While many cities agree that they need to store and back
up their data offsite, we often get into a lot of complicated discussions about
what “offsite” actually means. Isn’t “offsite” literally someplace that is not onsite
at the building where you’re storing your information? Why doesn’t a particular
“offsite” building count as offsite?
To help clarify what constitutes as “offsite,” let’s run
through some imaginary but representative scenarios that we often hear when
talking to cities. In these scenarios, we’ll assume the onsite data is stored
at City Hall.
Scenario 1: We store our data backups
“offsite” at the fire station down the street.
Why it’s not “offsite”:
While you are storing your data in a completely different building, it’s too
geographically close to City Hall. If a tornado, thunderstorm, or other weather
disaster were to affect several blocks of the city, both City Hall and the fire
station would be at risk of losing all data. Disaster recovery needs to account
for a catastrophic disaster, so having your data stored “offsite” down the
street is just not far enough away to constitute as true offsite data backup.
Scenario 2: We store our data backups
“offsite” on a flash drive at the mayor’s house.
Why it’s not “offsite”:
Even if your mayor is the most trustworthy person in the world, this is a bad
solution from all perspectives. First, the mayor likely lives nearby, so the
same proximity flaws from Scenario 1 apply. But you are also introducing other
risks. What if the flash drive is lost or stolen? Where is the mayor storing
the flash drive? On a kitchen table? In a vault? Near water or coffee or
something magnetized? How do you know that the mayor isn’t storing the data
somewhere else? What happens if the mayor is not reelected? Does the new mayor
have to keep the city’s data at his or her house? Having a single person
handling a portable piece of media like a flash drive and carrying it back and
forth from home to City Hall, even if they’re diligently doing it every day, is
way too risky.
Scenario 3: Our IT provider stores our
backups at his house.
Why it’s not “offsite”:
Not only is this completely unprofessional for an IT provider, but it’s like a
worse version of Scenario 2. At least the mayor is someone elected to look out
for the best interests of the city. An IT provider’s job is to get paid to implement
data backup best practices that mitigate risk for the city. You may even know
the IT provider, but in no way should you ever trust your data to reside at anyone’s
house. The liability is enormous. What if you decide to sever relations with
this IT provider? What if the IT provider gets angry and holds your data
hostage? What is the IT provider doing with your data at home? How is your IT
provider able to test and audit your data professionally? Any backups stored at
someone’s house is a bad, bad, bad strategy.
Scenario 4: Our data backups are stored at a
building about six miles away from City Hall.
This scenario is not as bad as the others, and it’s
tempting to allow for such distance to constitute as offsite data backup.
Another temptation connected to keeping data within driving distance is a sort
of irrational feeling of security—if the data is close and you can drive to see
it, it feels safer. But again, think of natural disasters. Earthquake. Tornado.
Hurricane. Flooding. It’s not uncommon for such disasters to tear across wide
swathes of a city. For true 100% disaster recovery, you need to make sure your
data is stored much further away—quite geographically remote from your city.
So, if the above scenarios are not offsite, what does
constitute offsite? As a general rule, offsite backup should meet the following
And today, you have a great opportunity to do offsite
data backup right. With such cheap unlimited cloud data storage available,
there are plenty of good and easy-to-setup options for offsite data backup. The
costs have lowered so much and the quality of offsite data backup has risen so
much that even smaller cities can affordably implement automated, encrypted,
secure data backup.
To talk about offsite data backup in more detail, please contact us.
Just like greeting and orienting someone when they walk into City Hall, a city’s website must do the same thing with its City Hall website page. Your City Hall page might also be called City Services or serve as the City Clerk’s page. However you organize your information, you need a page that introduces citizens to city administrators and directs them to your most important services.
While the content on this page should be basic and functional, you want to make sure you provide a good balance of relevant and thorough information. We see too many City Hall pages as only dry lists of names or lacking essential information. In this post, we provide some tips about what content you need for a successful City Hall page.
While function really takes precedence on this page, you want a few flourishes that show you’re a good host—like City Hall itself. Your City Hall is about business, steering citizens to where they need to go. But you also welcome them, smile, and engage them in some small talk before moving them on their way. Your City Hall web page works in the same way. Greet citizens, be helpful, and use the information you present and prioritize on your City Hall web page to send them on their way.
To talk about website content in more detail, please contact us.
A very nasty computer virus called Cryptolocker is circulating around businesses, government entities, and many other organizations. We’ve already seen one city infected with this virus and have heard of several other victimized cities. This is not something you want infecting your city’s computers.
To help protect you against the Cryptolocker virus, we’ll answer some common questions and offer some proactive tips—especially if you feel unprotected against viruses.
Ransomware is one of the scariest viruses out there. We’ve become so dependent on our electronic data, either on our computers or in the cloud, that losing access to that data would be devastating. And hackers know that. So, they prohibit access to your data in exchange for a ransom. It’s the digital equivalent of taking your most valuable possessions hostage.
It encrypts the hard drive of your infected computer, meaning you cannot access or read your data. A popup window will appear and you’ll read a ransom demand for money in exchange for what’s called a “private key” so that you can decrypt your hard drive. It’s like a hacker has a padlock on your data, and the hacker has both keys. Supposedly, if you pay the hacker it’s like they give you one key and you both open the padlock at the same time.
We typically do not recommend paying the ransom. The hackers will tell you that if the money is not paid within a certain amount of time (usually about 24 hours) then the private key is destroyed and the contents of your computer are lost forever. But these are criminals. Once they have your credit card information, what will stop the hackers from using your credit card information again (or even stealing your identity)?
In the short term, an enterprise-level antivirus solution can easily detect and eliminate the virus. However, if you already saw the popup window demanding a ransom, then it’s already too late to unencrypt your files. You’ll lose your data, but the virus will be eliminated by the antivirus software.
In the long term, or even if you haven’t been infected by the virus, you want to take proactive steps to protect yourself from Cryptolocker and other viruses.
If you feel unprotected against a virus of this caliber, please contact us. We will be more than happy to answer any questions you may have.
GMA helps city procure equipment to start operations and launch website, data backup & disaster recovery, and email.
As one of the newest cities in Georgia, Peachtree Corners is
located in fast-growing Gwinnett County in metro-Atlanta.
Located near successful business clusters such as Technology
Park and The Forum, Peachtree Corners is a planned community
that is now the largest city in Gwinnett County. Like any new city,
Peachtree Corners is creating everything from scratch – from its
vision of the future to the most tactical aspects of its operations.
From the start, Peachtree Corners needed robust IT to help them
hit the ground running. Like most cities, they needed a website,
basic hardware to help run operations, software licensing, and
email. Without the basics in place early on, Peachtree Corners
would not be able to effectively serve citizens—and these citizens
would be watching this new city very carefully.
In addition, Peachtree Corners also had to think about ongoing
costs that included data backup, disaster recovery, website
hosting, website content management, hardware support, and
access to a helpdesk. The city had not yet budgeted for longterm
future IT costs, and the potential high cost of building an IT
infrastructure seemed daunting.
Peachtree Corners solved these challenges by using the Georgia
Municipal Association’s “IT in a Box” service. Powered by
Sophicity, “IT in a Box” is a complete IT solution for cities and
local governments. The service includes a website, online
payments, onsite data backup, unlimited offsite storage of data
backups, email, document management, Microsoft Office for
desktops, server, desktop, and mobile management, vendor
management and a seven-day a week helpdesk.
“IT in a Box” helped Peachtree Corners:
Peachtree Corners saved $66,459 of the costs typically spent
launching a city network of their environment and size. “IT in a
Box” helped Peachtree Corners establish a strong technology
foundation and create a predictable IT budget.
Sophicity was instrumental in getting Peachtree Corners off the ground and running in regards to all aspects of IT.
They provided the City with outstanding service in putting together the entire IT infrastructure from the desktop
computers and servers to the security to protect it. The support team did an outstanding job during those first
pivotal moments of setting up users for email, answering phone calls for support, and establishing security settings
for each user based on their role with the City. Sophicity was also integral in helping the City build, launch and
maintain our website. - Accounting Manager/Clerk of Court Brandon Branham
Print-friendly version of the Peachtree Corners, Georgia IT in a Box case study.
Sophicity is an IT services and consulting company providing technology solutions to city
governments and municipal leagues. Among the services Sophicity delivers in “IT in a
Box” are a website, online payments, onsite data backup, unlimited offsite storage of data
backups, email, document management, Microsoft Office for desktops, server, desktop,
and mobile management, vendor management and a seven-day a week helpdesk. Read more about IT in a Box.
As cities continue to rely more and more on technology,
they also worry more and more about what’s called “cyber liability.” By not
protecting electronic data in the right ways, cities can find themselves
exposed to lawsuits, fines, and severe operational issues. For good reason,
cities are increasingly worried about cyber liability.
But often, cities don’t know what they don’t know. What needs to be done to protect cities? While we’ve written about cyber liability in detail in the past, we’ll use this post to share three key insights that we heard discussed at a recent panel discussion at the 2013 Kentucky League of Cities Conference & Expo.
To start thinking about cyber liability, consider the
Poor, cheap technology maintenance increases your risk of
viruses, hacking, malware, and other activities that lead to liabilities such
as data theft, fraud, and other cybercrimes.
If you’re still worried about the cost of such technology
investments, we’ll leave you with two thoughts.
To talk about cyber liability in more detail, please contact us.
Many cities and other government entities have rapidly
made the shift from their old email servers and software to cloud email. Many
of the reasons have to do with back-end technology aspects such as easier
management, security, and data backup.
But cloud email is unique in that it’s a technology where
you can actually touch and feel many of its benefits. Compared to older email
services, there are some night and day differences you can actually see and
experience that will have a tangible impact on your day-to-day work and
Here are five features that we’ve noticed particularly
appeal to city staff and administrators.
While we’ve discussed the back-end benefits of cloud
email in past blog posts, the user benefits are just as important in many ways.
What strikes us as especially noteworthy is how many different kinds of
software are now consolidated and leave very little for people to worry about
anymore. Cloud email—like many kinds of cloud software—combines different pieces
of important software and creates an easy-to-use experience while eliminating
some of the annoying aspects of email that used to be so hard to manage.
Overall, cloud email is that rare technology where your city staff can
immediately experience the benefits.
To talk about cloud email in more detail, please contact us.
When we walk into cities for the first time and see
unused servers or watch people using outdated software, it’s easy to blame
these issues on vendors. We might hear “Our servers don’t work right” or “We
were sold the wrong software.” To a certain point, vendors may shoulder some of
the blame. Cities understandably want to make sure they are fully using their
technology investments and that all technology is up-to-date and supported.
But such a situation signifies a deeper problem that also
affects how vendors are managed—and that’s matching your technology to user
needs. It sounds almost too simple on the surface. “Well, of course our
technology meets user needs. People use it, don’t they?”
However, we find that a lot of technology was purchased
without the buy-in of the city employees that actually use it. Sometimes, a
vendor can do an excellent sales job talking about features, but failing to
talk about the user experience. It’s only too late when you realize that the technology
did not live up to its original promise.
Here are some user-focused questions we tend to ask when
evaluating new and existing technology vendors for cities. These questions help
make sure you’re only investing in needed technologies and that the cost of
those technologies will be as low as possible.
Once you thoroughly understand your users’ needs, it
becomes much easier to clearly specify what technology you need, talk to
vendors about only necessary updates and features, and ensure that your
investments are tied to a positive end result. Vendors usually are mismanaged
when you’re not clear on what the technology investment is supposed to do or
who is supposed to gain the most benefit from it. Since vendors will not
necessarily look out for your best interest, you need to do your own upfront
homework to make sure the technology is a fit.
To talk more about vendor management and user needs, please contact us.
Mobile devices that work like computers. Software
accessed from clouds. Servers disappearing because they’re no longer needed.
Technology seems to have gone through another revolution in the past few years,
and it’s understandable if the speed of technology has passed you by to some
For many cities that are focused on budgets, operations,
and citizen services, it’s easy to still think of technology as it was 5 or
even 10 years ago. But while you might feel behind, you actually have a great
opportunity to reevaulate your technology, save money, and improve the quality
of your services without too much disruption to your city.
As we help cities modernize their technology, we often
address the following areas where the old way of doing things is bloated and
Many cities that we’ve helped tend to have this kind of
unintentional bloat from not realizing that technology has evolved rather
quickly in just a few short years. But those same cities are happy because we
find opportunity to cut the bloat, reduce costs, and increase the quality of a
city’s information technology. If you haven’t taken a deep dive into your
technology in a while, we encourage you to start with these five areas.
To talk more about simplifying your technology, please contact us.
organizations using consumer cloud software that stores files will think that
same software is sufficient for data backup. But a recent article from Business Insider
suggests otherwise. The article explains how a professor used Dropbox not only
to collaborate with other people but also as a “backup solution.” One day, 200
files and 3,000 pictures were missing, along with a project where the files
were only stored on Dropbox.
what makes the story interesting to the layperson is that these files also
disappeared from computers and an external hard drive where the professor
thought she was backing up these files. The blame game then ensued. Were the
files deleted? Hacked? Is it Dropbox’s fault?
quote for the article is important for understanding how something like this
"We can say with
confidence that this situation did not stem from any Dropbox issues. Dropbox
users can choose to have files synced across their machines. In that case, all
changes made on local machines, including deletions, are synced."
mistake that this professor—and many other users—make is equating file storage
with file backup. On the surface, this situation looks like a backup issue. But
when you sync files across computers, external hard drives, or mobile devices,
you’re not really backing up those files. It’s just another storage and access
point. If the files are synced, then deleting a file from one place will delete
them in all places.
the software worked exactly like it was supposed to work. While the professor synced
files across multiple computers and devices, her crucial mistake was confusing
storage and access with true data backup. To be fair, consumer cloud solution
providers usually don’t go out of their way to tell people this. Such a message
doesn’t help with their marketing, yet that absence of consumer information can
mislead people as to the extent of how secure their files really are.
line: The sync feature becomes a gaping security hole in using consumer cloud
solutions for data backup.
So, we’ve identified a
common IT amateur flaw: using the same storage service for both data backup and
collaboration. In the professor’s case, think about what can happen. You’re
giving file access to your colleagues and students. One of them accidentally
deletes a file. That deletion syncs to all computers and devices. And the more
people who collaborate, the more the risk of accidental deletion increases.
The key is to clearly
separate your collaboration space and the place where you store your backups.
With collaboration, you often can handle that yourself—sharing a username and
password, giving people access to documents, and providing the ability to make
edits and upload files. But your data backups should be secured in an entirely
different way. Only an authorized person should have the username and password
to any backups. That way, if someone accidentally or maliciously deletes files,
they can’t touch your backup location.
Now let’s look at how to
separate data backup from collaboration.
professor did restore her files by a stroke of luck, you may not be so lucky.
We have four important tips that will help you avoid such a situation.
To talk more about data backup, please contact us.
When you’re cleaning up your office or your house, you
must make decisions related to the stuff you own. What do I throw out? What do
I keep? How long do I keep it? Where do I store it? You might think about the rooms
where you’ll store your stuff, or decide if you need the capacity of an
additional storage location.
A new document management system forces you to make the
same kinds of decisions. Often, cities are faced with process decisions that
they’ve never made before about what they define as critically important
documents, what they are required by law to keep, and when they can get rid of
In this post, we discuss some of the main issues you will
need to deal with concerning the storing and archiving of your documents when
implementing a new document management system.
While tackling the problem of document storage and
archiving can be a difficult task at first, the efforts you take—even if they
are minimal and high level at first—will be well worth it. Ultimately, you want
to make sure your documents are stored in a centralized place, archived as
needed, and disposed of when they are no longer needed. That way, your
employees will be able to find relevant information easily and you’ll be
prepared for open records requests, compliance requirements, and other
situations where ready access to your documents is important.
To discuss document storage and archiving in more detail,
please contact us.
Our Focus | Products | Resources | Company | Contact | Sitemap | Login
© 2009-2014 Sophicity, all rights reserved. Sophicity®, "We put the IT in City”, and the Sophicity logo are registered trademarks of Sophicity.