We put the IT in city®

CitySmart Blog

Thursday, June 4, 2015
Nathan Eisner, COO

Nathan EisnerWhile it’s important to prepare for disasters, many forms of data loss occur from common, everyday scenarios. However, we find that many arguments for the importance of data backup and disaster recovery focus on “big fear events” such as fire, tornado, or flooding. True, those things do happen with enough frequency to be concerned, but it’s often easier for cities to put off investing in data backup because these scenarios seem rare and unlikely.

But there are more common data loss culprits. More situations exist that can literally happen at any second that increase your city’s risk of data loss every day. If you’re not protected against these extremely common scenarios, then you’re placing your city’s data at extreme risk.

What kind of data loss scenarios are most common? Here are just a few.

  1. Employees deleting files or data by accident. Employee error is the most obvious and common form of data loss. In cities with poor data backup policies, files are sometimes only stored on one person’s computer. In other cases, important software systems may hold data on a server where an employee accidentally deletes something like important billing information. If you don’t have a good onsite and offsite data backup system, these employee errors could lead to permanent data loss.
  2. An employee accidentally downloading a virus. This situation can happen even to the best of us. The scary thing about viruses is that even with good antivirus software, an employee can still click on a malicious website or email attachment and let a virus in—similar to letting a thief in through the back door of a building. While good antivirus software may still protect you after the virus is downloaded, viruses often result in deleted or stolen data from servers and computers that need to be quarantined. You need to prepare for the worst case scenario for any virus situation.
  3. A power outage. Power outages especially place your data at risk if you are maintaining your own IT environment and do not have proper data backup equipment and procedures in place. Most data centers have backup generators that keep servers running while a power outage is assessed and fixed in order to maintain business continuity. Cloud data centers are even better, where multiple data centers across various geographies replicate your data so that a power outage in one data center doesn’t mean total data loss or lack of access. If you maintain your own servers and computers without proper data backup processes in place, you risk losing data.
  4. Server, computer, or device failure. Too many cities still improperly store and thus improperly back up their data. Instead of centralizing data storage on servers (either onsite, at a data center, or in the cloud) and backing up that data, important data is still stored on individual computers or mobile devices. Computers and mobile devices fail, and employees damage or lose them. That means any data stored on those devices is gone. Server failures without onsite and offsite data backup also place your city at extremely high risk of data loss.
  5. Untested data backup media. Cities that still use tape, external hard drives, or some other form of manual, portable data backup media often do not perform data backups on a regular basis or test those backups. This situation often sneaks up on cities. You actually think you’re doing the right thing. But then, when you lose data, you find out that a city employee hadn’t backed up your data for two weeks. Or, you start restoring the data and you find that 75% of your backup media is corrupt and won’t work. If you’re not testing your data backup, you’re risking data loss.

Having served cities for many many years, we can attest that these scenarios are unfortunately common. Like insurance, cities need to protect their data and ensure that city operations do not shut down merely because of a simple, common event such as an employee mistake, virus, or server failure.

To talk about data backup in more detail, please contact us.

Thursday, May 28, 2015
Alicia Klemola, Account Manager

Alicia KlemolaLet’s face it. Technology is often a pain, something you struggle against. You want your employees productively working, you’ve got important city business to conduct, and you’ve got that important city council meeting tonight. Like hitting your head against an invisible brick wall, technology can often frustrate you and prevent important tasks from getting done.

What’s more frustrating is that it’s like fighting an invisible enemy. Your IT staff or vendor might give you overly technical reasons for any issues, but all you know is that these issues are slowing down your progress—and possibly even losing you money.

In many cases, this arises from reactive technology support where you’re always putting out fires. Going deeper into the root causes, we find that the following issues are usually the core of what’s wrong—and what you need to fix in order for the fires to stop.

  1. Old, aging technology. It’s easy to think of servers, computers, and other hardware like a car or building. You want to get the most out of your investment, and you want to use it until it dies. The sad reality is that hardware lifecycles for servers and computers tend to be 3-5 years. For laptops and mobile devices, it’s closer to 2-3 years. You may even maintain the hardware perfectly, but the Internet, software, and applications constantly evolve and become more complex than older servers and computers can handle. Those older machines will slow down and cost your city valuable time when they aren’t very responsive.
  2. Inefficiently used software. Over time, many cities accrue siloed software applications that inefficiently help solve key problems. For example, city hall might have a document management system with one or two user licenses. The municipal court department won’t have a document management system at all, but they realize they need one. Or, they may even purchase their own document management system. When there are two pieces of software meant to solve the same problem, there will be inefficiencies, errors, and conflict.
  3. Technology underkill. Another source of continual frustration is when you heavily rely on what little technology you have to take care of all your city’s needs. We understand that cities have tight budgets, but if your website is constantly going down, your servers fail on a regular or semi-regular basis, or you lose data permanently after a disaster, then your lack of technology investment hurts your city. Even more important, a lack of technology investment increases the risk of a cyberattack that can potentially impact your city beyond day-to-day operations and become an embarrassing news story.
  4. No technology blueprints. By blueprints, we mean planning and using technology to think about how you can achieve your city’s goals. When you don’t plan out how you’re using your technology, you increase the risk of experiencing outages, lost employee productivity, and cyberattacks. Beyond crises, technology also helps you think about how to better serve citizens through your website, online payments, or better software to improve services. Involving IT staff or a vendor experienced in municipal IT strategy can accelerate the success of important city projects and objectives.

Once these root causes are addressed, we find that many of the everyday battles and struggles with technology almost miraculously go away. If you feel that only an expensive technology investment can get rid of your current problems, many times the opposite is true. Streamlining your technology and cutting out inessential investments can help you only use what you need to run your city. It’s also a time to consider transitioning many of your expensive technology investments into the cloud, where they are often cheaper, better maintained, and more efficient and secure.

To talk about your everyday technology struggles in more detail, please contact us.

Thursday, May 21, 2015
Dave Mims, CEO

Dave MimsFacebook recently started offering verified page badges for state and local governments. Verified page badges were originally created back in 2013 for celebrities and well-known brands to reduce confusion, fraud, and duplicate content for Facebook users while better protecting the reputation and credibility of celebrities and brands.

As people rely more and more on social media as an important source of information, it becomes clear that state and local governments are subject to the same problems as celebrities and brands. This recent GovTech article provides a good summary of the release of Facebook’s new verified page feature for state and local governments and how to verify your profile.

Savannah Verified Profile

But why should you care? Here are some reasons why you need to establish and verify your Facebook profile as soon as possible.

  1. Your city’s credibility matters. If other cities start to verify profiles and you don’t, your city profile page will not look credible. Plus, if there are fan-created city profiles, parody city profiles, or city profiles attacking you, then people may go to those Facebook pages rather than yours. Even if a Facebook profile page is run by a dedicated “fan” who is trying to be helpful, they could still be posting inaccurate information in your city’s name that your citizens may believe to be true. The “Verified Page” badge will establish that your city’s Facebook page is the official, credible source of information coming from your city.
  2. Verified pages show that more and more people are using social media to get information. The increasing need for verified pages shows that social media increasingly becomes more and more of a serious source of content for people. Social media platforms like Facebook continue to evolve, mature, and serve as a central collection of information for millions of people. Facebook users connect with friends, news outlets, businesses, entertainment, and, yes, government organizations for real-time information on the go. You need your city’s information on Facebook to serve the needs of people there.
  3. Facebook’s focus on state and local governments for verified pages means you need a social media plan. If anything is a wake-up call for your city to create a social media plan, it should be Facebook’s intentional creation of verified page badges for state and local government organizations. It’s a sign that Facebook is meeting an important demand for people, or they wouldn’t waste time with this offering. That means it’s time for you to create or reexamine your social media plan, which includes how you’re using Facebook. Are you providing essential, important, relevant information to your Facebook followers?
  4. You now have more authority to shut down damaging or slanderous Facebook pages. If someone operates a Facebook page that pretends they are your city or if they are misleading people about your city, then it’s easier as the owner of the official, verified version of your city’s page to work with Facebook to shut down misleading unofficial sites. Until you receive your verified page badge, you may have to work harder to prove to Facebook that another site is unofficial and shouldn’t be representing your city.
  5. A verified page comes up first in Facebook search results. Without a verified page, your city may come up in search results with a bunch of other unofficial or irrelevant Facebook pages that make it hard for people to get to your page. But with a verified page, it’s much more likely that your city will be the first or second result that a person sees when typing in the name of your city. That makes it easier for people to search for and access your city’s Facebook page.

From our perspective, the verified Facebook pages for state and local government are an overdue, necessary feature that helps citizens find important information and connect better with the information your city broadcasts. But this also means you need to step up your Facebook game as a city. Think about getting your verified page badge, more regularly sharing important information on Facebook, and engaging more with people on social media. That way, your city becomes even more of a part of your citizens’ lives every day.

Questions about how this whole verification thing works? Send us a note and we’ll do our best to answer.

Friday, May 15, 2015
Georgia Municipal Association

With technology so fast-paced today, cities are pressured more and more to modernize their information technology. But investments in IT infrastructure, websites, document management, and ongoing support all typically add up to a lot of cost. However, the City of Jonesboro knew that it needed a better website to engage citizens, securely stored documents following state records retention schedules that were also accessible anytime/anywhere, and proactive IT maintenance and support that lessened problems instead of just reacting to fires.

In one fell swoop, the City of Jonesboro’s investment in IT in a Box—which GMA constructed as one package to keep the costs of essential city technology as low as possible—gave the city a new, more service-friendly website, removed any worry as to the security and integrity of documents needing to follow state records retention laws, and provided experienced IT professionals that support the city without the costs of hiring additional staff.

Ricky Clark, City Clerk at the City of Jonesboro, took the time to discuss the importance of a website that engages citizens, documents stored in the cloud, and even a “Taste of IT” that shows the human side of GMA’s technology service.

Websites are often the first thing many people see when they research a city. How has your new website improved the way the City of Jonesboro interacts with citizens and web visitors?

It’s more welcoming and inviting, showing we are a friendly, homelike city that’s deeply involved with our residents. The biggest theme that I focused on with the website was transparency. When I arrived at the city, we received a lot of phone calls about things that people should have been able to easily to look up on the website. But the information just wasn’t available. For a small municipality, the key to a tight knit government is having a hands on approach with our residents. With that in mind, I tried to think of any questions that citizens would ask or information that citizens would need. We also included useful features like email notifications. Overall, we helped make useful and important information more transparent and accessible 24/7/365. Having this kind of website also helps with economic development because there are businesses that may want to relocate to your city.

How did your new website also help your staff internally?

Before our new website, we had to send all of our content to our website hosting provider and they posted it for us. That caused a significant delay. With our current website, we upload our own content. No more delays or waiting periods. If we have an emergency or special event that we want to communicate immediately, we can post the information right away.

Talk about how Sophicity supports the city of Jonesboro through its staff and helpdesk, and why that kind of support is important for cities.

If we have an issue, we simply submit a ticket detailing that issue just as if we had IT staff in house. The ticket is put into a queue and then Sophicity’s engineers remedy or fix the problem. What’s neat is that they can fix many issues remotely without traveling to our city. Plus, I like how Sophicity provides us a single point of contact for all of our issues. That makes it easy to communicate with them. We also have tracking capabilities and can escalate an issue if it’s urgent.

Sophicity also knows which software vendors have state contracts, and so they help us get hardware and software much cheaper than if we were to purchase it from a retail store. Just recently, Sophicity helped us get two printers for the cost of one. Plus, my staff doesn’t have time to call different vendors to source any necessary hardware, software, equipment, and parts. Sophicity does all of that for us.

City clerks obviously deal with many documents on a day-to-day basis. Why is modernized document management important, and how does Sophicity help you with that?

We have a document repository stored in the cloud. That’s where all of our information that used to be stored on our onsite mainframe systems now resides. With the different document retention policies that I have to follow as a city clerk, it’s important for me to know that our documents are protected and have some form of integrity all of the time. Sophicity gave us an offsite document repository to store all of our information, so we don’t have to worry about losing documents if our building burned down.

It’s also much easier—and cheaper—to find and access documents. For example, if someone asks me a question about minutes from a 1993 meeting, it’s simple for me to just go onto the document repository online from anywhere and retrieve those documents. No more looking through the paper minute books at the office. Once a city digitizes its files and stores them in the cloud, the sky is the limit as far as searching capability, access, and time savings.

For cities that are hesitant about moving forward to modernize their information technology, what advice would you give them?

Look at it from an analytical standpoint. Total up the amount you are paying for IT infrastructure, document repositories, cloud services, etc. and compare that cost to the cost you would pay per license with IT in a Box. Think of someone’s salary and benefits, and then compare that cost with IT in a Box where you don’t have to worry about additional personnel costs.

Before you knock it, give it a try. At least get a demonstration and see how things work. For example, the cost of a simple website alone will be around $15,000-$20,000 or more depending on how complex you want it. By contrast, IT in a Box provides cities a website and a lot of other great software under one package. And those aspects of the IT in a Box package are going to be the way governments are headed with their IT infrastructure anyway.

As cities know, it’s not possible to have 100% operational uptime, so I feel the best way to handle that situation is to have someone actually maintaining and monitoring your IT 24/7/365. With IT in a Box, you only pay for licenses that you use under your specific plan—and you don’t pay the full cost of salaries for the engineers that help you out.

We heard a rumor about something called “A Taste of IT.” What is that?

To show their support for the day-to-day operations staff at the city of Jonesboro, Sophicity drove down, brought hamburgers, hot dogs, and plenty of other food, and cooked it up for us. It was not only a Taste of IT, but it gave us the face of IT. We saw the faces of the people who were behind making our systems operate from day to day. Our employees and elected officials enjoyed it. Many times in city government, we work with companies but never see them. We simply cut them checks. A Taste of IT proved that Sophicity goes above and beyond to show that they’re thankful for our business. In my book, that goes a long way.

Thursday, May 14, 2015
John Miller, Senior Consultant

As body camera technology becomes more talked about and implemented at cities, it’s easy to focus only on the actual body cameras. But similar to buying and implementing any shiny new toys—whether it’s new software or buying new computers—the purchase of a new technology that’s integrated with an existing poor technology infrastructure will only lead to frustration and risk.

A recent article in GovTech talks about this issue from a cloud standpoint and brings up some important points. But for small and medium cities with few staff and limited information technology resources, we feel there are some higher-level, more basic questions that need to be asked.

  1. Where will you store your body camera data? Just think about the hours and hours of video footage coming from cameras that will be recording during the entire shifts of multiple officers—24/7. If you think normally storing large videos is difficult or expensive, just imagine this data explosion. Luckily, the cost of data storage has come down significantly in the past few years, but that means you need to shop around for a more inexpensive and scalable solution if you haven’t explored your data storage needs in quite some time. If you’re storing data onsite right now, you may want to consider more economical solutions like a data center or a cloud service that others manage for you.
  2. How will you manage, retain, and dispose of the data? The answer to this question involves a full understanding of the law, regulations, and your own internal policies along with using technology to make this data management as easy as possible. Work with IT professionals who understand data and information retention policies so that you keep and dispose of video footage in a timely yet legal manner. You never want to be placed in a situation where you “lost” data or deleted it before you were legally allowed to do so.
  3. Who gets access to the data? This video footage will be some of your city’s most private, sensitive public safety information. Security and authorization will become more important than ever. You need to be clear on who can authorize specific data, and that authorization process needs to be easily manageable. Weak passwords, poorly physically secured rooms, or everyone in a department or office getting admin access is not acceptable with this kind of information. Security measures also need to counter the chances of people hacking into your servers or snatching information away on thumb drives in order to access this video footage.
  4. How will the video footage be accessed? Obviously, searching through hundreds or thousands of hours of video footage is a formidable challenge if you have shoddy ways of storing the data. A good data storage system will allow for clear labeling, user-friendly searching (like how you search for documents on your computer), and ways to search within videos to view and collect smaller clips within larger amounts of video footage. When evaluating body camera technology, make sure you understand how a police officer would search for, locate, and retrieve specific video footage—quickly.
  5. How will you back up your body camera video footage? We recently wrote a much longer article about this specific issue, but it’s worth reiterating that backing up your data is essential for information of this caliber. From a server failure to a full-on disaster like a tornado, you need to make sure none of this video footage is lost. Test your data backup and disaster recovery at least quarterly to ensure that it’s actually working. Offsite data backup storage has become relatively inexpensive, and there are many cloud solutions available that also ensure the highest security—such as encrypting your data while it’s in transit.

It’s great to get excited about body camera technology, and it’s less exciting to think about your boring, backend information technology. But without the right data storage, retention policies, security, management, and data backup plan in place, your body camera technology investment could become a gigantic waste or risk a legal disaster. Body cameras are another sign that technology is accelerating at light speed—so make sure your information technology is keeping pace.

To talk about body camera technology in more detail, please contact us.

Thursday, May 7, 2015
Brian Ocfemia, Technical Account Manager

To get the most eyeballs, the media will obviously publish headlines with the most sensational stories about cybercrime. It’s easy to read stories about the Sony hacking, the Target data breaches, or cyberterrorism worries from national governments and think that those are the most common nature of cyber-attacks. However, those kinds of events are rare. Additionally, such sophisticated hackers often go after very high profile targets’not your small- or medium-sized city.

This is an important point because you’ll feel helpless if you think these are normal security threats. You’ll feel that it’s too expensive to invest in data security when it’s impossible to prevent the best cybercriminals from stealing your information. But it’s the most common, everyday threats that actually cause the most damage to cities. And you can prevent most of these threats with relatively inexpensive information security investments.

Instead of worrying about the rare instances of governments or James Bond-level villains coming after your city, you need to be worried more about the following realistic, common security threats.

  1. Employees and anyone with internal access to your data. One of your biggest threats will always be someone with internal access to information. Those people may be disgruntled, angry about being terminated, or working on the inside to steal money or information. Obviously, you don’t want to be paranoid about everyone you work with, but you will want to make sure that your information is only available to authorized users. It’s dangerous if anyone can walk into a server room or log in to an important software program. Even authorized users should have their access monitored to help flag any suspicious activity. You may also want to consider background checks for employees and any vendors handling your sensitive data.
  2. Viruses. We’ve written many times how even the best-intentioned, most IT-savvy employees can still get a virus. Accessing city information through an employee accidentally downloading a virus is low-hanging fruit for hackers. It opens up a door to your data that allows hackers to steal it, hold it for ransom, or funnel money to their bank accounts. Enterprise-class antivirus software, monitored by your IT staff or vendor, will go a long way toward preventing common viruses from crippling your city.
  3. Weak passwords. It’s amazing how many weak passwords are still used by not only individuals but also IT administrators. Hackers are always trying to get into people’s email and social media accounts, and more sophisticated hackers try to access servers and software with sensitive information. If you’re using passwords like “123456” or “password” just so it’s easier for you to remember them, you’re opening up your city to significant security threats. Requiring complex passwords (with numbers, letters, and special characters) that must be changed every few months will help fend off this basic form of attack.
  4. Poor IT management. Managing servers, workstations, network infrastructure, software, data, and information requires highly skilled, experienced IT professionals—even for smaller cities. If your IT staff or vendor is overwhelmed, inexperienced, or incompetent, they may not identify major security threats, update software regularly with security patches, maintain antivirus and antispam software, monitor and manage authorized access for users, and enforce basic security policies across the city.
  5. Little to no encryption. Simply encrypting your data also prevents many serious security issues. If a laptop is stolen, the information will be worthless to the thief. If a hacker tries to get access to payment information as it’s exchanged on your website, the information will look like gobbledygook to that person. Learn from the example of the State of South Carolina. They could have spent chump change on encryption but instead paid tens of millions of dollars in the wake of the massive data breach—all stemming from an employee clicking on an email attachment with a virus.

Everyday security threats are what you need to be most worried about. Every scenario listed above is something that threatens you on a daily basis. And these are security threats you can absolutely protect against. Most importantly, cyber security is not just a technology issue. Experienced IT professionals must work in tandem with city administrators to set and clarify policy, and employees must be trained to detect basic security threats and only receive authorized access to information. Worry about protecting yourself against 99% of the most common security threats, instead of worrying about the rare 1%.

To talk about cybersecurity in more detail, please contact us.

Thursday, April 30, 2015
Dave Mims, CEO

How much is your city at risk for a devastating security breach or permanent data loss? Do you need a quick way to assess your current cybersecurity readiness?

In case you missed our Georgia Municipal Association (GMA) presentation and live webinar on April 24, 2015, GMA has provided the audio recording and slides. Use this information to ask yourself:

  • Are my passwords strong enough to prevent hackers from stealing city information?
  • Is my city at risk for getting a computer virus that allows hackers to steal information?
  • Will I fully recover my data in the event of a server failure or a disaster like a tornado?
  • Is outdated software and a lack of regular software maintenance leaving me open to a cybersecurity attack?
  • Is my technology physically protected from unauthorized people stealing data or equipment?
  • Is my city website secure and hosted by a reputable provider?

While you probably hear stories in the news about security breaches at large government organizations where data is stolen and often permanently lost, know that this isn’t just a big government problem—it’s a major problem for small and medium cities. In our webinar, we provide small city examples of real situations that can cripple cities like yours.

Don’t become a victim to a security breach or lose your data unnecessarily. Listen to our GMA webinar or review the presentation slides to assess if your city has cybersecurity gaps that make you vulnerable to attack.

Friday, April 24, 2015
Nathan Eisner, COO

As your city grows or you buy more IT equipment, you might run into difficulties as the entire setup starts to get a bit unwieldy. And with the plethora of now common information technology items such as high-speed Internet, mobile devices (like smartphones and tablets), and cloud computing, it becomes harder and harder to identify how everything needs to be connected. For example:

  • Employees might have trouble checking email or opening documents with their smartphones.
  • Printers don’t seem to hook up to all computers properly, and so different offices and departments buy their own.
  • Data from one software application doesn’t transfer at all to another software application.
  • You’re not sure how new technologies like body cameras for public safety might integrate with your current technology environment—or if it’s even possible.

When information technology needs to grow along with an organization, it becomes harder and harder to scale without the help of IT professionals who know how to connect all of your hardware and software together. There are a few areas that will impact your city negatively unless you have the proper IT support.

  • Mobile devices connected to your office computers. Are your employees able to check email, open files, and access office information through their mobile devices? As you’ve probably experienced, you’re often on the go—at home, on the road, or traveling—as part of your job. That means we often stay connected and communicate throughout the day with our mobile devices. Mobile devices need to be properly synced with office computers so that the experience is seamless for important business applications. Otherwise, your productivity will take a sharp downturn.
  • Printers, fax machines, and scanners connected to your office computers. One cause of high costs and inefficiency at cities is the number of printers, fax machines, and scanners that crop up when they are improperly connected to your IT network. When properly set up, these machines will serve the greatest number of office computers in the most efficient way possible. You may need to invest in newer machines if you’ve been using some for five to ten years. When you invest in new machines, you will buy fewer and connect them to more computers.
  • Software applications connecting to other software applications. You might run into issues such as financial information from one software application not connecting to another software application. To compensate, you may manually reinput data, wasting precious staff time. Analyze if your current software applications duplicate a lot of tasks or fail to transfer data easily to other software applications. With the right requirements, you might be surprised to find out what’s on the market and that some software modernization might solve a lot of these inefficiency problems.
  • Remote workers and users connecting to the office’s IT network. Similar to the mobile connection issues above, this is a different variation on the same problem. In this case, we’re including desktop computers that an employee might use at home along with vendors, consultants, or outside users who may need access to information. In this case, you need to make sure that employees using their desktop at home not only have access to the same information as if they were in the office but also receive IT support while working remotely. For outside users such as vendors. you need to especially make sure that they have appropriate permission and that only authorized users are allowed to access city data.
  • Onsite data connecting to offsite storage. Especially important for data backup, you want to make sure that any offsite storage is properly synced up with onsite data changes throughout the day. Offsite storage is especially important for disaster recovery. If there is a fire or natural disaster like a tornado, you want to make sure you back up your data offsite so that you’re still operational—even if your facilities are destroyed. By setting up an onsite backup during the day, you should be able to send any data changes offsite at the end of each day in order to accommodate most disaster recovery scenarios.

As you can see, the multiplication of devices (desktop, laptop, mobile), software applications, and remote worker needs has made information technology more and more complex over the years—even for smaller cities. A small city used to be able to get away with a few computers and some off-the-shelf software, but today a setup like that introduces too much risk if something goes wrong. To make your city operations hum along like clockwork, you need help and assistance to connect all of your IT together and make sure that it’s helping—not hindering—your productivity. And especially when new technologies like body cameras will become required and standard for your cities, you want to make sure your basic technology foundation is set up properly so that you can scale and integrate new technologies with ease.

To talk about IT connectedness in more detail, please contact us.

Friday, April 17, 2015
Alicia Klemola, Account Manager

Cities often think they’re so careful when selecting technology vendors. After all, RFPs are meant to slow the purchasing process down, ensure that you thoroughly evaluate a selection of vendors, and pick the best one. However, many technology vendors are skilled at simply making the sale. They know what to say, they know how to present a deceptively low price point that withstands legal scrutiny, and they know how to maneuver through government red tape.

We find that cities often don’t realize the hidden costs that can come from improperly evaluating, selecting, and working with technology vendors. When we offer “vendor management” as part of our services, we often examine the following areas to make sure that technology vendors are providing you the exact services you need for a fair price—without bleeding away your money.

  1. RFP requirements. While you may think your RFP description articulates what you want from a technology vendor, it helps if an IT professional clarifies what you want and addresses any communication gaps. For example, you may want accounting software with specific features but fail in your requirements to address how that software will integrate with your existing information technology. You may also be unaware of lower-cost options (such as cloud software) that will help your requirements narrow the field of vendors. Experienced IT staff or a vendor with a specialty in municipal vendor management can help you write more detailed, accurate requirements to ensure that you don’t waste money on an ill-fitting solution.
  2. Hidden “surprise” costs. Over the years, we’ve seen so many cities look at the cost of an IT solution and not realize it’s too good to be true. For example, many “24/7” IT support providers offer extremely low-cost pricing. It’s only until later that cities realize that “24/7” only means automated monitoring software that flags issues. To solve those issues? You guessed it! Suddenly, you’re billed an expensive hourly fee for problems that you thought were included in your monthly price. Another version of this problem is purchasing seemingly inexpensive software that later costs money to add features that you thought were included. Or the vendor might present you with unexpected hardware requirements and frequent software upgrades. An experienced IT professional knows how this rodeo works, and they can often uncover these kinds of hidden costs like a good detective.
  3. Support contracts. When you purchase hardware, software, a technology solution, or use a technology vendor’s services, there are contracts with specific provisions attached. We often find that cities are not aware of the fine print, do not enforce support provisions included in contracts, and even sometimes pay for support that should be included for free. It’s good to have an experienced IT professional review your contracts, highlight what is and isn’t included, and enforce those contracts. Many cities can really maximize their technology investments at no additional cost for things like hardware maintenance, software upgrades, or emergency repairs.
  4. Proper setup and installation. While many technology vendors do a decent job at setting up and installing their solutions, they are not experts in managing municipal information technology environments and they are not experts in your particular environment. They may make a best effort, but if you leave it all up to them they could mess something up that costs you money or creates ongoing problems. Experienced IT professionals familiar with your city’s IT environment need to oversee and assist with any setup and installation, ensure that the vendor fully tests the solution to make sure it’s working, and accounts for any nuances in your IT environment such as particular hardware, network equipment, or software integration issues.
  5. Ongoing monitoring, maintenance, and support. As a part of any technology solution, you will run into problems ranging from glitches to the occasional crisis or malfunction. We find that reactive support (i.e. assuming the technology solution is working without ongoing monitoring and management) along with non-technical communication with the vendor increases the risks of ongoing, long-term problems with your expensive investment. Cities often find it beneficial to have an IT professional handle most day-to-day, technical communications with technology vendors to quickly address problems. Not only is this a load off the backs of city administrators and city clerks, but it also allows you to more proactively make sure that your technology solution is carefully watched by a skilled third party.

Basically, we recommend that you make sure a watchdog of sorts oversees and interacts with your technology vendors. That watchdog can be an experienced member of your staff or a vendor experienced in municipal IT who has no financial incentive tied to the vendors you select. As a bonus tip, be careful if your technology solution vendors recommend other vendors, especially when they have financial incentives to upsell or cross-sell different products. When technology vendors don’t have your best interests in mind, there is a risk for wasting money. By more closely keeping an eye on requirements, hidden costs, contracts, setup and installation, and ongoing support communication, you’ll more likely reap the most from your technology investment.

To talk about vendor management in more detail, please contact us.

Thursday, April 16, 2015
Dave Mims, CEO

Are you cybersecure? Are you protected against data loss? Are you ready if a hacker decides to steal your information?

As cities rely more and more on technology, cybersecurity expectations and accountability becomes greater and greater. Don’t get caught off guard by a cyberattack. Our own Nathan Eisner, Chief Operations Officer at Sophicity, will talk to city staff and elected officials about the non-technical foundation required to effectively protect government data—without busting your budget.

We’ll be broadcasting live from Lavonia, Georgia. Join us online to watch the entire presentation.

Who: Nathan Eisner, Chief Operations Officer, Sophicity
What: Protecting Your City Data – The Basics of Cyber Security
Where: Webcast live from Lavonia, Georgia
When: Friday, April 24, 2015, 10:30 a.m. – noon
Why: To understand your city’s cybersecurity risks for data loss and stolen information

Register online to reserve your seat today.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 |