We put the IT in city®

CitySmart Blog

Thursday, April 16, 2015
Dave Mims, CEO

Are you cybersecure? Are you protected against data loss? Are you ready if a hacker decides to steal your information?

As cities rely more and more on technology, cybersecurity expectations and accountability becomes greater and greater. Don’t get caught off guard by a cyberattack. Our own Nathan Eisner, Chief Operations Officer at Sophicity, will talk to city staff and elected officials about the non-technical foundation required to effectively protect government data—without busting your budget.

We’ll be broadcasting live from Lavonia, Georgia. Join us online to watch the entire presentation.

Who: Nathan Eisner, Chief Operations Officer, Sophicity
What: Protecting Your City Data – The Basics of Cyber Security
Where: Webcast live from Lavonia, Georgia
When: Friday, April 24, 2015, 10:30 a.m. – noon
Why: To understand your city’s cybersecurity risks for data loss and stolen information

Register online to reserve your seat today.

Thursday, April 9, 2015
Dave Mims, CEO

You might recall the story of Homer’s Iliad where the seemingly unbeatable city of Troy was brought down by a simple trick: the famous Trojan horse. Left behind by the supposedly retreating Greek army, the Trojans took the horse as a war trophy. But Greek soldiers were hidden inside. In the dark of night, soldiers leaped out of the wooden horse, unsealed the gates for the rest of the returning Greek army, and destroyed the city. It’s not a coincidence that computer viruses today are sometimes called Trojans. It’s the same idea—one simple virus can take down your entire city.

It sounds like we’re exaggerating, but we’ve encountered quite a few instances over the last few years when a city will feel that investing in information technology is too expensive. They instead take shortcuts and feel everything is all right as long as nothing serious happens. But then...there is always an EVENT. And it’s deadly serious. A hacker steals financial information and money. Mission critical data is wiped out and there is no backup copy. The website is defamed and causes serious public embarrassment for days, weeks, and even months.

All because of a simple virus. The fact that it’s easy for even a tech-savvy person to occasionally be fooled by a virus means that you need more than a free antivirus program installed on your desktops. Here are some mission critical IT investments that you need so that it’s much less likely that a virus takes your city down.

  1. Enterprise-level antivirus software. For city operations, free or off-the-shelf antivirus software managed by employees isn’t sufficient to ensure that you are protected. Enterprise-level antivirus software is managed and updated by IT professionals such as your IT staff or a vendor. They ensure that it’s installed properly and updated regularly, and they receive alerts when any virus threats hit your city.
  2. Network equipment and security. Invest in a good firewall and set up your network security with strong rules about passwords, authorized access, and secure wireless access points. Your network security complements your antivirus software by making sure that your “city gates,” so to speak, are well guarded and no one can get to sensitive data without the right password and credentials.
  3. Encryption. Assuming the worst and a hacker gains access to your data through a virus, encryption helps ensure that your data is worthless to them. In the past few years, there have been many government stories in the news where a severe cybersecurity breach was made worse because the organization didn’t invest a small amount of money for encryption. The result? Sometimes millions of dollars in repercussions that could have been prevented by an incremental investment.
  4. Website security. We’ve heard some highly publicized cases in the news about websites exposing social security numbers and other sensitive information to public view. Many cities and government organizations often neglect the security of their websites, but many websites now offer online payments, court record data, and other gateways for hackers to steal information that they then use to commit identity theft or steal money. Lock down access to your website and make sure any sensitive information is encrypted and secure.
  5. Data backup and disaster recovery. Assume the worst happens. Like many cities that experience a bad virus, let’s say you lose mission critical data. This is when an investment in data backup and disaster recovery is invaluable. We always recommend both onsite data backup for quick recovery and also offsite data backup for disaster recovery. That also means you need to regularly test and monitor your data backups to ensure they are working properly.

Rather like insurance, investments in information technology can seem pointless, unfair, and expensive because you don’t see anything tangible in your day to day operations. But that’s the point. A sign that you’re making the right investments is when your day-to-day problems are minimized. And when a virus hits, that’s like suddenly becoming ill or needing surgery. That’s when insurance saves the day.

Similarly, for cities that invest in information technology, they know that:

  • A virus will likely be prevented from ever having an effect.
  • If a virus allows a hacker inside, they won’t gain access to any useful information.
  • If a worst case scenario occurs, their data won’t be lost.

To talk about viruses and technology investments in more detail, please contact us.

Thursday, April 2, 2015
John Miller, Senior Consultant

Whatever your politics, personal, non-government, or poorly overseen government email accounts have plagued Hillary Clinton, Sarah Palin, George W. Bush, and many government entities such as the IRS, the Environmental Protection Agency, states, and municipalities. The root cause of many of these tortuously complex scandals and investigations is simple: Using personal email accounts instead of a government email account.

Just look at what happens when someone wants to access those emails. You may like or dislike Hillary Clinton, but it’s objectively a problem when she cannot easily produce information related to her role as a government employee. Plus, the risks of using personal email go beyond transparency. If your IT staff or vendor isn’t managing your email, who is? Your free email provider? Are they providing the right level of antispam, or backing up your emails? Not a chance.

It’s clear that open records laws and the push for transparency makes it less and less excusable to use personal email accounts for city business. If you’re still using personal email accounts at your city, ask yourself the following questions.

  1. Do you want to expose you or your employees’ personal email to open records requests? As Hillary Clinton said, she definitely doesn’t want to reveal her personal emails to the world—and she said that we can all understand that. Unfortunately, that’s not something auditors understand. That’s why she is receiving pressure to hand over her personal email server to a third party auditor to decide what’s personal and what’s business. Similarly, a third party auditor would have an absolute right to look at personal emails from city employees if an open records request required it.
  2. Do you want to spend excessive time and money processing open records requests for personal emails? Because personal email is not centralized and managed by your city, the time it takes to track down city emails from personal email accounts starts to exponentially increase. You might be out thousands of dollars in time and expenses tracking down and handing over the right information. It’s much easier to find and retrieve emails from a centralized city email server that only contains information related to city business.
  3. Do you want to increase the risk of your emails being hacked or increase your exposure to a virus? Personal email accounts are usually free email accounts. That means no one is managing them or ensuring that the proper antispam, encryption, and archiving policies and precautions are in place. While antispam measures have gotten better on free email accounts over the years, they are still not at the level of business-class email services. Using a personal email account opens up too many security risks from weak passwords to users clicking on a malicious email attachment by accident.
  4. Do you want to lose your email data when you are required to keep it? Several scenarios open you up to the risk of data loss related to personal email.
    • Your personal email is not part of your city’s data backup and disaster recovery data, and thus it’s not recoverable in case of data loss.
    • If an employee leaves, it becomes almost impossible and logistically thorny to make them hand over all of their information. You don’t have access to the email account, so what do you do? Ask them to forward 5,000 city business emails to you after they have been terminated? You might be able to get the information, but it’ll be ugly and likely incomplete.
    • Deleting a personal email account is 100% in the hands of the employee, not you. It should be the other way around. Only the city should have the power to activate and deactivate business-related email accounts
  5. Do you want an easy way to lock down email while still using mobile devices? One thing Hillary Clinton complained about was having to use two devices if she was to separately use her government email account and her personal email account. Today, cloud email allows you to use business-class email for your city, lock down that email for authorized users only, and allow people to access it with any device. So, if one of your elected officials complained about the annoyance of using two devices, let them know they can use one device. On that one device, they can easily access two different email accounts that keep their business and personal email separate—without having to use two devices.

If you feel behind the technology curve on email, you’re not alone. If people at Hillary Clinton’s level are wrestling with it, then it’s understandable that many other government entities are too. But now is the time to act. Auditors, lawyers, and the public are becoming less forgiving when public officials cannot provide emails about something critical to the public interest. Business-class email allows you to easily respond to open records requests instead of losing emails in the murk of personal accounts, and it ensures that employees cannot delete or misplace critical information.

To talk in more detail about email and open records laws, please contact us.

Thursday, March 26, 2015
Brian Ocfemia, Technical Account Manager

While states vary in their cybersecurity laws, it’s clear that the stakes are rising for cities to protect their data from loss or theft. Kentucky’s HB 5 is a great example of how states are starting to push for higher cybersecurity accountability, and other states are sure to follow. And it makes sense. With taxpayer dollars funding public services, it’s important that citizens know their information is protected if they are required to hand it over for taxes, public safety and municipal court requirements, business licenses, etc.

Ensuring that you’re cybersecure starts with certain information technology essentials. Whether you’ve neglected to invest in your IT for a while or are continually improving it year after year, it’s worth taking a look to see if you’ve got the right cybersecurity foundation in place.

  1. Encrypted, secure data storage. It’s great if you’re doing data backup and disaster recovery, and if you’ve invested in a business-class email and document management solution. But if you’re not protecting your data onsite, offsite, and in transit, then you leave it open to hackers. Any sensitive data transmitted from a city server or computer to another server (either in a data center or to a cloud service)—including all backups, email, and documents—needs to be encrypted. For security, we take the extra step of ensuring that offsite data is housed in United States data centers so that we are confident they are complying with our nation’s laws and regulations.
  2. Secure, authorized access to software. Software often gives access to sensitive information about people, businesses, and city operations. You don’t want that information exposed. That means any software needs proper user identification, authentication, and data access controls for anyone using it. Sometimes, software can introduce security risks if it’s very old or poorly written, and those issues either need to be addressed with your software providers or you need to invest in more modern, secure software.
  3. Ongoing security monitoring. Your IT staff or vendor need to monitor your environment on an ongoing basis to detect and prevent any unwanted intrusions. This kind of proactive monitoring helps identify any breaches or breach attempts as soon as possible so they can be addressed immediately. Specialized intrusion detection and prevention software exists to help IT professionals with this activity on behalf of your city.
  4. Physical and information security of hardware. Just as software should give secure access to only authorized users, the same goes for hardware. No unauthorized people should be able to access a server, desktop, laptop, or other mobile device that contains sensitive information. That means physically securing rooms in which hardware is stored. Your physical security will range depending on the sensitivity of the hardware, but every device should have some level of physical security to keep away unwanted intruders. To cover your bases, it’s essential to have a data backup and disaster recovery plan where you store data offsite in order to mitigate physical security breaches.
  5. Properly destroying records that contain personal information. Often overlooked, many cybersecurity breaches occur when cities dispose of servers, computers, and mobile devices without ensuring that all personal information is wiped from the device. An untrained person might think they can delete or reformat a hard drive, but information can still lurk in seemingly “clean” used computers sold to individuals or businesses. Your IT staff or vendor needs to make sure any electronic media information is completely destroyed. For document management, you also need to make sure you are archiving and purging documents based on your state’s record retention schedule.

Having basics such as data backup, offsite data storage, business-class email, document management, and IT professionals monitoring and maintaining your hardware and software will go a long way toward meeting most of your cybersecurity needs. In rare cases, you might need more specialized security such as encrypting single computers or building a private cloud, but investing in information technology essentials means most of your cybersecurity worries go away. While IT may seem costly sometimes, ask yourself, “What’s the cost of a data breach if citizens’ personal information is stolen?”

To talk more about cybersecurity, please contact us.

Thursday, March 19, 2015
Nathan Eisner, COO

In the early days, websites worked a lot like one-way brochures or printed material. You created something for someone to read, they read it, and the “transaction” ended there. Perhaps contact information or a next step existed, but it wasn’t that important. Websites simply communicated information to people, and that was that.

Today, fancy terms like “calls to action” and “conversion” are inescapable when talking about modern websites. All this means is that websites have become ways to get your audience to interact with you. In other words, you get them to do something. If your website shows signs that no one is taking action based on the information you provide, then it’s considered a failure or a wasted investment.

That’s why it might be easier to avoid measuring this kind of engagement, but you will serve citizens better if you pay more attention to “calls to action” on your website. In fact, you’re probably already seeing citizens engage more heavily with some parts of your website than other parts.

Here are some common calls to action that you may want to add, enhance, and improve on your city’s website.

  1. Pay. One of the most common “calls to action” that many citizens expect on city websites is to pay bills, traffic tickets, taxes, etc. online. The more you can direct people to pay through automated processes, the happier you make citizens—and the happier you make city employees. Offering online payments reduces the cost of staff time spent manually processing payments and reduces the risk of error from handling manual or paper-based processes. Plus, most citizens now expect some or all payments to be available online.
  2. Sign up. You may have an email newsletter, text message alerts, or even an online way for people to sign up to speak at city council meetings. Offering useful information or the convenience of signing up for a public activity online helps you stay connected with citizens. Make it easy for people to sign up. Avoid long forms and consider only requiring that people enter essential pieces of information.
  3. Click. Encourage people to explore and go deeper inside your website. Don’t overload people with information on any one page (especially the homepage). Instead, build your pages so that people are encouraged to click as they need more detailed information. For example, a government page might describe your city council on a high level. If people want minutes related to a specific meeting, offer an easy-to-find link to your archives where people can search for past meeting minutes.
  4. Search. Similar to how people use Google, your citizens are used to searching for things on their own on a website. Make sure your search box is easily seen and useful to citizens who look for information. On the backend, you may want to work with your website designer or IT staff/vendor to make your search box even more useful by anticipating what users will search for (e.g. an autofill function when someone types in a word or phrase) or suggesting related content to users based on their search terms.
  5. Follow. As you know, citizens may not necessarily go directly to your website for information. Instead, they will be led there through Twitter, Facebook, and other social media platforms. Provide easy ways for citizens to follow you on social media. On many websites, the follow buttons are an unobtrusive but still highly visible part of every page so that users always have the option to follow you on social media at any time. Growing your social media followers and fans is now an important part of citizen engagement.

You might think of more calls to action beyond the five listed above. No matter what they are, calls to action help get your citizens to do something, to engage with you. Signs of their activity will show unmistakable proof that your website is useful to citizens. You may also find that some calls to action are less popular, or that calls to action may be too hard to find. Fixing and tweaking the way you engage with citizens will go a long way toward improving the way you communicate to the outside world through your website and make it much more useful to people.

To talk in more detail about website calls to action, please contact us.

Thursday, March 12, 2015
Alicia Klemola, Account Manager

One of a city clerk’s most important duties is handling documents to follow state or local record retention policies. Because these policies usually follow from a law, it’s important that city clerks meticulously maintain their records. However, this job grows more challenging, especially as the volume of information increases so rapidly today. Paper documents, electronic documents, PDFs, emails, etc. all require retention according to strict rules.

To handle this kind of policy precision with such a high volume of documents requires that city clerks rely more and more on technology. If a city has not considered a modern document management solution, they may be surprised at the records retention benefits gained.

First, it’s useful to know two key things that happen with a document management system that will help your record retention activities.

  1. You, your staff, your document management vendor, and possibly (especially for large cities) content or information architecture consultants will help identify and organize your documents so that they are searchable and findable in your system. That may include organizing by department or categories such as accounting, budgeting, legal, personnel, etc.
  2. Your document management vendor will then help you apply your specific records retention schedule to your documents. That means classifying documents and setting times for them to be staged, reviewed, and purged. The technology will help you automate as much of this process as possible so as to eliminate any manual aspects.

If you still think that your current processes are fine and that document management might be overkill, consider the following benefits that will impact your work as a city clerk.

  1. Save time. Lots of time. Manually searching for electronic documents or rifling through paper documents is a long, time-consuming process. You’ve got a lot on your plate, and you don’t need to be endlessly searching for information. By automating specific aspects of the records retention process, you’ll be able to find and keep or purge documents much more quickly.
  2. If the document has been legally purged, then you don’t have it. Records retention laws are there for a reason. If you’re legally obligated to keep a document for five years, then it’s gone if you purge it after five years. By delaying or neglecting full adherence to the time limits, you risk introducing confusion and unnecessary work if someone requests a document that you still have even though you were legally allowed to purge it.
  3. Ensure full data backup and disaster recovery. On the flip side, you don’t want to be caught in a situation where you are supposed to have the document but you don’t have it because of data loss from flooding or a tornado. Modern document management systems often store data in the cloud so that files are accessible anytime/anywhere. This ensures both quick onsite recovery and full offsite recovery in case of disaster.
  4. Going paperless frees up physical space and helps the environment. Transitioning from paper to electronic documents can take an upfront investment of time as you scan all of your paper files. But the benefits are endless once this happens. No more threat of physical theft, lost paper documents, fire, water damage, etc. Plus, you free up valuable file cabinet and floor space while also “going green” to help the environment.
  5. Search and retrieve documents much more quickly. When all of your paper files are scanned and your electronic documents are organized to match records retention policies, then it’s much easier to search and retrieve files. That makes handling open records requests much easier and allows access to those documents 24/7 from any authorized person using their desktop, laptop, tablet, or mobile device.

As you can see, the benefits of applying record retention policies to a modern document management system has the potential to save you money, time, and hassle. Once implemented, you will find that the benefits ripple out much further than just affecting your role as city clerk. Other departments will enjoy the ease of finding documents more quickly, elected officials will like the quick responses to open records requests, and citizens will like the transparency. Many embarrassing city situations often arise when they cannot find information due to outdated document management methods. You’ll be ahead of the curve by applying best practices to your role as a city clerk through leveraging technology to help you do your job.

To talk about records retention in more detail, please contact us.

Wednesday, March 4, 2015
Georgia Municipal Association

Television shows such as The Walking Dead have placed the city of Senoia squarely in the spotlight. That means more tourists, more attention, and more demands on city services. Plus, stricter expectations of government entities about records retention, data backup, and cybersecurity led the city of Senoia to consider ways of quickly modernizing its information technology.

After looking at some costly options that would have addressed each technology area, Senoia took a look at the Georgia Municipal Association’s IT in a Box service. Not only did it fit the city’s budget, but the service also modernized many technology areas in one fell swoop including data backup, disaster recovery, and hardware.

Senoia City Clerk Debby Volk spoke to GMA about how IT in a Box—powered by Sophicity—helped modernize the city’s information technology, how it improved their response to open records requests, and why cities need to modernize critical aspects of their information technology before an emergency happens.

What made you decide to take a fresh look at the city’s information technology?

As a growing city, we needed to modernize our information technology on a few levels. First and foremost, we identified a need to more effectively archive our email. We also lagged behind in many technology areas such as data backup, disaster recovery, document management, hardware, and networking equipment. Other productivity issues, such as everyone having different versions of Microsoft Office, also made it hard to share documents and files with each other.

We did attempt to look at these problems in a piecemeal fashion, but the solutions were costly and required high cost IT consultants. Plus, we needed more responsive IT support without it breaking our budget. Sometimes it could take up to three days for someone to help us out with an IT issue, and that was becoming too long a wait.

How did you make the case to prioritize modernizing the city's IT?

First, it’s important that email archiving is modernized and as up-to-date as possible. The expectations attached to open records requests increase each year, and we wanted to make sure we could respond quickly without consuming many days of staff time. All cities are eventually going to need to modernize email archiving, and Sophicity provided a strong platform while also offering the ability to conduct the email searches. The mayor, city manager, and city attorney all saw that aspect as important.

Second, our city manager made some calls about IT in a Box after hearing that it was offered through the Georgia Municipal Association. He was very pleased about what he heard. Because Sophicity provided so many essential aspects of IT bundled together under a low price, it was really a no brainer—especially because we knew many other Georgia cities used it.

What results did you see from IT in a Box?

Our emails are now archived and they can be easily retrieved. When we receive an open records request now, Sophicity handles the difficult work of finding the emails. We sit back and let them handle it. Because it’s an enterprise class email system, we don’t have to worry about a host of problems that plagued us before. For example, even if a user deletes an email, it’s still archived and findable if it’s needed as part of an open records request.

Also, Sophicity modernized our information technology across so many areas. They helped us replace servers and network equipment, upgraded our software, and established 7 day a week helpdesk support. Our technology is now faster and more stable, and we’re able to do so much more than previously. If there’s a problem, we call Sophicity. If there’s a problem with a hardware or software vendor, Sophicity handles all communications. They work with those vendors to resolve issues and keep all software continually upgraded. Sophicity even came down onsite on a weekend in order to handle an important issue with our public safety’s technology.

This modernization has saved us a lot of time and allows for a predictable IT budget instead of reactive, unpredictable hourly charges. All of our Microsoft software is up-to-date and consistent, so we can all share files with each other easily. And probably most importantly, we’re prepared in case of a disaster. If a server crashes or even if a major disaster destroys our buildings, our data is recoverable and accessible in hours. Our data is stored both onsite and offsite, and Sophicity tests our backups on a regular schedule.

For other cities in similar situations, what advice would you give them about addressing their information technology issues?

Cities need to find an information technology solution that covers important needs from email archiving to data backup. Like insurance, it’s not a matter of if but when an emergency will happen. Cities need to find a solution to their IT needs before an emergency occurs. Luckily, we haven’t had an emergency but we now feel secure knowing that Sophicity handles such important needs with our data and technology. Things like email archiving and data backup are not nice-to-haves anymore. They are necessities. It’s good to know that GMA and Sophicity are taking care of us, and it’s one less worry for us here in the office.

Originally published on the Georgia Municipal Association website. 

Wednesday, March 4, 2015
Dave Mims, CEO

Our very own Nathan Eisner, COO of Sophicity, delivered training to cities on Cyber Security on Tuesday, March 3 in Waycross, Georgia and today in Moultrie, Georgia. Accompanied by Pam Helton from the Georgia Municipal Association, the training sessions focused on preparing city staff and elected officials with a non-technical foundation to ensure their cities are properly protecting their data.

For more information, take a look at the GMA flyer.

Thursday, February 26, 2015
John Miller, Senior Consultant

Body cameras for police officers have quickly gone from an expensive novelty to something that cities need to seriously consider. Even the President is now placing pressure on cities and pushing for financial incentives to help pay for body cameras. A recent article from The Arizona Republic points out that body cameras will actually become the norm within 10 years. Like it or not, these technology-intensive cameras will eventually become part of your public safety budget—if they aren’t being considered already.

While many articles focus on the cameras, the logistics, and the politics of body cameras, many gloss over the underlying technology. If you’re using, actively planning for, or discussing the use of body cameras for your police officers, then we want to offer up a few questions you need to consider that are easy to overlook.

  1. Are you able to back up your data and recover it in case of a disaster? You should be backing up your data anyway, but it becomes even more important to recover from a disaster with all body camera footage data intact. This means a form of onsite backup that provides at least hourly snapshots of your data for quick recovery (in case of a server failure) and offsite backup that ensures you can recover your data in case a fire, flooding, tornado, or other disaster hits your city. Explore cloud solutions that offer unlimited offsite data backup storage under a set monthly cost. Otherwise, your costs could skyrocket out of control if you pay by the gigabyte or have caps to your current data backup storage.
  2. Is your data encrypted and secure? You absolutely don’t want people hacking into police footage from body cameras. This is a good time to review your security. Your body camera data needs to be encrypted onsite, offsite, and while in transit between machines (such as uploading or downloading information). That way, the information will be useless to hackers if they happen to access it. Then, you need to make sure that your network security or cloud provider security follows best practices and is monitored and maintained by experienced IT professionals.
  3. Do you have clear data retention policies that are easy to follow? A modernized storage system can help you store, archive, and find data easily. It helps when your storage repository can help you automate some of the more tedious aspects of retaining and deleting data according to the law. Body camera footage will be requested and demanded by people when a sensitive case arises, and you don’t want to be caught without data that you should actually have on hand. At the same time, you want to clear away as much data as possible if you’re not legally required to keep or store it.
  4. Do you test your ability to retrieve and successfully back up your data? Even given the precautions above, you cannot assume that everything is working properly. You absolutely must test your data backup and security to make sure that you eliminate any severe risk of a data breach or data loss. We recommend testing your data backup and security at least quarterly to make sure that all of your body camera footage is recoverable in case of a disaster and meets information security best practices. It’s becoming less and less excusable (and more embarrassing from a legal and public relations standpoint) when cities claim that data is missing or unrecoverable.

While cities might fear the costs of having to invest in body cameras, the situation gives cities an opportunity to examine the state of their current technology. Many of the questions above don’t just apply to body camera data. Data backup, disaster recovery, record retention, data storage, encryption, security, and testing come into play with all city data and information. Luckily, many of the investments needed are more cost-effective than ever.

To talk about storage, security, and data backup needs for body camera data, please contact us.

Thursday, February 19, 2015
Brian Ocfemia, Technical Account Manager

We’ve all heard overblown technology claims, such as “Apple computers never get viruses.” But they do, and when they do there is outrage and possible backlash against what’s still a pretty good product. Similarly, we still hear claims such as the cloud being 100% reliable and that upgrades and maintenance don’t interfere at all with users. Then, when there is an outage or some downtime related to maintenance, the critics point fingers and claim that the cloud did not deliver what was promised. Often, they will also use that frustration as an argument that they want to go back to hosting their own servers and bring back their software onsite.

What’s happening here is common in the world of technology (and with many other things in life). A new technology legitimately improves upon a previous technology, but the expectations are set too high. So even if expectations reach 99.9%, critics will rip apart the 0.1% that caused it to not reach 100%. But if we’re accustomed to lower expectations from old technology, then something we expect to work 85% of the time will delight us if it hits 90%, even if that means higher costs and more risk than with modern technology.

A recent article on LinkedIn lays out some common points that people bring up to shoot down the cloud based on real but skewed data. The author points out three representative points that often cause a lot of doubt, but let’s look closer at these oft-heard claims.

“Azure experienced 92 outages totaling 39.77 hours for the year. As stated by Microsoft's own Chief Reliability Strategist David Bills, cloud service failure is, "inevitable".”

Reality: By focusing only on the total amount of downtime during the year, it’s easy to miss the high percentage of total uptime. If cloud services run 24/7/365, that means Azure’s uptime during 2014 was 99.5%. And Azure was actually the anomaly by a long shot. Other common cloud services such as Rackspace, Google Cloud Platform, Joyent, and Amazon Web Services all had higher than 99.9% uptime. From our experience, these performance results easily beat out most onsite servers and match or exceed most data centers. Cloud service providers invest in plenty of redundant power lines, generators, and Internet connections that ensure such high uptime for a variety of customers. Their resources far outpace most onsite setups and smaller data centers.

“A recent Verizon 40 hour cloud shutdown proved that cloud DC maintenance is not seamless in all cases.”

Reality: First, it’s important to note that this situation with Verizon is another anomaly. The article from which the author quotes clearly says, “For an industry that generally measures downtime in minutes or several hours, this was a long shutdown.” But who ever said maintenance was seamless? It may be less intrusive than traditional ways of conducting maintenance, but an occasional interruption or pause is not unheard of. Compare these brief interruptions with the amount of downtime, staff time, and IT maintenance costs of making updates to your current onsite servers. With cloud providers, you don’t even have to think about maintenance. You may experience an occasional few minutes of downtime, and a rare anomaly might lead to an outage for hours. But the way that cloud providers conduct maintenance is much faster, less interruptive, and less costly than traditional server maintenance—by a long shot.

“Cloud providers (CPs) have a commercial interest to hype to their potential and existing customers how easy it is to migrate workloads to the cloud.”

Reality: Sure, you will hear vendors do what they always do: sell and make everything sound easy. But the author mentions another important point: “One study conducted by BT found that 32% of enterprises don’t have the skills internally to manage cloud migrations.” While a cloud provider can help with the migration, you need a strong IT staff or vendor that has done these kinds of migrations many many times. The right IT professionals will help you:

  • Investigate your situation and review your business needs.
  • Create a plan for migrating your data, settings, and programs to the cloud servers.
  • Execute the migration by means of a rigorous process, including testing and participation with business stakeholders to ensure that all is well on the go-live date.

“Many enterprises assume that once they have signed a contract with the CP that their responsibilities end.”

Reality: Obviously, that’s an incorrect assumption for any hardware or software you would use. Even when traditionally buying software from a vendor that installs a server onsite, you still have to find space for that server, connect it to your network, and maintain that server. That’s why you would have your IT staff or vendor help with patching, updates, and upgrades. With cloud service providers, you still need IT professionals monitoring your cloud data and applications, alerting you to any issues, ensuring security (such as antivirus, antispam, content filtering, etc.), updating and patching the software, and tracking your cloud assets for reporting purposes. Your IT staff or vendor will also help you with any data migration needs or day-to-day technical help.

Overreacting to abnormal data about the cloud prevents you from making a good business decision. Overblown points will scare the less technically-minded away and encourage them to stick with less secure, more risky traditional technology solutions. The two most important points to remember are:

  • The uptime and reliability you will experience in the cloud far outpaces most traditional setups.
  • You will need experienced IT staff or a vendor to guide you through the technical aspects of a cloud migration and ongoing maintenance.

To talk about migrating to the cloud in more detail, please contact us.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 |