surface, this might seem like an obvious headline. Of course unlimited offsite
data backup storage is awesome. It’s unlimited! Isn’t that the only benefit
worth talking about?
the “unlimited” aspect alone isn’t enough of a reason to compel every city to
move in this direction with offsite data backup. So, if you haven’t considered
unlimited offsite data backup storage, here are some benefits that go beyond
the simple fact that it’s “unlimited.”
As you can
see, many bottom line benefits result from moving to an offsite data backup
solution that includes unlimited storage. And remember, you’re not doing real
offsite data backup if you’re storing your data nearby—even at different
buildings within city limits. You need to store your offsite data backup in
geographically dispersed locations around the country to ensure full recovery
in case of a major disaster.
Questions about unlimited data backup storage? Reach out to us today.
Patch management—what you might know as
the applying of updates to software—is often an overlooked and even neglected
task. Sometimes, cities may be too busy to apply them, don’t want to interrupt
employees, or simply don’t think the timely application of patches is a big
deal. Hey, as long as nothing breaks, right?
However, a recent story in the Atlanta Business Chronicle demonstrates exactly
why patch management is important. Take something as innocent as a wireless
keyboard and wireless mouse that you might use with your laptop. As Urvaksh
“Atlanta-based Bastille has discovered a vulnerability in
wireless mice and keyboards that leaves billions of PCs and millions of
networks vulnerable to remote exploitation via radio frequencies. Using an
attack which Bastille researchers have named “MouseJack,” malicious actors are
able to take over a computer through a flaw in wireless dongles, the company
said in a statement.”
As vulnerabilities are found, vendors
create a fix and make a patch available. But those patches still have to be
deployed or rolled out by your IT staff or vendor. Many patches fix security
holes and bugs in software. Not applying patches means that you are leaving
security holes open for hackers to exploit.
Sometimes, cities turn patching off
because they are afraid that an update will break their software. This is bad
because you’re not fixing security vulnerabilities. As cities (and all
government entities) are continually held to higher cyber security standards, a
simple ongoing task like patch management becomes essential.
Do not think you’re doing patch
management when employees download and install Windows Updates to their
computers. Patch management needs oversight by IT professionals. For example,
what happens if you install a patch and it breaks something in your software?
Would you know how to uninstall it and revert back to a previous state? IT
professionals know how to test and apply patches, understand which patches are
appropriate, and use strict procedures if something goes wrong with a patch.
An amateur sees patches released by a
software vendor and applies all of them. An IT professional knows that all
patches aren’t created equal. Before applying patches, they test them to make
sure nothing breaks or a software flaw isn’t introduced. In our case, we run
vendor patches through a variety of server and desktop configurations to test
for errors. We “green light” those that pass successfully and then install them
on your machines. If a patch creates a problem in our test environment, we
don’t apply it. Instead, we communicate the issue to the software vendor. We only skip
testing when the patch is deemed so critical to your security that it must be
Patch management loses effectiveness when
your employees or IT staff only apply them to machines on your network at your
building and skip machines in other locations. Nowadays, modern patch
management allows IT staff or a vendor the capability to apply patches to
servers and workstations regardless of location. Yes, that means your computer
gets patches applied even if you’re on the road or working from home.
The main takeaway? You need to make patch
management a regular, important part of your IT maintenance. Generally, that
means experienced IT staff or a vendor overseeing patch management as part of
their regular, proactive duties.
Are you patching your servers and computers regularly? Reach out to us with any questions or doubts about your patch management process.
It’s fun to
get excited about ambitious website goals—a new website, a new online payment
function, or a photo gallery highlighting your tourism or downtown development.
Or maybe you’re so focused on day-to-day operational activities that you
haven’t taken a look at your website in a while. Either way, it’s easy to
neglect some obvious things that make your website—and your city—look bad.
your website is often the most common way that people get a first impression of
your city. Whether or not you’ve recently redesigned your website, there are a
few common mistakes that cities don’t realize leave a very bad impression on
citizens, future residents, potential visitors, and businesses.
Here are six
quick, low-budget ways that you can immediately improve your city’s website—no
matter how old or new.
you’re worried about budget for a new website, first take a look at your
current website. Do you have any of the glaring issues listed above? These are
extremely low-budget items to fix that have an immediate, big payoff. Remember,
you’re always on audition. People are researching your website for a variety of
reasons. The difference between getting more tourism dollars, an additional
business relocating to your city, and more residents moving to your city versus
losing them may be that first impression.
Once you fix
the problems listed above, it’s just the beginning of really harnessing the
power of your website. Read our New Year’s post for more tips and advice about how
to make a city website work for you.
things in life, documents have a lifecycle. They are born, they live, and they sometimes
pass on to document heaven. If you have a document management system, you
probably understand the document lifecycle more than most. And if you don’t
have a document management system, your documents still go through this
lifecycle—even if it’s chaotic and hard to track.
Why is the
document lifecycle so important that we should analyze it? Why not just create
the documents you need to create and get on with it? The short answer is that
the more you understand your document lifecycle, the better you can manage the
process in terms of document quality, consistency, and ease of use.
Let’s take a
closer look at the steps and see why each step is important to examine.
all documents need to be created. But have you ever thought about the
complexity behind document creation? For example:
complex, you might need to title documents in a certain way, tag them with
“metadata” (such as identifying the author, date created, city department,
etc.) to make them easier to find, and make sure the document is accessible for
people with disabilities. In other words, there can be a lot more to document
creation than first meets the eye.
create the document, where does it go? Usually, this point of a document
lifecycle is a mess at many cities. Documents may get stored on individual
computers, flash drives, or unorganized shared folders on a server. Some
questions to think through include:
document involves both ease of retrieval and authorization. In some cases, it
may also mean how to access the files in order to transfer or share them
somewhere else. This part of the document lifecycle is extremely important. Ask
becoming finalized, documents need to be edited, reviewed, and approved by
people who are often not the author. Instead of chaotically sending documents
back and forth through email, many document management systems offer some ways
to improve the quality of this step in the process.
steps you will need to set up in your document management system that align
with your policies and procedures, and you can work with your IT staff or
vendor to activate these kinds of features.
This step of
the process is an important legal step for cities. Depending on your city’s
records retention policies that follow state law and local ordinances, you may
have different policies for different documents. These can be set up by
municipal-experienced IT professionals who are trained in following records
you’ll apply many of the same tips above to an archiving strategy that makes
As you can
see, the steps above are obvious but the thought behind each step isn’t. We
accounted for a lot of complexity in certain steps that may not apply to your
city. That’s okay. You may not require meticulous “metadata” or need multiple
people collaborating on documents. However, you should give each step some
serious thought depending on your particular needs. This will make sure you
both comply with the law and also just make your overall document lifecycle process
easier for everyone involved.
Questions about your document lifecycle? Reach out to us today.
Do you think
about hackers in an outdated way? For example, you might imagine lesser hackers
as extremely intelligent yet rebellious teenagers in their basement trying to
hack into someone’s servers or computers. And you might imagine more
experienced hackers as part of international organizations that make concerted
attacks on high-profile targets such as the United States government.
hacking has evolved like most information technology. It might surprise you to
know that modern hacking is largely automated. That means hackers are using
software to probe thousands and thousands of computers in order to look for
weak spots. And once they find a weak spot, they attempt to break in.
your city is a target. You might think, “Why would some hacker target my small
city?” They’re not. They’re scanning thousands of targets. Eventually, that
scanning will find you—detecting your weak spot and exploiting it. Many incidents on the news discussing the aftermath of hackers
attacking smaller, lesser known cities show that’s the case.
So, how do
you avoid becoming a target? Here are five key areas where you may be leaving
yourself open to hackers.
We have to
begin here because even the best security can’t prevent a human being accidentally
giving a hacker access to a city’s information. How does that happen? Many
people still get fooled by malicious email attachments, websites, and online
software. Even “fun” things like online games and social media quizzes can
contain viruses, malware, and spyware. You need to train employees about
malicious online content and regularly review tips and advice with them. The
easiest way for a hacker to get in is when someone lets them in the door.
SplashData got a lot of press recently when
they published the most common weak passwords in 2015. Many, many people still
use horrible passwords such as “123456” and “password,” and then wonder why
they got hacked. Remember, hackers are using automated software to look for
holes. That automated software includes easy tools to guess common and weak
passwords that are easy to crack. You need long, strong passwords with a mix of
letters, numbers, and special characters to help secure yourself.
You ever go
to a coffee shop or public place and look for wireless access on your laptop?
You probably notice some of the connections are secured and you need a password
to access them. But some are “open” and you can hop on without a password.
While open access points make it easy to get Internet access, they are
incredibly dangerous if they’re set up that way at your city. Make sure every
one of your wireless access points is secured—meaning the data is encrypted and
access requires a password. Otherwise, you’ve left open another door for
Think of a
firewall like you’re going into a secure government building like the White
House. Guards at the gates will rigorously check each and every person who
enters and who leaves to make sure that no threatening or suspicious people
cause any harm to the President and his staff. We shudder to think what would
happen if the White House lacked that security. Now, think of your firewall
like White House security. If your firewall is improperly configured (or even
non-existent), that means any hacker can enter in through a “gate.” Your IT
staff or vendor can make sure your firewall is set up so that it’s inspecting
all suspicious cyber-intruders and preventing them from entering.
system such as Windows often delivers up a series of updates and patches every
week or two. Similarly, Internet browsers such as Internet Explorer regularly
update the software that allows you to access the Internet. If these updates
and patches are not installed, you increase the risk of hackers exploiting
known security gaps that companies work so hard to find and protect you from.
Make sure your IT staff or vendor regularly applies updates and patches to your
operating systems, Internet browsers, and any other software.
Preventing hackers from attacking your city is similar to physical security.
Make sure you don’t let suspicious users inside, and make sure you monitor and
inspect the information going in and out. While there is always a chance of a
hacker finding a way in, shoring up the security behind these five items will
go a long way toward helping you fend off hackers.
Need to discuss cybersecurity in more detail? Reach out to us with any questions.
past few years as cities have adopted IT in a Box, we’ve learned more about common questions that people have
about it. Recently, we produced a brochure that encapsulates exactly what makes
our services unique, relevant, and impactful for your city.
we write blog posts about common city-related IT issues or opportunities for
technology to help you excel at citizen service. Here, we’re taking a rare blog
post to talk a little about us. But it’s really about you. By expanding upon our
brochure, we’ll help explain some of the answers to the common questions we get
that center around the question, “What can I expect with IT in a Box?”
leagues often vet vendors that provide important services and products for
cities. Once a product or service is approved by a municipal league, a city can
rest assured that the product or service has had a positive impact on cities. IT
in a Box is the preferred technology solution for the Georgia Municipal Association, Kentucky League of Cities, and Arkansas Municipal League. That’s a loud statement of trust in
Georgia, Kentucky, and Arkansas.
technology vendors provide generic solutions applied to a wide variety of
industries. Even if IT vendors do specialize, it’s rare to find a city-tailored
technology solution. Sophicity is a rare IT vendor that has customized the entirety
of its services—from websites to data backup—for cities.
usually a major issue for cities when considering technology solutions. As a
result, we’ve worked extremely hard over the past few years to include a comprehensive
set of technology services for municipalities at the lowest overall price point
to give cities the biggest bang for their buck. We make sure that cities from
smallest to largest receive the same services at the right scale for them.
Plus, the price is flat and predictable each month, making budgeting simple.
ask us how we get IT in a Box rolled out at their city. We’ve got this onboarding
process down to a science.
day-to-day service receives a lot of praise from cities for its unique level of
care that’s tailored to cities. Our secret? Just doing the basics well.
like to talk to us in more detail about our trusted, tailored, and affordable IT in a Box solution, reach out to us.
think that hiring IT support only when you absolutely need it might save you a
lot of money. Especially if you’re a smaller city with only a few servers,
computers, and users, it may seem easier to handle most of your technology
issues yourself and only call an expert if something goes really wrong or becomes
too technical for you to fix.
a reactive IT approach hurts your bottom line indirectly and impacts you on
many other dangerous levels despite the short-term immediate savings you glean.
Even small businesses of one or two people are finding it more and more
essential to use some form of proactive technology services and support for
their business. With money and their business’s credibility on the line, they
can’t afford to mess around.
you. As a city, you handle incredibly important information, serve citizens
every day, and rely on technology to both stabilize operations and complete
important projects. Here are five ways that a reactive technology approach
hurts your city.
know when your next crisis, fire, or repair will happen, and so you won’t know
how much your technology services will cost each month or year. And when you
deal with a crisis, you have little choice about spending that money.
Unpredictable budget line items are bad for cities, and having a reactive IT
strategy gives you a consistently unpredictable monthly technology cost.
difficult to sound nice here, but we must be blunt. Just imagine a house or an
office which often catches on fire, loses electricity, or gets flooded. Would
you just fix the immediate problem and not look at the root cause? Many cities
put up with technology environments that are the equivalent of these disastrous
homes or offices by only dealing with immediate crises, putting Band-Aids on them,
and not addressing their root causes. In the long-term, that kind of approach
is not only negligent but also expensive because you never really solve the
only reacting to technology fires, then what happens in case of a server
failure, a failed backup, or a virus that ravages a computer (or computers)
holding sensitive information? Do you know for certain that your data can be recovered?
Cities that rely on manual data backups performed by non-technical staff
introduce a lot of risk into the process. We find that manual data backups are
often not regularly tested—and they fail when most needed. Uncertainty grows
even worse in case of a major disaster like a tornado, fire, or flooding.
proactive IT strategy with continual monitoring, management, and maintenance
(by both human beings and automated software) ensures that you are not leaving
yourself wide open for cybersecurity liability. As time goes on, more and more
laws are passed that hold government agencies (including cities) more accountable
for cybersecurity. That includes having adequate protection from hackers,
viruses, and spyware along with training employees about not clicking on
malicious websites and email attachments.
So let’s say
you limp along during those times when you’re in between crises and fires, with
the hope of saving money. We will bet that several things tend to constantly happen
that affect both employees and citizens such as:
When you let
these problems linger, employees grow frustrated, citizens get angry, and
productivity gets stuck in the mud. And that leads to further problems like
employee turnover, angry citizens at city council meetings, and stalled
projects if they are never addressed.
problems grow unsustainable over time and may only remain acceptable if it’s
your status quo. Sure, it looks like you’re saving money on the surface but the
unpredictable costs, fires, uncertainty, and poor operational delivery all lead
to lost money and productivity—not to mention a series of embarrassing
situations that you have to constantly explain to employees and citizens.
A proactive approach will take care of these issues and save you money over the long run. If you find yourself in a reactive technology situation, reach out to us to hear more about the benefits of proactive IT services.
Want to ruin a city clerk’s day? Say the words, “Open
records request for an email.” These kinds of information requests are a giant
hassle and we’ve written about their excessive cost. In
many cases, cities are at an extreme disadvantage because they use obsolete,
outdated email systems or consumer grade email systems that not only make email
records hard to find but also may place the city at legal risk.
A modern email system with enterprise-class features will
eliminate many of the worries that cities go through when fearing an email open
records request. While we’ve talked more about the cost reductions of a modern
email system in the past, here we discuss four specific ways that a modern
email system will help with open records requests.
Ideally, you should not only modernize your email system to
make open records management easier but also rely on IT staff or a vendor with
extensive experience in retrieving those kinds of emails. With a modern email
system and the right expertise supporting your city, you will be able to
significantly cut down on the time and cost in processing an open records
Reach out to us
if you have additional questions about emails and open records requests.
One of the biggest technology service demands we see at cities
is a need for ongoing vendor management. What does that mean? In many cases, it
includes things like getting on the phone with a software vendor to resolve
technical issues or helping cities purchase computers that specifically meet
their needs and budget. But other than immediate issues that need instant
resolution, there are quite a few other long-term reasons why ongoing vendor
management helps a city’s operations and positively affects its bottom line.
Without IT vendor management, it’s easy to get distracted by
a vendor’s upselling and irrelevant product features that sidestep your issues
and priorities. Vendors need to understand your city’s business priorities and
ongoing operational needs in order to focus on your problems. To keep vendors
focused, we often work to include them in your city’s planning and seek to understand
how they can best help you.
It’s understandable to save as much money as possible. But
IT vendors usually don’t sell easy-to-evaluate commodities. The cheapest
solution may not meet your business needs and the lower quality result may hurt
you financially more than the savings you gained. An IT vendor manager can help
you evaluate solutions in terms of value rather than strictly on price. Plus,
if you know you’re getting the right value for the cost, then you’re also less
likely to regularly switch vendors because you’re always looking for the lowest
At the same time, you also don’t want to stay with IT
vendors that aren’t meeting your needs or overcharging you. When we first start
working with a city, we often take a look at existing contracts to ask:
Once those questions are answered, an IT vendor manager can
then formulate a plan that better maximizes what a city gets out of existing
vendors or prompts the city to shop for new vendors that better meet business
We mentioned in the introduction that the most common vendor
communications tend to be important but reactive—such as a software issue or
need to purchase a computer. Beyond these communications, it helps for
experienced IT professionals to set the tone of a vendor relationship and build
it up positively. If vendors know that an experienced IT professional is
overseeing their work, it will be easier for them to engage with your city and
do exactly what they promise. With a good relationship established, you’ll also
find that vendors respond more quickly and efficiently to both short- and
Ultimately, IT vendors need to deliver what they promised.
We find a lot of cases when it’s unclear what a vendor is doing and what
results they are producing. When selecting a vendor, requirements documents
help define exactly what the vendor provides. After selecting the vendor, it
helps to get reports that show relevant metrics or results (depending on the
service provided). This reporting doesn’t have to be that fancy—but it should
basically show that your city receives the results they expect.
Typically, building vendor relationships can be difficult
for non-technical city staff (and even the limited number of IT staff onsite)
because of the time and technical expertise it takes. Having
municipal-experienced IT professionals manage these important vendor
relationships ensures that you extract the most value for your investment. And
because technology investments are often quite expensive, this kind of
professional oversight is more essential than ever.
Have questions about your vendor management process? Reach out to us today.
investigators combed for information about the San Bernardino shootings, they relied on electronic information that the killers thought was destroyed. The killers assumed that by
damaging their electronic devices (including throwing some of them in water)
that all of their information would be destroyed.
takes a lot more than smashing an electronic device to confirm that all data is
successfully destroyed. That’s why the FBI could possibly still find information
on the killers’ damaged electronic equipment.
From an IT
point of view, we can learn from this incident and show why professionals need
to decommission your hardware when you no longer need it. You might think you
can do it yourself, but here are some issues you will encounter and mistakes
you may likely make.
how you want to decommission your hardware, IT professionals will safely and
securely make sure that no information can be retrieved by a third party.
Wiping a computer so that it can be reused means professionals using
complicated software and a complex set of technical steps to ensure that the
hard drive is completely erased. And hardware decommissioning and disposal is
similarly left in the hands of trained IT professionals.
Need help decommissioning
hardware? Reach out to us with any questions.
Our Focus | Products | Resources | Company | Contact | Sitemap | Login
© 2009-2017 Mimsware Corporation, all rights reserved. Sophicity®, "We put the IT in City”, and the Sophicity logo are registered trademarks of Mimsware Corporation d/b/a Sophicity.