We put the IT in city®

CitySmart Blog

Tuesday, June 21, 2011
Clint Nelms, Network Infrastructure Practice Manager

Every time you read or watch the news, it seems that another hacking job has succeeded on high-profile targets such as the Central Intelligence Agency, the United States Senate, and companies like Sony. A recent article from CNET notes:

“Hacker groups Anonymous and LulzSec said [Monday, June 20] they are uniting in a campaign aimed at banks, government agencies, and other high-profile targets, and they are encouraging others to steal and leak classified information.”

While no one organization is 100% safe, it is unfortunate that many of these organizations are hacked easily because of weak security. Local government is ripe for such attacks because of limited budgets, lack of information security regulations or standards, and obsolete or missing technologies (e.g. firewalls, etc).

Given that these hacking groups have declared cyberwar against government targets, here are three Information Security 101 things you can do to prevent yourself from being an easy target:

1. Patch software regularly (e.g. regular Windows updates). Before Sophicity stabilizes a city’s environment, we find in most cases that servers and workstations are woefully behind on basic software patching.
2. Install an enterprise firewall along with deploying an antivirus solution.
3. Change passwords regularly and have a password policy in place.

Tuesday, June 14, 2011
Kevin Howarth, Director of Business Development


Billy Edwards
City Manager
City of Hinesville, Georgia

Billy Edwards is responsible for the day-to-day operations of the City of Hinesville, Georgia and oversees all City government departments. He acts as a liaison between the City Council and the public by responding to inquiries and resolving conflicts. He is also responsible for oversight of the City Council meeting agenda process and implementing policy decisions made by the Council members. Having served at the City for over 30 years, Billy has a wealth of experience in city administration and shared some of his insights with Sophicity.


What are the biggest challenges facing the City of Hinesville?
The biggest hurdle to overcome is budgetary concerns in a down economy. Last year, when we were putting together our current fiscal year budget, we had to make some tough decisions. We ended up dipping into our fund balance much deeper than I think anyone was comfortable doing. However, we were able to avoid layoffs and substantial reductions in services or employee benefits.
 
At the same time, we are a growing community. We’re not growing as fast if economic circumstances had been different, but we’re still growing. We have some capital projects that need to get done, and getting funding for those is obviously far more difficult now than it was then. We’ve got some infrastructure issues primarily with regard to potable water demand which we anticipate increasing as a result of continued growth. We expect to grow substantially over the next 10 years or so, and some of our growth will be the result of additional troops assigned to Fort Stewart over the next 4 years.

How does technology fit into the City of Hinesville’s strategic vision?
Along with enhancing communication, technology allows fewer people to get more accomplished. One example of technology’s benefits for the City of Hinesville is with water meter reading. Back in the old days, we had meter readers go out, visually look at every water meter, write down the data in their car, and bring it back to the office so they could key punch it into a computer. Then a bill would be produced as a result of that process. We gradually migrated to a system where meter readers do not actually have to read or write any data down. All data is captured on a little portable computer that they carry around with them. They also use a system that will allow 2 or 3 people to read the entire county’s water meter data in one day. That helps us get more accomplished with fewer people and frees up staff time so they can do more service calls.
 
About 20% of our utility customers pay their bills online now. When face-to-face contact with water customers is reduced, customer service representatives have more time to focus on service and less time having to multitask. That’s helping us substantially. We are also building a citywide wireless network for our employees. It’s primarily for public safety (police and fire), but other employees can use it too. Those individuals will have wireless connectivity if they are on a City-owned network. At this point in time, we have to deploy hot spots to accomplish this goal. That means staff has to drive to a hot spot to get connectivity to the City’s network.
 
There are many benefits to having a citywide wireless network. For example, if a police officer is out in the field, he or she can write up a report immediately instead of having to come back to the office. Wireless also helps us in an area like the inspections department. Inspections staff is able to provide near real-time information back to their department, which can facilitate the building permit process. Overall, we find that wireless improves response time and also cuts down on travel time.

How has the City of Hinesville leveraged GIS?
We’ve had a GIS operation for probably 25 years at the City of Hinesville. As an example of how we use this information on a daily basis, I recall recently visiting with a citizen and utilizing GIS data to explain why he couldn’t do what he wanted to do on his property. We looked at an aerial photograph that showed clearly why their property situation was a certain way. GIS is a great communication tool. It’s also helpful for economic development because we’re able to meet with individuals who are interested in potentially locating a business in Hinesville. GIS helps us better discuss what property is available and what kinds of services we have. Also, departments such as police, fire, and inspections use GIS very effectively.

How have mobile devices impacted the City of Hinesville?
Sometimes I feel we can be a little too connected to our mobile devices, but I also don’t know what we’d do without them anymore. Their primary purpose is to help us stay connected and communicate, but they also help me individually to keep my schedule organized. I am anything but in control of my time since I’m often at the service of city staff, elected officials, and citizens. But my mobile device allows me to stay abreast of where, when, and what I’m supposed to be doing. Since I am called out of the office so much, I’m able to stay connected to my email and other data which prevents me from getting swamped whenever I return to my office.
 
With everyone always checking their smart phones, the downside is that we have a tendency to lose focus on what we’re doing at the time. I don’t know how somebody can focus on what a speaker is trying to tell you when you’re texting or responding to email. I think we’ve diluted our attention so that we don’t focus enough on what we’re doing at the time we’re doing it, and so our depth of understanding is somewhat minimized.


How do you stay informed about not only your City but also wider municipal trends?
For me, the Georgia City-County Management Association (GCCMA) and the International City/County Management Association (ICMA) are the two primary points of intersection with my colleagues. I think everybody, regardless of industry, should have a group of individuals from their profession who they talk with on a regular basis. There are people I call on for advice and ideas on occasion, and it’s reciprocated.
 
Within the City, I meet with key staff on a regular basis. That includes our IT director, police chief, fire chief, chief financial officer, and other department heads. We’re all in close proximity to each other, so we stay in touch and they keep me abreast of anything significant I need to know. We have bi-monthly staff meetings and review Council meeting agendas to make sure we have all of our bases covered, but we also use that opportunity for each staff member to inform other staff members about key issues that may impact or be of interest to the other departments.

What do you do for fun?
I like to spend time with my family. I also like fishing. I enjoy salt water fishing in Liberty and McIntosh Counties and catching speckled trout, redfish, and flounder. It’s nice being out on the water in a boat even if you don’t catch any fish. I’m actually rebuilding a boat right now. I’ve got a little 14-foot fiberglass boat that I’ve gutted, and I plan to tear it up and rebuild it. It remains to be seen whether or not I have the courage to put it in the water!
 
Visit the City of Hinesville, Georgia online at cityofhinesville.org.
Wednesday, May 18, 2011
Kevin Howarth, Director of Business Development
Data backup and disaster recovery are probably the most important and least appreciated areas in information technology. When VML Insurance Programs (VMLIP) noticed data backup costs increasing too much while unnecessarily confused about exactly what services they were getting, they needed to reassess and find a different solution with less cost and comprehensive coverage. Steven Bergman, Director of Technology & Operations, shares his insights about VMLIP’s initial data backup problems and how he solved them.

What was VMLIP’s initial problem with its data backup?

First was cost. I felt our vendor was overcharging us. We also had difficulty restoring individual files or mailboxes, and the headache and hassle of working with the vendor was starting to take way too long. I never understood how we were billed and exactly how much data was covered.

What did VMLIP need as a solution?

We looked at several co-location facilities and initially thought we would replicate our data over to them. However, the costs in most cases were outrageous. We needed a cost-effective umbrella solution encompassing data backup, disaster recovery, and business continuity. We decided it was in our best interest to see if there was one vendor that could provide all of these pieces.

At first, the vendor research was frustrating. Even though we were clear about what we wanted to back up, vendors seemed to ignore that we had a lot of data in file shares that worked on virtual machines. They often said, “Oh, we didn’t realize you wanted that data backed up too.” And all of a sudden the price jumps way up. That happened three times with three different vendors. We told them exactly what data we had, and in all three cases they didn’t listen to us.

What did Sophicity provide as a solution?

Sophicity provided us with a reliable data backup solution that minimizes the risk of data loss because of how often (every hour) our information is backed up throughout the day. If we lose information, it’s an easy restore process. We just contact Sophicity’s helpdesk and files get restored. We also saw a dramatic decrease of 60% in monthly expenditures.

We partnered with Agility for continuity to provide a place to work in case of disaster. With the combination of Sophicity and Agility, we have data backup and disaster recovery, more options and less cost. Also, there is no bureaucracy to go through when getting data restored. With Sophicity, you send them an email or give them a call, they get back in touch with you, they get on it as soon as possible, and they do it.

Why would VMLIP recommend that local governments consider this solution?

First is cost. For what you’re getting, it’s a cost-effective solution. Second, many local governments probably have a data backup solution but not disaster recovery. It’s one thing to have your data backed up offsite, but if you lose your facility and you have no equipment, then what good is your data? Sophicity’s data backup and disaster recovery solution, along with the ability to either fail over to their data continuity appliance or they ship us another server, is very valuable in minimizing our downtime.

This article was originally published in the May 2011 issue of Virginia Municipal League's monthly magazine.
Wednesday, May 18, 2011
Clint Nelms, Network Infrastructure Practice Manager

In case you haven’t noticed, the theme of cloud computing and cost savings is spreading like wildfire through many organizations – including municipalities. According to a recent GovTech article, the City of Alexandria, Virginia will save $1 million over the next 6 years through its use of cloud computing services. A few tips stand out:

- Standardize computers, operating systems, and software packages to save money on licensing costs.
- Evaluate if your users are suffering from disruptions or obstacles to productivity. If so, it’s a good opportunity to reevaluate your information technology.
- Don’t ignore your phone systems. These are often very expensive, but the City saved money from transitioning off of Blackberries to iPhone/Androids. Cloud computing VoIP options may also help reduce costs.

You may feel your municipality or organization is in the Dark Ages of information technology with aging computers and software, and that modern trends have passed you by. Actually, if so, this is the best time to explore cloud options.
  
Wednesday, May 18, 2011
Kevin Howarth, Director of Business Development

Pujan Roka wrote an excellent concise article about cloud computing in the May 8, 2011 edition of the Atlanta Journal Constitution. In it, he describes how information technology is increasingly becoming more like a utility. Cities (especially for the cost savings) should seriously be looking at the cloud. For example, the City of Canton, Georgia is experiencing feature rich benefits from using Google Apps – while saving $10,000/year in costs.

In our discussions with both technical and non-technical decision makers at cities, we hear objections and some confusion about how the cloud will benefit them. One way to think about cloud computing is to consider the early days of electricity. Roka points out how factories initially had to produce their own electricity, which was expensive and created a lot of waste. Once electricity shifted to the utility model, costs came down and quality of service went up.

Information technology is going through a similar revolution and despite some recent highly publicized outages, the reliability is all but 100%. It’s now just a matter of jumping into the cloud – and bringing your costs down.

Monday, May 16, 2011
Dave Mims, President
Sophicity was a sponsor for High Tech Ministries Make it Feel Like Home project May 4 - 7, 2011 at Must Ministries Marietta. With the help of 120 volunteers and six corporate sponsors, three projects were completed within 72 hours that included a playground, kitchen, and welcome center.
 
"Sitting down together for a meal may be the most basic way to express hospitality to those who find themselves in the distress of homelessness. We can now offer this ministry in a more welcoming environment, which is a wonderful gift to our guests. Additionally, our guests now have a playground that will allow their children to relax and play. Being able to add beauty and inspiration to the kids' imaginations as they try to find a sense of normalcy amidst the stress of being in a shelter is a true blessing." - Bob Milburn, Director of MUST Emergency Shelter and Outreach Programs
 
Truly a wonderful blessing being able to work alongside so many from our technology community here in Atlanta with the goal of serving families and children in their time of need.
 
About High Tech Ministries (www.hightechministries.org)
High Tech Ministries is a non-profit organization that empowers workplace ministers to lead people in the Atlanta high technology community to a growing relationship with Jesus Christ.
 
About MUST Ministries (www.mustministries.org)
MUST Ministries is a faith-based, 501(c)3 non-profit charitable organization dedicated to providing services to persons and families in crisis while maintaining their dignity. MUST is a place where one's faith can be put into action and where we can minister to the poor, the brokenhearted and those who are in crisis - in a place where "your deep gladness and the world's deep hunger meet."
Tuesday, April 19, 2011
Dave Mims, President
Over the past few years, we have witnessed many technology support companies take advantage of the tendency for cities to simply pick the cheapest solution. Municipal procurement processes often encourage a “low price” philosophy, but this philosophy is especially damaging when information technology is treated like office supplies or a desk. Many technology vendors know how the game works, so they often submit a vague cheap quote that sounds good on the surface. When technical expertise is lacking, cities time and time again go with the cheapest solution.

It doesn’t take a prophet to predict what will happen 2-3 years down the road: frustration, bad service, and (yes) disaster. Cutting corners in the short-term leads to hemorrhaging money long-term. Not only are taxpayer dollars wasted, but cities do not realize the full ROI and value that information technology should be providing.

Unfortunately, information technology remains one of the most complex and least standardized services. It is often difficult to understand technology, equally compare technology vendors, and adhere to any standards (due to a lack of federal, state, or local regulations concerning technology support). As a result, many cities suffer from aging hardware that slows staff productivity, technology environments that are only fixed when a major disruption occurs (at which point it’s usually too late), information security that is the equivalent of leaving the doors of City Hall unlocked, and lack of data backup and disaster recovery. And cities thought their managed services provider was helping. So how did they end up here?

Asking the Right Questions and Understanding What You’re Getting

Many cities do not have the technical expertise to fully understand what “technology support” entails. Vendors often play up to this lack of understanding, focus solely on price, and get your business. We call this the “bottom feeder” approach. Cities think they’re getting a deal – until they see the bills that come later. Any problem that arises with a “bottom feeder” vendor often leads to a) another bill, and b) a chance for the vendor to upsell you on another product or service.

As you will see below, vendors will present services to you that are misleading and too good to be true. This article explains a set of typical “managed services” features that bottom-feeder vendors provide. I’m sure you’ve heard these claims. Perhaps your current provider even provides these “myths” to you. We ask you to challenge current and potential vendors with these questions. No matter what vendor you choose, understand what you’re getting.

24x7x365 Coverage

Myth: The vendor says they are providing services 24x7x365. That means they are taking care of my technology equipment 24x7x365, and whenever I have a problem I can call someone.

Fact: This is not true unless additional specific help desk support coverage is specified. It is typical for a managed services vendor to install agents on hardware and monitor it 24x7x365. That only means they are monitoring for problems. It does not mean you have access to a person for help 24x7x365.

In most cases, there will be long stretches of time during the week when either a) no human is staffed to cover your technology support, b) the person who is providing support is either the lowest-level technical resource or a non-technical resource, or c) a call center (usually with Tier 1 support somewhere unknown or offshore) will answer your calls 24x7x365. Depending on if any helpdesk hours are bundled into your monthly fee, these calls (and any problem resolution) will cost you money if steps need to be taken to solve a problem.

“Local” People Helping You

Myth: I feel comfortable using a local managed services provider because I trust these local relationships more than an outsourced or offshored model.

Fact: Do you really think your managed services costs are so low without any outsourcing or offshoring taking place? Numerous managed services providers engage your business by way of a local sales representative (e.g. CEO of company, account manager, etc.). However, they are often the only local staff of that company. In order to keep costs very low, these companies have to outsource and (in many cases) use offshore models in order for their companies to provide you cheap 24x7x365 coverage.

In other words, you may not be getting United States-based coverage. If that aspect is important to you, it is useful to know that many vendors are not forward about who and what type of engineers are providing you services. Thus, your level of comfort with a “local” provider is based on a false assumption.

Equipment Monitoring and Maintenance

Myth: The vendor is always monitoring my servers and workstations. That means when they find a problem, they fix it.

Fact: The vendor will certainly monitor and be alerted to any technology issues. However, this does not mean they will fix the problem. (It may just mean they closed another sale!) Automatic maintenance is usually limited only to the basic of basics: patching, removal of temporary files, running spyware scans, collecting data about the health of your hardware, etc. Maintenance does not mean fixing your servers or workstations when critical issues occur. You will be billed extra at a time when your choices are limited.

Conclusion

Below, you will find questions that give you a guideline for interviewing vendors about their services. Remember:

  • They prefer you don’t know what 24x7x365 really means – only that it sounds like it’s covering you all of the time.
  • They prefer you don’t know they are using offshoring to present a cheap solution to you – only that you’re reassured by their local sales presence.
  • They prefer you don’t know how much (or how little) “maintenance” really means – until a disruption occurs and they can start billing you hourly for “unexpected” costs.
Information technology support may be a difficult area to evaluate. The pressures for city administrators to bid out technology support and make a decision as quickly as possible may tempt them to think most vendors are the same. City Councils who are perhaps focused only with cost may simply rubber stamp the lowest cost solution. But the consequences of such decisions will haunt cities later with server and workstation failures, security breaches and viruses run rampant, data loss, and public embarrassment when audits reveal a staggering lack of technology professionalism – and waste of taxpayer dollars.


10 Questions to Ask Technology Support Vendors

  1. Define 24x7x365. What does it exactly mean?
  2. Are the vendor’s engineers working 24x7x365? Are they on shifts? What level of engineer is on these shifts? Can I meet these engineers? Where are they?
  3. Am I calling into a call center? Where is the call center? Trace the route of an issue from the time I call in to the time it’s resolved. What is the resolution time for an issue? How quickly can someone arrive onsite?
  4. Do I get the same type of engineers after hours that I do during normal business hours? Is it an engineer? Are issue resolution times consistent across all coverage hours?
  5. Do the engineers receive background checks?
  6. Who has access to my data and sensitive information such as passwords, user names, etc.?
  7. When an alert is generated, what happens next? Am I notified of the problem? When?
  8. What specifically is monitored? What different equipment is exactly supported? What automated activities are occurring to “maintain” my hardware?
  9. When a piece of hardware fails or has a critical issue, what happens?
  10. Why is my managed services contract so thick?
Tuesday, April 19, 2011
Dave Mims, President

Are you still managing project tasks with post-its all around your PC? Are your estimates realistic? Are all team members and project sponsors on the same page? Do you have to crunch the numbers again and again to report status to decision makers? Maybe Microsoft Project’s predecessors give you a headache when running a large project schedule? :)

Check out my presentation at the Southern Municipal Conference IT Spring meeting where I shared and demoed a pretty cool tool that Sophicity is now using called LiquidPlanner. It solves, very well, a few of the pains that we all encounter managing IT projects.

Tuesday, April 19, 2011
Kevin Howarth, Director of Business Development

Clint Nelms, Network Infrastructure Practice Manager at Sophicity, recently published “Three Reasons Why Cities Should Consider Hosted Email” in the March 2011 issue of Texas Town & City. The magazine is published by the Texas Municipal League and focuses on a variety of contemporary municipal issues. We encourage you to read the complete article and also visit Texas Town & City online.

Tuesday, April 19, 2011
Clint Nelms, Network Infrastructure Practice Manager

You may have already implemented or considered cloud solutions, especially enticed by the reductions in technology costs. But many people are still concerned about security. “What happens to my data when it’s ‘out there’ in the cloud?”

Here’s Army General Keith Alexander, commander of U.S. Cyber Command and director of the National Security Agency:

“This [cloud] architecture would seem at first glance to be vulnerable to insider threats—indeed, no system that human beings use can be made immune to abuse—but we are convinced the controls and tools that will be built into the cloud will ensure that people cannot see any data beyond what they need for their jobs and will be swiftly identified if they make unauthorized attempts to access data.”

Read the entire article from Forbes.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 |