the first source of information about your city that people discover and research.

Here are seven reasons why you need to invest the time, either with someone on your city staff or a freelance writer, to keep supplying your city with fresh information.

  1. Report news, events, and public meetings. Some of the freshest, most regularly updated information on your website should be your city news, events, and public meetings. This kind of information is incredibly useful and convenient for citizens, and it also helps with government transparency. It’s a pain for citizens to travel to the city council meeting location to get information, so reporting all news and information about city business helps them stay informed.
  2. Supply content for social media. You do communicate to your citizens on social media, right? If so, what do you share? You don’t have to worry if you’re regularly creating new information every day and week. Share information about city news, events, public meetings, school closings, road closures, emergency notices, and other items of interest on social media. Create the information first on your website, and then share it on social media.
  3. Provide high-quality citizen services. When citizens need deeper information about city departments, laws, fines, taxes, utilities, and other services, they need to easily find useful information on your website. Too many cities still have poorly written, incomplete information that only helps to increase call volume at city hall with people asking obvious questions. Those questions can be handled on your website. Think of what people need to know about your services, and then supply that information on your website.
  4. Look good to businesses to help with economic development. When businesses and economic developers consider growing business in new cities, they research online. If they see that most of your city website was last updated three years ago, and the last news item is from 2013, they will look elsewhere. Fresh content is like a fresh coat of paint. It keeps your city looking vital.
  5. Avoid confusion and liability issues because of inaccurate content. When you don’t update your website content and just leave it up there for a long time, you risk presenting inaccurate content to the world. Even just reviewing and updating your website content every year can help avoid serious issues. In some cases, your city may even be liable for posting inaccurate information.
  6. Fresh information helps people find your city on search engines. Google and other search engines now “reward” websites that keep their content fresh and up-to-date. If you’re not regularly updating your website, other less valuable and inaccurate websites have more of a chance of popping up for your citizens if they’re using Google to get information about your city.
  7. Foster a feeling of civic pride. Last but not least, do you really want your website to look and feel like an abandoned house? Especially when so many people are going to get their first impression of your city through your website? If anything, keep your website information fresh and timely to simply reflect the pride you have in your city.

Because content takes such constant, ongoing hard work, you may want to designate someone who primarily takes on the role (or roles) of creating, uploading, and maintaining your online presence. They don’t need to originate all of the information, but they can help collect it from busy members of your city staff, help write it up, and post it.

Needing to freshen up your city website content? Reach out to us for more tips and advice.

Thursday, July 23, 2015
Brian Ocfemia, Technical Account Manager

Brian OcfemiaIf you still use Windows 2003 servers, you’re not alone. Millions of servers around the world in many organizations still operate using this popular server platform to run software, databases, and other tools.

However, Microsoft ended its extended support for Windows 2003 servers on July 14, 2015. What does that mean for you?

Well, you might think things are fine. After all, you’ve run your software on these servers for many years. Your IT staff or vendor may even know these servers like the back of their hand. Even if Microsoft ended support, you’ll be fine, right?

Wrong. Here are several important, critical reasons why you need to move off of your Windows 2003 servers as soon as possible.

  1. Significantly increased security risks. Microsoft is no longer providing security patches for Windows 2003 servers. That means your servers are at a higher risk of experiencing viruses, hacking attempts, and data breaches. Because access to your servers means access to your most important software, databases, and applications, you cannot risk keeping your Windows 2003 servers without opening up your most sensitive information to the outside world.
  2. No more support from Microsoft. Microsoft will not provide any more patches or updates to fix bugs, security holes, and other issues for Windows 2003 servers. Even if your IT staff or a vendor helps you, they will struggle to fix any server problems because they will not have access to Microsoft for support or a patch to resolve the issue.
  3. Increased risk of liability. Does your city handle online payments, financial data, or sensitive citizen information to provide services? Using unsupported Windows 2003 servers may expose you to legal situations because of negligence around how you handle sensitive data.
  4. Increased costs. Old servers already show their age, and you may already struggle with server failures and downtime. Repairing and maintaining these servers costs money, and the downtime also costs money. That problem will now grow even worse.
  5. Greatly diminished employee productivity. If your employees rely on old, now unsupported Windows 2003 servers to do work in the world of 2015, then it’s likely their productivity is hurting. Not only will downtime and interruptions affect productivity but also the lack of modern software and databases they can use to do work.
  6. Inability to scale your technology and use modern software to meet citizen and employee needs. Your Windows 2003 servers create a ripple effect that affects software, applications, databases, and other tools throughout your city. There is simply so much you can’t do when using such out-of-date servers. And taking advantage of the amazing cost benefits of the cloud? Forget about it. Not with Windows 2003 servers.

Okay, but what do you need to do next? The important first step is to recognize that you need to transition from your Windows 2003 servers to something secure and modernized. While we recommend talking to us in more detail about your particular situation, generally you will probably consider:

  1. Setting up a meeting with your IT staff or vendor to discuss your current technology situation and where you need to be.
  2. Conducting an inventory and assessment of all your servers and software, including your Windows 2003 servers, to see what you have.
  3. Set priorities on what you need to transition from Windows 2003 servers to a modern server environment, such as the cloud.
  4. Start transitioning!

If you’ve run software, applications, and databases on Windows 2003 servers for a long time, this situation can be a lot to digest financially and operationally. To ease your concerns and get a game plan going, please reach out to us.

Tuesday, July 21, 2015
Dave Mims, CEO
Dave MimsAML helps city launch new website, stabilize network infrastructure, and establish a technology partner.

Incorporated in 1967, the city of Bethel Heights, Arkansas has recently experienced rapid population growth. Increasing from 714 people in 2000 to 2,373 people in 2010, such quick growth changed Bethel Heights’s classification in Arkansas to a second-class city. That shift in growth means more citizens needing and demanding important services. And like many cities, Bethel Heights found itself needing to modernize its technology to keep pace with this higher demand and stress upon city staff.


Unfortunately, Bethel Heights struggled to find reliable IT support to meet the service demands of a rapidly growing population. The city’s previous IT vendor did not always respond to requests for help and frequently missed project deadlines. This situation left the city with quite a few problems and challenges.

  • Outdated equipment. Despite investing in new server hardware, that new hardware sat unused for months while the city’s previous vendor missed deadline after deadline to set it up. That meant the city kept using outdated equipment and wasted its investments in new equipment.
  • Unstable, unreliable wireless network. The city became highly dependent on an unreliable wireless connection shared between city hall and the police department. Despite both buildings located across the street from each other, both facilities stopped working when one side’s wireless connection went down.
  • Outdated, unreliable website. Because of an outdated website that often failed to work, the city lost major opportunities to communicate with citizens and promote Bethel Heights.
  • Uncertainty related to onsite and offsite data backup. The city could not be sure of recovering its data in case of a server failure or larger disaster such as a tornado.
  • Reduced ability to satisfy Freedom of Information Act (FOIA) requests related to email. The city ran email software on a server that had significant storage limitations. This limited technology severely restricted the city’s ability to satisfy FOIA requests.


Bethel Heights solved these challenges and modernized its technology by using the Arkansas Municipal League’s “IT in a Box” service. Powered by Sophicity, “IT in a Box” is a complete IT solution for cities and local governments. The service includes:

  • A website
  • Data backup
  • Offsite data backup storage
  • Email
  • Document management
  • Vendor management
  • Microsoft Office for desktops
  • 24x7 helpdesk and support
  • Server, desktop, and mobile management


“IT in a Box” helped Bethel Heights:

  • Implement rock solid, reliable 24x7 IT support.
  • Maximize its investment of already purchased new equipment.
  • Stabilize its network infrastructure to reduce downtime.
  • Launch a new, modern city website.
  • Set up comprehensive onsite and offsite data backup and disaster recovery.
  • Migrate email to a reliable, searchable cloud platform to help with FOIA requests.
  • Create a predictable IT budget.
We are so amazed with the services that Sophicity has provided for Bethel Heights. We thought our systems were secure until we became infected with a virus. We then discovered we also had many more issues that needed immediate attention. Sophicity was the only IT company that could provide every service the city needed. Sophicity was excellent in guiding me through my many questions. We have new computers, offsite backup, a reliable wireless network, and 24/7 help. We receive prompt service from a friendly, professional staff. Sophicity transformed our old website from a “lump of coal” to a shiny new diamond! Since we acquired Sophicity’s services every need has been met with complete satisfaction. - Cynthia Black, Mayor
If you're interested in learning more, contact us about IT in a Box.

Print-friendly version of the Bethel Heights, Arkansas IT in a Box case study.

About Sophicity

Sophicity is an IT products and services company providing technology solutions to city governments and municipal leagues. Among the services Sophicity delivers in “IT in a Box” are a website, data backup, offsite data backup storage, email, document management, Microsoft Office for desktops, server, desktop, and mobile management, vendor management and a seven-day a week helpdesk. Read more about IT in a Box.

Thursday, July 16, 2015
Dave Mims, CEO

Dave MimsIn many organizations such as cities, technology is often separated from discussion about business needs and goals. For example, city managers will focus on important areas like the city’s budget, citizen service, and city operations and see technology as a separate line item or cost center. Talk about new hardware, software, a website, or IT support then becomes something that’s more of a “nice-to-have” that the city can either afford or not. Only when technology seems absolutely essential or needed to avert an emergency is it seriously considered.

If this is how your city thinks about technology, you’re not alone. Many businesses and organizations think similarly about investments in technology usually due to an “IT public relations problem.” Historically, IT has often seemed like it’s an arcane, isolated department that uses technology to make cool things happen on top of regular business goals, operations, and projects.

But that’s not the way to think about technology. It’s actually ingrained in the day-to-day areas that keep city managers up at night. Here are some of those areas, and why technology helps city managers achieve their goals in each area.

  1. Budget. One of technology’s main benefits over the years is how it helps so many organizations cut costs and maximize existing investments. If you’re not harnessing technology to help cut costs, you’re missing crucial budget slashing opportunities. For example:
    • Transitioning hardware and software to the cloud helps your city get rid of hardware, free up space, eliminate expensive software licenses, and reduce maintenance costs.
    • Reviewing ISP and telecom contracts and exploring different options potentially offers you a chance to reduce costs.
    • Proactive IT support offers predictable costs instead of the havoc of reactive IT support with unpredictable costs.
  2. Citizen service and engagement. City managers focus on how to make citizens happier and more engaged with local government. Today, that task is impossible without a quality website, social media outreach, and accommodating people’s increasing use of mobile devices. A poor website that lacks easy-to-find information, news and announcements, and services such as online payments will frustrate citizens and reflect badly on your city.
  3. Attracting and retaining top-notch employees. Often overlooked, good technology impacts the experience that employees have when working for your city. Slow, broken technology not only brings productivity to a crawl but it also frustrates employees—who will then seek employment elsewhere. Replacing hardware every 3-5 years and upgrading outdated, creaky software shows employees that you care about their work environment and understand the right foundation that leads to productive work.
  4. Operational efficiency. As a city manager, day-to-day operations are your core responsibility. Great managers make operations as efficient as possible so that they can focus on more strategic goals and projects. Technology helps avoid operations that are chaotic, broken, inefficient, and manual, where you’re always putting out fires. A strong technology foundation greases the operational wheels, and the right software can drastically help departments like city hall, finance, and public safety.
  5. Avoiding risk, liability, and security threats. Poor investments in IT infrastructure, management, and support opens your city up to significant cybersecurity risks. For example, when we hear of cities that are crippled by a virus, we often see as we unpeel the layers that the city lacks investments in technology. City managers need to worry about unauthorized access to sensitive data, employees clicking on malicious websites and email attachments, and the right mix of technology and support that helps monitor and handle security threats.

If viewed as a “nice-to-have” or a cost center, technology can seem quite detached from the day-to-day worries of a city manager. But if viewed as a core foundation of helping city managers do what they do best, technology is an essential investment that helps cut costs and achieve important goals. The financial investments for technology are similar to ones that justify money spent on regular asset inventory audits, customer service, talent recruiting and retention, and insurance. That means you need to work with IT professionals who understand how to speak your language—not just the language of technology.

Need to talk more about how IT impacts your world as a city manager? Reach out to us.

Thursday, July 9, 2015
Nathan Eisner, COO

Nathan EisnerThankfully, with our Data Continuity Appliance (DCA) your organization currently doesn’t have to worry about the threat of losing data as a result of a server failure or disaster. This service regularly and automatically backs up your data and allows you to recover your data even after the worst disasters.

Because 24x7x365 environments like public safety, insurance organizations, and your organization cannot afford any downtime, we continue to stay committed to meeting your disaster recovery and business continuity needs.

At no additional cost and with the possibility of reducing your monthly DCA cost, we are making the following enhancements to your DCA services.

  • Backed up data now mirrored in an additional (secondary) data center facility. With backed up data geographically dispersed on both coasts of the United States, we further reduce the potential impact of a widespread disaster impacting your area.
  • Improved technology to minimize the amount of storage. Through a technical process called “deduplication,” we basically minimize the amount of storage you use. This helps keep your costs under control.
  • More granular control of what data you want to back up. We’ve always captured data comprehensively at the volume level to ensure a full recovery. But now, you can exclude non-critical data that you don’t want to back up. This potentially reduces your offsite data backup storage costs. (Note: Exclusions will only be performed by your direction. By default, the DCA will continue to capture at the volume level.)
Here’s a quick overview of our current DCA features, including our new enhancements.
  • 24x7x365 data backup
  • Fully automated, tapeless technology
  • Hourly onsite data backups
  • Onsite data backup storage
  • Onsite quick virtualization in the event of a server failure
  • Daily offsite data backups for disaster recovery
  • Mirroring of offsite data backups across two geographically diversified data centers (one on the East Coast and one on the West Coast)
  • Data deduplication to minimize offsite data backup storage requirements
  • Offsite server hosting for failover
  • Day-to-day restoration and full recovery in the event of a catastrophe
  • Real-time monitoring and full management of the DCA and remote storage
  • 256-bit high security encryption of all data onsite, in-transit, and offsite
  • Quarterly audits including data integrity tests and disaster recovery simulation. Yes, we test your data quarterly for recovery to give you peace of mind.

Contact us to learn more about our DCA and how it can help you back up your data while protecting you from disaster.

Thursday, June 25, 2015
John Miller, Senior Consultant

John MillerIf you work for a larger city, you might understand why hackers target it. The size of an Atlanta, a Lexington, or a Little Rock attracts a lot of cybercriminals, but those cities also spend a great deal on resources to defend themselves. We often hear that hackers should consider smaller cities to be so inconsequential that these cybercriminals wouldn’t bother attacking them.


The media only reports on the biggest hacking and data breach cases, leading many of us to think that only large government organizations get attacked. But many data and cybersecurity breaches occur at smaller cities that go mostly unreported and unnoticed.

So why do hackers go after your small cities? Here’s why.

  1. Hackers look for easy targets. Similar to the mentality of burglars or robbers going after unarmed, defenseless people or breaking into cars with visible valuables in them, hackers often see small cities as easy targets due to relatively unsophisticated security. It’s the same reason why individual computers without proper firewalls or antivirus software usually become compromised. With so many cities in the United States, hackers are betting on the chance that their security is not up to snuff.
  2. Smaller cities unfortunately often do have weaker security. It’s unfortunate that cities often live up (or down) to a hacker’s expectation. Vulnerable hardware, software, network equipment, wireless access points, physical security, and weak points are usually more frequent at a smaller city that hasn’t taken the time to examine its security weaknesses. If the probability increases for hackers to exploit these smaller cities, hackers will target those cities.
  3. Smaller cities tend to forget about internal security weaknesses. Many smaller cities at least invest in a firewall and some antivirus software. Usually, that will take care of many external hacking threats. But what about internal threats? Many data breaches are the result of weak server and computer passwords, users given access to data that they should not be authorized to access, and employees clicking on malicious websites and email attachments. Without also addressing the sources of internal threats, your city will be incredibly vulnerable to an attack.
  4. Smaller cities often have vulnerable, open wireless access points. Often overlooked, unsecured and unencrypted wireless access points are easy points of entry for hackers. Larger cities might have more physical obstacles that make it hard to sniff out any wireless access points, but smaller city buildings are usually modest in size and easy to get near. You need to secure and encrypt all wireless access points to shore up this weakness.
  5. Smaller cities often don’t have IT staff or a vendor providing ongoing, independent monitoring and maintenance to look for security anomalies. Again, if cities just have a firewall focused on external threats, it’s like having a guard only watching for intruders that approach a building—rather than understanding if something is going on inside a building. Independent monitoring and maintenance identifies and raises red flags about both internal and external attacks. Unusual repeated log-in attempts, abnormally high data usage, or unidentified users accessing data should alert your IT staff or vendor. They will then flag these events as possible security risks and investigate further. Without that kind of internal, as well as external, monitoring, you might miss an attack that originates from inside your city.

Hackers bet on your probable lack of security. For a quick assessment, ask the following questions that we posed in a recent webinar:

  • Are my passwords strong enough to prevent hackers from stealing city information?
  • Is my city at risk for getting a computer virus that allows hackers to steal information?
  • Is outdated software and a lack of regular software maintenance leaving me open to a cybersecurity attack?
  • Is my technology physically protected from unauthorized people stealing data or equipment?
  • Is my city website secure and hosted by a reputable provider?

More questions about the state of your cybersecurity? Reach out to us and we’ll help give you some answers.

Thursday, June 18, 2015
Brian Ocfemia, Technical Account Manager

Brian OcfemiaIf you owned a restaurant where the power continually went out, fires constantly erupted in the kitchen, and food always went bad, you could approach this problem in two ways. You could mess with the wiring every time, use the fire extinguisher every time, and throw out the bad food every time, doing the best you can to work around these obstacles. Or, you could investigate and remedy the root cause of the power outages, the fires, and the bad food so that these problems went away for good.

Obviously, you would choose the second approach. However, many cities unfortunately put up with information technology that parallels the first approach. Servers fail. Your website constantly goes down. Your tape backup never seems to work. Many cities just put up with these ongoing problems, moving from fire to fire. And some IT vendors are good at keeping many cities at the fire level, billing for these constant, ongoing issues without ever really curing them for good.

These kinds of problems affect how you serve citizens and how much work your employees can accomplish each day. Fighting fires every day is unwise for our restaurant owner, and it’s unwise for your city. Here are some steps your IT staff or vendor needs to take in order to cure your IT problems for good.

  1. Set up an ongoing IT monitoring and alerting system. Most IT staff or vendors use some type of monitoring and alerting software, but the quality and rigorousness can vary. Make sure your monitoring and alerting software gives you deep data that uncovers problems such as performance issues, outages, downtime, and security risks. At the same time, you don’t want software that gives you too much noise that confuses rather than clarifies any issues that arise.
  2. React to alerts, and collect data about how you fix them. Similar to what any IT vendor will do, you will react to any urgent alerts and remedy any problems impacting your city. At the same time, alerts will surface that indicate issues on the horizon. It’s at this point that you will be able to proactively address problems based on what the monitoring and alerting software is telling you. Usually, we attack a lot of urgent and near-term issues early on when working with cities that previously had a more reactive IT staff or vendor.
  3. Look for patterns in the problems you’re fixing. This is where the restaurant analogy comes into play. The difference between a below average and above average IT staff or vendor is usually at this step. You’re looking for deeper causes to ongoing problems, and that means investigating deeper than just fixing an immediate issue. An IT professional will start taking a deeper look at hardware, software, network equipment, wireless devices, Internet and phone connections, and mobile devices.
  4. Fix core problems. Your IT staff or vendor might report to you that repeated server failures are symptoms of a server over five years old that will continue to fail due to age. Corrupt data backup tapes may show symptoms of a cheap, outdated, and unreliable form of data backup that can’t handle the current demands of daily city information. A website constantly going down may indicate that it is old and poorly built compared to modern websites. Core problems then get addressed by fixes that are permanent, not temporary, such as moving your data and software applications to the cloud, upgrading to an automated data backup system, or launching a new website.
  5. Monitor, fix, and repeat. Once you fix your various glaring core problems, it’s tempting to think you’re fine and let your eye off the ball. But information technology monitoring and maintenance is an ongoing process that requires professional vigilance. Your goal is to see as few problems as possible, but hardware, software, and equipment will always grow older and experience problems and glitches. Staying on top of these problems is the best way to keep city operations smooth and to maximize your original IT investments.

While some cities may think that spending money on continuous monitoring and maintenance is expensive and overkill, especially when they don’t experience IT problems anymore (which is good!), just think of our restaurant example. We’ve all experienced certain businesses that just “get by” or eventually go out of business if they can’t take care of their core problems. While cities can’t go out of business, they can certainly inhibit good business by flailing around with solvable IT problems. Put out your IT fires for good, instead of dealing with a daily dose of fires every day.

Questions about your city’s IT monitoring and alerting? Drop us a line.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 |