CitySmart Blog

Friday, October 21, 2011
Clint Nelms, Network Infrastructure Practice Manager

As technology and hackers become more and more sophisticated, IT security teams have to keep a closer eye on their networks, making sure an electronic attack does not destroy their sites or important data. For state and local government agencies, it is critical that CIOs and other team members understand the security threats, and most importantly, how to keep the IT environments safe.

The question is, are you up to speed on your cyber-security essentials? I recently read an AT&T white paper, titled “Cyber-Security Essentials for State and Local Government” and was able to take away several key points about cyber-security on the state and government level:

·         Network and IT Infrastructure Security. A successful attack can cripple a network, compromise sensitive data, attract negative publicity and be costly to remediate. It could lead to fines and civil lawsuits. Guarding your network and IT infrastructure requires vigilance. How can you stay prepared?

o    Assess Your Needs

o    Assess Your Current Infrastructure

o    Classify and Evaluate Data

o    Evaluate Security Infrastructure for a Move to the Cloud

·         Vulnerability and Threat Management. Vulnerability and threat management requires continuous monitoring, collecting and analysis of security event data. It’s about knowing your infrastructure well, and knowing what attacks could do it harm. It’s looking at trends and identifying new types of attacks. 

How can you keep your network safe?

o    Proper employee training

o    Careful authentication and authorization of those using your network and resources, intrusion detection and prevention

o    Proper defense against DDoS attacks

These are just a few pointers. For a more detailed list, be sure to read the complete AT&T white paper here.

Friday, October 21, 2011
Quan Ouyang, Senior Software Developer
I recently participated in a discussion and hands on exploration of Code-First which is included in the Entity Framework 4.1 release. Code-First provides a convention over configuration approach to development that is very code-centric instead of existing Database First and Model First patterns. You simply define your database or object models by writing plain old classes. Radical, right? ;-)
For more info refer to the MSDN website for the latest on Entity Framework and Code First video tutorials (
Friday, October 14, 2011
Dave Mims, President

There’s been a lot of rumbling about the cloud lately. In a June blog, I pointed out some stats on cloud usage and security issues in the cloud. And in August, TechAmerica Foundation formed a commission of industry experts on cloud adoption.

The Foundation’s commission, or CLOUD2/SLG (for short), was established as a resource for state and local government looking for recommendations on a variety of cloud issues, including procurement practices, delivery of services and deployment. Recommendations provided by CLOUD2/SLG will help municipalities rapidly access and deploy cloud solutions as a way to streamline their IT costs.

An important component missing from CLOUD2/SLG is SLG representation itself. When asked why SLGs weren’t included, TechAmerica officials didn’t have an answer. However, they did create an advisory board of government officials to work with the commission. The list of advisors was announced October 6.

Although the lack of SLG presence might not make sense, it’s good to see a commission that understands the value of cloud computing on the state and local level.

Thursday, October 13, 2011
Dave Mims, President

Will your IT costs remain within budget this year?  Did they last year?  What about the year before?

If your IT spending has not been within budget, you have a problem.

Predictable annual IT spending is possible. Our customers realize it year after year…

Tuesday, September 06, 2011
Dave Mims, President

I read articles like this that have good recommendations, but I am of the opinion that there is more to it than just the need for policy. Especially when you consider that it is sadly too common for IT to be addressed reactively. Reactive implies neglect.

Neglect in an organization is allowed, or even driven top-down, by the decision makers (the leadership). If the leadership doesn’t feel it is important then it doesn’t get done. It gets neglected. But, when something breaks or is compromised, a rush is made to put out the fires. Therefore, neglect is an intentional decision to put our fires, potentially very costly fires... Following even the most basic of IT best practices will contribute toward a stable IT environment for municipalities and businesses to operate in order to provide their services reliably to customers.

What do you plan to do when your unsupported dated server crashes, no backups work, a virus outbreak is identified (after months), accounting data has been compromised, customer data has been compromised, and yes even an earthquake or devastating storm hits like what has been seen recently up the east coast.  Who will your citizens turn to?  Who will your customers turn to?

Be intentional, but not negligent…

Friday, August 12, 2011
Clint Nelms, Network Infrastructure Practice Manager

Anyone would be foolish to say my IT environment is completely safe. But many IT security compromises are the result of not following simple best practices. If you are not giving basic ongoing attention to maintenance, patching, antivirus, antispam, strong passwords, expiring passwords, and the like, then it is just a matter of time before you will be compromised.

Local government decision makers need to be asking whomever is responsible for their IT:
  • Are we following industry accepted IT best practices? If not, then 'why'?
  • Are we keeping our entire environment patched and updated?
  • How many users have administrative access?
  • Is antivirus installed on all servers and workstations?
  • When was the last time we were audited?
  • What are strong passwords? Are we using them?
  • At what frequency do our passwords expire? If never, then 'why'?
  • Why do we get so much spam?
  • Is all of our data backed up? Where is it backed up to? How soon could we recover? How long can Public Safety be down?

Even if you have vendor hosting your websites or a vendor managing your IT systems, ask them the same questions above. Ignore IT best practices and you will be compromised. Ignore IT best practices and who will the citizens be asking “How did my data get stolen and what are you going to do?”

Monday, August 08, 2011
Dave Mims, President

Sophicity today announced its acquisition of Think IT Solutions, Inc., a Microsoft-based network infrastructure consulting firm located in Atlanta, GA. For over 7 years, ThinkIT has provided managed network services and IT support to its clients.

In acquiring ThinkIT, Sophicity will leverage the firm’s experience to bolster its growing Network Infrastructure team. Nathan Eisner, Principal of ThinkIT, will join Sophicity as a Network Manager. Nathan brings with him over 10 years of experience in delivering technology consulting to metro Atlanta businesses in the local government, telecommunications, healthcare, not-for-profit, manufacturing, property management and services industries.

"Acquiring ThinkIT is a great opportunity” said Dave Mims, President of Sophicity.  “Sophicity offers an umbrella of technology services to cities, municipal leagues, and businesses.  Growing our Network Infrastructure Practice with additional staff and client base is the right move. Nathan brings much to the plate with his technical ability, management experience, and customer relationship skills that will strengthen our team here at Sophicity. "

Established in 2004, Think IT Solutions is the premier provider of information technology services in the Atlanta area. Our staff brings years of experience and a skill set that few IT service providers can match. Above all, we emphasize customer service first and foremost. Visit

Sophicity’s deep expertise provides cities and municipal leagues with the IT consulting services they need to unleash the potential of government IT. Sophicity puts the IT in city. Visit

Friday, August 05, 2011
Dave Mims, President
Is your city being just as intentional as Steven VanRoekel (@stevenvDC)? Steven is our new U.S. CIO, and he plans to focus at the national government level on:
  • nimble adoption of technology
  • cloud computing
  • cybersecurity
If local government is not focusing on these very same things, then:
  • how much money is being wasted?
  • how much productivity is being lost?
  • is city data at risk for loss?
  • is city financial data at risk for compromise?
  • is personal citizen data at risk for compromise?
  • is a hacker being more intentional with our city?
Tuesday, July 26, 2011
Clint Nelms, Network Infrastructure Practice Manager
I recently attended the Atlanta Technology Summit’s Security in an era of Cloud Computing event. There were lots of nuggets shared, and one in particular was learning about the Cloud Security Alliance.  This is an independent consortium of security professionals working to establish security standards for the cloud.
The summit was a day well spent meeting with peers in our industry exchanging insight, lessons learned, and warnings on this topic. My top 3 takeaways from the summit are:
  • Pick a cloud provider that has been around for a long time, i.e. Google, Microsoft, Amazon.  The larger the entity, the more they will have to lose if a breach or failure occurs.
  • Create a strategy for migration to a cloud provider and also prepare a plan for migration away from it.  Make sure that you know what your exit strategy looks like when the cloud provider discontinues services or you decide to leverage another platform from a different vendor.
  • You can outsource the infrastructure but not the responsibilities. You are still responsible for testing and auditing your processes to ensure that reasonable due diligence has been done to avoid risks and issues.
Thursday, July 21, 2011
Dave Mims, President
Not just a risk to small businesses in our communities! This is also a recommended read for awareness for our local municipalities too. Don't take malware lightly. Read more at
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 |
Contact a Sophicity Consultant Now To Find Out How We Can Help Reduce Your IT Costs Go