CitySmart Blog

Tuesday, December 03, 2013
Brian Ocfemia, Technical Account Manager

Information security is not something you should assume or feel in your gut. Yet, a study shows that many organizations think that way. Referenced in a recent PC World article, a joint study between Office Depot and McAfee revealed a few startling statistics about small and medium business owners:

  • “80 percent of the respondents to Office Depot's survey admitted to not using data protection.”
  • “...almost all of them—91 percent—said they don't use endpoint or mobile device security.”
  • “...14 percent of SMB owners [...] said they haven't implemented security measures of any kind in their environment.”
Yet, the study also showed that 66% of SMBs think that their security is just fine. That’s quite a disconnect—and quite a problem.

Since we always notice many parallels between SMBs and cities, it’s safe to say from our observations that many cities feel a similar false sense of security. But are you really secure? To check, ask yourself the following questions:

  1. Is my data backed up onsite and offsite, and tested regularly? First, your data is not secure if it’s not backed up. All it takes it one server failure, one hacker stealing your information, or one theft of a laptop to put your data in jeopardy. Make sure you have your data backed up onsite for common data loss events (like a server failure) and offsite for disasters (such as a tornado or flooding). And test your data backup. We still see too many cities that think they’re backing up data, but their data cannot be restored when they need it.
  2. Is my email software protected with antispam, encryption, and IT management controls? Using a free email service like Gmail or Yahoo leaves you open to too many threats. Many security threats still enter cities through malicious emails with virus-ridden attachments and links. An employee clicks on a link or attachment, and suddenly the city has a virus or data theft on its hands. Your email software should be protected with enterprise-level antispam, contain standard encryption (especially when cities deal with extremely sensitive information), and have good IT management features so that it’s easy to activate and deactivate employee email accounts.
  3. Is my Internet browsing protected and secured? The Internet is another ripe source of viruses and malware if you’re not sufficiently protected. Your city needs enterprise-level antivirus software that can be managed, monitored, and updated by an IT professional. In addition, you may also want to consider additional features such as content filtering (that prevents people from accessing certain websites) and training city staff about how to avoid malicious websites when browsing.
  4. Am I taking care of my mobile security? Despite cities using mobile devices more and more, mobile security is still often neglected. If a mobile device is stolen, can someone access sensitive city email or documents? A combination of city policy combined with the right IT best practices can help make your mobile information more secure. City policy needs to outline how and if outside devices can use or access city information. From there, your IT staff or vendor needs to work with the city to outline how city staff will access email, documents, and databases from a mobile device, along with activation and deactivation procedures in case a device is compromised.
  5. Do I have IT professionals helping monitor and maintain my data? Even smaller cities need IT assistance with monitoring and maintaining data. Perhaps very small businesses can get away with less IT help because they have less to lose. But citizens and businesses depend upon even the smallest cities for critical data. We’ve seen too many non-technical staff at cities try to handle IT responsibilities. Usually those situations end up with gaping security holes from lack of professional maintenance. Invest in an appropriate amount of IT expertise to help you make sure your data is secure.

While the PC World article states that there is no one size fits all situation to help solve an organization’s data security, we do feel that there are some common areas that can be addressed. Yes, each city might approach data backup or mobile security differently. But the point is that these areas need to be addressed, whatever the details. Your city’s data is too important to be so unprotected.

To talk about data security in more detail, please contact us.

Tuesday, November 26, 2013
Dave Mims, CEO

In many of our posts, we mention the cloud. You probably hear that term a lot and get the general idea of it (accessing software, data, and files through the Internet that you would normally access through your own servers). But what exactly makes something hosted “in the cloud”?

Since the cloud has become so important to cities as a way to reduce costs and increase the quality of technology services, it helps to have a non-technical understanding of something very technical. In this post, we’ll take you through what makes something “the cloud” versus normal hardware and information technology services.

Let’s Start with Servers 101

The cloud is built upon servers, so it will help to review what a server is—and does. A server is a specialized computer that hosts important software, data, and files such as your website, your email system, your document management system, your accounting software, etc. Unlike your desktop computer, a server connects to multiple computers so that it can deliver specific information to those computers. For example, if you have an email server, it delivers email to individual computers at your city. Each computer needs to connect to the email server in order to access email.

Traditionally, a city would buy a server for a particular function (such as email) and all city computers would connect to that server to access the information. But sometimes a city is unable to manage its own servers due to complexity, lack of time, or lack of onsite IT resources. That’s when a city might consider a data center.

Data Centers: Your Servers, Hosted Remotely

A traditional data center simply hosts your servers for you. Sure, the server management may be more complex. You might own or lease servers that are dedicated—which means they are solely for your use. Those dedicated servers may be used for one specific piece of software (e.g. accounting software). To reduce costs, your servers may also be shared servers, which means that other customers may share space on the same server if you’re not using all of the space. Shared or dedicated, you access your servers remotely through the Internet. The technology then works exactly as described above.

Data centers might reduce your costs, especially if a data center can host many servers much more efficiently than you can. However, it’s still just placing the burden of your server management onto another company. You still own or lease a machine, and you can even visit the data center to look at your machines if you’d like.

The cloud takes the idea of the data center a step further by eliminating the idea of owning or leasing specific machines.

The Cloud: Servers Become...Virtual

With traditional data centers, machines are still isolated and discrete. Even if you share a server, you can still say that, for example, five customers have websites hosted on one server.

Cloud data centers scale up to such a high degree that they eliminate the idea of discrete servers. To make it easy to visualize, think of a traditional data center with only 100 servers. Those servers are each owned or partially owned by specific customers. That means those machines need to stay separate and discrete. Even if a few servers are not using all of the space available, it doesn’t matter. If your city owns or leases one of those servers, you’re paying for the space—used or not.

A cloud data center instead coalesces the space from all 100 servers into a gigantic pool. From that pool, the cloud data center carves out “virtual servers.” That means instead of a server tied to a physical machine, a virtual server is just a chunk of that overall space from the 100 servers. That means one physical server could be any number of virtual servers, or a virtual server could be distributed across many physical servers. It’s fluid.

In other words, the idea of server space associated with a specific physical server has disappeared. That’s part of the reason why it’s called the “cloud.” At this level, server hosting works almost like magic. All you need is an Internet connection—and you don’t need to worry about hosting your own servers anymore.

Why Cloud Hosting Benefits You

So why is this technology good for you?

First, by pooling together server resources so efficiently, cloud software providers significantly cut costs. Hardware maintenance and software license costs decrease from this gained efficiency.

Second, cloud data centers are usually run by the best, most reliable IT vendors around such as Microsoft, Google, and Amazon. That means they have resources that smaller data centers lack such as 24/7 monitoring, management, and high levels of physical and information security.

Third, cloud data centers are now too big to fail since so many large businesses and government entities rely on them for mission critical data. For example, Google cannot go out of business. That same technology benefits you. Cloud software originates from servers with multiple Internet connections, a great deal of redundant backup power, and data spread across different geographies. Short of an Internet outage local to your own area, cloud software rarely fails. And even then, once the power comes back on, you can access your data again.

As you can see, servers have grown up quite a bit and, in a way, have “ascended” into the cloud.

To talk about the cloud in more detail, please contact us.

Thursday, November 21, 2013
Alicia Klemola, Account Manager

Back in June, we wrote about Windows 8 and offered an analysis about whether cities should upgrade. On October 17, 2013, Microsoft released Windows 8.1 and offered a variety of improvements that attempted to remove many of the reasons that dissuaded organizations from wanting to adopt Windows 8.

Our analysis of Windows 8 pointed out two key problems: a lack of business urgency in upgrading, and a confusing user experience. We know that cities need software that is functional and easy-to-use, so switching to something that is perceived as unessential and confusing might prevent an upgrade.

We dug through many Windows 8.1 reviews and conducted our own analysis to highlight the key improvements. Let’s see how Windows 8.1 compares to the original Windows 8.

  1. Windows 8.1 looks more like the Windows you’re used to. Windows 8 featured tiles that are more intuitive to interact with on a tablet but ended up frustrating people who used a traditional keyboard and mouse on their computers. With Windows 8.1, you now have a familiar Start button that makes better sense of all the tiles. Plus, there is a “boot to desktop” option (although you have to dig deep into Settings to find it) that lets you change the look of Windows 8.1 into the traditional desktop view that you’re used to. All of these new enhancements give users some options to make Windows 8.1 look and feel more like past Windows operating systems.
  2. You can now search everything on your desktop, in the cloud, and on the Internet in one fell swoop. One annoying aspect of Windows 8 was that when you searched for something, it limited that search to specific areas of your desktop. If you were searching for something and having trouble, you might have to jump around to different areas of your computer. With Windows 8.1, search works more like Google (or should I say Bing!). It pulls up everything for a particular query no matter where it is: your desktop, the cloud, or the Internet. Having Internet results come up in search results along with your own files can be especially handy for doing research.
  3. You have much more flexibility in arranging your desktop the way you like. The original Windows 8 seemed so obsessed with its own particular design that it prevented you from changing the way things looked or worked. With Windows 8.1, you can arrange groups of apps on your screen, set which apps are default (e.g. setting a different default web browser other than Internet Explorer), use up to four apps at once on your screen (instead of two with Windows 8), and better personalize the look of your desktop.
  4. Cloud integration is much better. Windows 8 placed a big burden on your computer by still requiring you to store files on your hard drive if you wanted complete access to them. That means filling up your hard drive with large files that eat up space and slow your computer down. Windows 8.1 has improved upon this limitation through a better integration with Microsoft’s cloud storage (SkyDrive). That means you essentially have links to your files that you only download and pull up when you’re working on them. Otherwise, they are stored and backed up in the cloud—not on your computer.
  5. More security features are embedded within Windows 8.1. Some helpful security features have been added that make your computer much safer. We found that encryption and anti-malware is much better in Windows 8.1 than in Windows 8. When these kinds of security features are more embedded into an operating system, it makes it safer for people to use and easier for IT professionals to support. In addition, there are many new innovative security features too numerous to list here. Two quick examples are “Windows to Go,” which can incorporate an entire work desktop onto a USB drive and be used securely on someone else’s computer without mingling business and personal files; and “Applocker,” which can prevent people from using or accessing specific files and applications.

Given these improved features and user experience, cities may want to consider upgrading to Windows 8.1 if it makes sense for their particular situation. Even though Windows 8.1 is easier to use than Windows 8, there is still going to be a learning curve for city employees—just like any major operating system or software upgrade. You also want to make sure that your applications and software can run on Windows 8.1. Some older versions of accounting, court, or other key operational software might not work on Windows 8.1, so you’ll want to do a full application compatibility analysis.

As of the date of this blog post, Windows 7 is still used by about 46% of all computers while Windows 8 and 8.1 are only used by about 9%. Many are still sticking with Windows 7 for now, but Windows 8 and 8.1 will increase in adoption over time. Depending on your situation, there will be a right time to switch. Just make sure you don’t make the leap before looking.

If you want to discuss Windows 8.1 or your current operating system in more detail, please contact us.

Tuesday, November 19, 2013
Nathan Eisner, CMO

If you’re used to sending and distributing documents through email or dumping them onto a shared drive in a crazy variety of folders, you’re probably glad to know that a document management system will eliminate those chaotic problems. But how? Once your document management system is implemented, you might wonder how you’ll distribute or receive documents if you’re no longer using email or shared folders.

Early on, your city should establish clear business processes for documents that establish and smooth out how documents will be distributed. In this post, we discuss five key setup areas that help take the mystery out of document distribution and make it much easier for city staff.

  1. Set up a clear workflow. This step is probably the hardest but most well worth your time before you start using your document management system. Take the time to establish the workflow for creating specific documents that you collaborate upon and share on an ongoing basis. Figure out:
    • Who kicks off and oversees the document workflow?
    • Who creates the document?
    • Who reviews the document?
    • Who approves the document?
    • Who receives the final document?
    Since the people involved in creating a document might change over time, define roles like “creator,” “reviewer,” or “approver” that can be filled in by specific people. This way, you can make sure that there is someone filling each role and receiving documents when it’s that person’s turn to step into the process.
  2. Set up notifications (usually email). Once you set up workflow roles and tasks, you need to set up notifications for the people assigned to each task. This is how you ensure that people are alerted to knowing if it’s their turn to handle a document. An email notification provides a just-in-time notification with a link to the document in the document management system. Notifications are an automated, user-friendly way to let people know about documents ready for editing and review, instead of having to manually send people reminders through email.
  3. Set up access and permissions. Obviously, people can go in and access documents whether they are notified or not. To ensure that people can’t go in and disrupt an ongoing review or access unauthorized documents, it’s essential to set up clear permissions for people. This also means giving people access only at certain points in a process, and prohibiting even people who participated in creating or editing the document from altering it after it’s approved. This avoids the document distribution issue of accidentally sending someone the wrong document or people altering documents before or ahead of schedule.
  4. Set up document versioning and locking. You want to make sure that people are only working on the latest version of a document, so setting up versioning and locking capabilities helps ensure the quality of the workflow. A common document distribution problem is having multiple versions of the same document sent to different people so that no one knows if they’re working on the current version. In a document management system, a reviewer should know that a) she is working on the latest version of the document and b) no one can edit it until she is done and passes the document along to the next person in the workflow.
  5. Set up archiving. Once a document is finalized and approved, it’s time to archive and store it. That means letting any interested parties know that the document is final and available for read-only access. The document cannot be altered or edited after this point unless sanctioned by an authority within the city (where it will have to go through a document update workflow). Some common problems with document distribution include knowing where to find approved documents, asking certain people to send them to you who have these files stored on their individual computers, and wondering if the document you have is really final or not. With a document management system, it’s clear where to find approved documents, how to notify people when they are approved, and that documents are stored in a centralized location.

As you can see, document management systems can potentially solve a lot of chaotic document distribution problems. But a city needs to spend non-technical time defining workflows. Once that happens, your IT staff or vendor can help you set up notifications, permissions, versioning, and archiving that help enact your workflows. Then, you’ll see that the problems of asking yourself “Where’s that document?” will go away. No more searching through your emails or shared drives. Instead, you’ll know exactly where to access your documents.

To talk more about distributing documents within a document management system, please contact us.

Friday, November 15, 2013
John Miller, Senior Consultant

While many cities agree that they need to store and back up their data offsite, we often get into a lot of complicated discussions about what “offsite” actually means. Isn’t “offsite” literally someplace that is not onsite at the building where you’re storing your information? Why doesn’t a particular “offsite” building count as offsite?

To help clarify what constitutes as “offsite,” let’s run through some imaginary but representative scenarios that we often hear when talking to cities. In these scenarios, we’ll assume the onsite data is stored at City Hall.

Scenario 1: We store our data backups “offsite” at the fire station down the street.

Why it’s not “offsite”: While you are storing your data in a completely different building, it’s too geographically close to City Hall. If a tornado, thunderstorm, or other weather disaster were to affect several blocks of the city, both City Hall and the fire station would be at risk of losing all data. Disaster recovery needs to account for a catastrophic disaster, so having your data stored “offsite” down the street is just not far enough away to constitute as true offsite data backup.

Scenario 2: We store our data backups “offsite” on a flash drive at the mayor’s house.

Why it’s not “offsite”: Even if your mayor is the most trustworthy person in the world, this is a bad solution from all perspectives. First, the mayor likely lives nearby, so the same proximity flaws from Scenario 1 apply. But you are also introducing other risks. What if the flash drive is lost or stolen? Where is the mayor storing the flash drive? On a kitchen table? In a vault? Near water or coffee or something magnetized? How do you know that the mayor isn’t storing the data somewhere else? What happens if the mayor is not reelected? Does the new mayor have to keep the city’s data at his or her house? Having a single person handling a portable piece of media like a flash drive and carrying it back and forth from home to City Hall, even if they’re diligently doing it every day, is way too risky.

Scenario 3: Our IT provider stores our backups at his house.

Why it’s not “offsite”: Not only is this completely unprofessional for an IT provider, but it’s like a worse version of Scenario 2. At least the mayor is someone elected to look out for the best interests of the city. An IT provider’s job is to get paid to implement data backup best practices that mitigate risk for the city. You may even know the IT provider, but in no way should you ever trust your data to reside at anyone’s house. The liability is enormous. What if you decide to sever relations with this IT provider? What if the IT provider gets angry and holds your data hostage? What is the IT provider doing with your data at home? How is your IT provider able to test and audit your data professionally? Any backups stored at someone’s house is a bad, bad, bad strategy.

Scenario 4: Our data backups are stored at a building about six miles away from City Hall.

This scenario is not as bad as the others, and it’s tempting to allow for such distance to constitute as offsite data backup. Another temptation connected to keeping data within driving distance is a sort of irrational feeling of security—if the data is close and you can drive to see it, it feels safer. But again, think of natural disasters. Earthquake. Tornado. Hurricane. Flooding. It’s not uncommon for such disasters to tear across wide swathes of a city. For true 100% disaster recovery, you need to make sure your data is stored much further away—quite geographically remote from your city.

So, if the above scenarios are not offsite, what does constitute offsite? As a general rule, offsite backup should meet the following criteria:

  • Data should be backed up in a secure facility. A secure facility means a professionally operated data center with full security and best practices applied. People’s houses are not a secure facility.
  • Data should be backed up in a geographically remote location far from where the actual data is stored. In other words, if there is a natural disaster such as a flood or tornado, the offsite backup should not be threatened as well. Six miles away is too much of a risk, so we recommend cloud data backup or at least having the data backed up in a completely different part of the country.
  • Data backups should be encrypted. While most cities pay attention to onsite data encryption, they often ignore offsite data encryption. Your offsite data backup needs just as much care as your onsite data backup. If it’s stolen, that data should be useless to the thief or hacker.
  • Data backups should be automated. That means no human involvement at all. Somebody from a city should not have to physically move backup media (such a flash drive) to an “offsite” location.

And today, you have a great opportunity to do offsite data backup right. With such cheap unlimited cloud data storage available, there are plenty of good and easy-to-setup options for offsite data backup. The costs have lowered so much and the quality of offsite data backup has risen so much that even smaller cities can affordably implement automated, encrypted, secure data backup.

To talk about offsite data backup in more detail, please contact us.

Wednesday, November 13, 2013
Clint Nelms, COO

Just like greeting and orienting someone when they walk into City Hall, a city’s website must do the same thing with its City Hall website page. Your City Hall page might also be called City Services or serve as the City Clerk’s page. However you organize your information, you need a page that introduces citizens to city administrators and directs them to your most important services.

While the content on this page should be basic and functional, you want to make sure you provide a good balance of relevant and thorough information. We see too many City Hall pages as only dry lists of names or lacking essential information. In this post, we provide some tips about what content you need for a successful City Hall page.

  1. Cover the basics. First, make sure you have all essential information about City Hall outlined. People will sometimes need to come to City Hall to pay bills, attend meetings, or talk to the city clerk. Provide the address, directions, and hours in an upfront place where they are easy to find. Many websites even use a simple Google Maps widget that allows people to see where City Hall is located and plug in their address to get directions.
  2. Create a brief welcome message. It doesn’t have to be long, but create at least a paragraph of text or a short video that welcomes people to the City Hall page. A welcome message brightens up the page, personalizes the information, and allows you to highlight any important points. Don’t write too long of a welcome message. People won’t read it, and it may force people to scroll down the page to get to the information they actually came to find.
  3. Offer quick links to popular services. If citizens commonly tend to ask about certain services, departments, or people, then provide quick links at the top of the page to help people get to that information faster. You might look at your website traffic or simply use your knowledge of what people ask about on the phone or in person to create a list of your top services. To be even more helpful, use language that people would use (e.g. “I need a business license…” instead of “Business Services”).
  4. Provide a directory to all services. Large or small, cities need to provide a list of people, departments, and services that citizens would contact or access at City Hall. Include phone numbers, extensions, and email addresses (or another way to electronically contact a person). To protect email addresses from getting picked up by spammers, you can spell it differently (e.g. sales AT sophicity DOT com) or use a form instead. Depending on your website design and programming capabilities, you can offer up your directory in many ways—but make sure that it’s easy to access and browse the information.
  5. Identify key leadership contacts above all other contacts. A citizen shouldn’t have to dig through a directory to find key City Hall contacts like the city manager or city clerk. Highlight these contacts above all others and include a headshot if possible. Not only is it helpful for citizens but you also create a better impression when you highlight your City Hall leadership. People feel more comfortable about a city when they feel they know their city manager and city clerk by name and face.

While function really takes precedence on this page, you want a few flourishes that show you’re a good host—like City Hall itself. Your City Hall is about business, steering citizens to where they need to go. But you also welcome them, smile, and engage them in some small talk before moving them on their way. Your City Hall web page works in the same way. Greet citizens, be helpful, and use the information you present and prioritize on your City Hall web page to send them on their way.

To talk about website content in more detail, please contact us.

Thursday, November 07, 2013
Brian Ocfemia, Technical Account Manager

A very nasty computer virus called Cryptolocker is circulating around businesses, government entities, and many other organizations. We’ve already seen one city infected with this virus and have heard of several other victimized cities. This is not something you want infecting your city’s computers.

To help protect you against the Cryptolocker virus, we’ll answer some common questions and offer some proactive tips—especially if you feel unprotected against viruses.

Cryptolocker Questions & Answers

What is ransomware?

Ransomware is one of the scariest viruses out there. We’ve become so dependent on our electronic data, either on our computers or in the cloud, that losing access to that data would be devastating. And hackers know that. So, they prohibit access to your data in exchange for a ransom. It’s the digital equivalent of taking your most valuable possessions hostage.

What does the Cryptolocker virus do?

It encrypts the hard drive of your infected computer, meaning you cannot access or read your data. A popup window will appear and you’ll read a ransom demand for money in exchange for what’s called a “private key” so that you can decrypt your hard drive. It’s like a hacker has a padlock on your data, and the hacker has both keys. Supposedly, if you pay the hacker it’s like they give you one key and you both open the padlock at the same time.

Should I pay the ransom to get my files back?

We typically do not recommend paying the ransom. The hackers will tell you that if the money is not paid within a certain amount of time (usually about 24 hours) then the private key is destroyed and the contents of your computer are lost forever. But these are criminals. Once they have your credit card information, what will stop the hackers from using your credit card information again (or even stealing your identity)?

So how do I get rid of the virus?

In the short term, an enterprise-level antivirus solution can easily detect and eliminate the virus. However, if you already saw the popup window demanding a ransom, then it’s already too late to unencrypt your files. You’ll lose your data, but the virus will be eliminated by the antivirus software.

In the long term, or even if you haven’t been infected by the virus, you want to take proactive steps to protect yourself from Cryptolocker and other viruses.

  1. Use an enterprise-level antivirus solution. Avoid free antivirus software or relying on city staff to manage antivirus software on their own computers. You need a more professional solution that is managed by IT professionals and updated regularly. Enterprise-level antivirus software also has better monitoring capabilities, often preventing viruses from ever affecting you. In the case of Cryptolocker, enterprise-level antivirus software would likely have stopped the virus before it started encrypting your files.
  2. Use antispam software. Since Cryptolocker can spread through malicious files in emails, you need ways to better block email before it gets to users. Many cloud-based email solutions have excellent antispam and antimalware software built in, or you can purchase enterprise-level software if you host your own email.
  3. Implement a regularly tested data backup and disaster recovery solution. In case the worst happens, having a data backup and disaster recovery solution in place—both onsite and offsite—will ensure that you have a backup of your files in another location that the hackers cannot reach. Do not simply use a free file storage service where files are synced—rather than backed up—across different storage locations. Access your files in one place, and back them up in another place. And test your backups at least once a quarter.
  4. Train city staff about basic online safety best practices. On a basic level, your city staff should be able to identify obviously suspicious email messages, avoid clearly malicious websites, and never give out their username and password to an untrustworthy source. Your city administration and IT vendor should be clear about how sensitive information is shared so that it’s easier for people to detect fraud when that process is violated.

If you feel unprotected against a virus of this caliber, please contact us. We will be more than happy to answer any questions you may have.

Tuesday, November 05, 2013
Dave Mims, CEO

GMA helps city procure equipment to start operations and launch website, data backup & disaster recovery, and email.

As one of the newest cities in Georgia, Peachtree Corners is located in fast-growing Gwinnett County in metro-Atlanta. Located near successful business clusters such as Technology Park and The Forum, Peachtree Corners is a planned community that is now the largest city in Gwinnett County. Like any new city, Peachtree Corners is creating everything from scratch – from its vision of the future to the most tactical aspects of its operations.

Challenge

From the start, Peachtree Corners needed robust IT to help them hit the ground running. Like most cities, they needed a website, basic hardware to help run operations, software licensing, and email. Without the basics in place early on, Peachtree Corners would not be able to effectively serve citizens—and these citizens would be watching this new city very carefully.

In addition, Peachtree Corners also had to think about ongoing costs that included data backup, disaster recovery, website hosting, website content management, hardware support, and access to a helpdesk. The city had not yet budgeted for longterm future IT costs, and the potential high cost of building an IT infrastructure seemed daunting.

Solution

Peachtree Corners solved these challenges by using the Georgia Municipal Association’s “IT in a Box” service. Powered by Sophicity, “IT in a Box” is a complete IT solution for cities and local governments. The service includes a website, online payments, onsite data backup, unlimited offsite storage of data backups, email, document management, Microsoft Office for desktops, server, desktop, and mobile management, vendor management and a seven-day a week helpdesk.

Results

“IT in a Box” helped Peachtree Corners:

  • Launch a high quality, user-friendly website.
  • Ensure a highly available and dependable email system.
  • Mitigate the risk of data loss through onsite and offsite server backups.
  • Procure and configure computers and network equipment needed to start operating.
  • Provide enterprise-level helpdesk support for its staff along with day-to-day technology monitoring and maintenance.

Peachtree Corners saved $66,459 of the costs typically spent launching a city network of their environment and size. “IT in a Box” helped Peachtree Corners establish a strong technology foundation and create a predictable IT budget.

Sophicity was instrumental in getting Peachtree Corners off the ground and running in regards to all aspects of IT. They provided the City with outstanding service in putting together the entire IT infrastructure from the desktop computers and servers to the security to protect it. The support team did an outstanding job during those first pivotal moments of setting up users for email, answering phone calls for support, and establishing security settings for each user based on their role with the City. Sophicity was also integral in helping the City build, launch and maintain our website. - Accounting Manager/Clerk of Court Brandon Branham
If you're interested in learning more, contact us about IT in a Box.

Print-friendly version of the Peachtree Corners, Georgia IT in a Box case study.

About Sophicity

Sophicity is an IT services and consulting company providing technology solutions to city governments and municipal leagues. Among the services Sophicity delivers in “IT in a Box” are a website, online payments, onsite data backup, unlimited offsite storage of data backups, email, document management, Microsoft Office for desktops, server, desktop, and mobile management, vendor management and a seven-day a week helpdesk. Read more about IT in a Box.

Friday, November 01, 2013
Alicia Klemola, Account Manager

As cities continue to rely more and more on technology, they also worry more and more about what’s called “cyber liability.” By not protecting electronic data in the right ways, cities can find themselves exposed to lawsuits, fines, and severe operational issues. For good reason, cities are increasingly worried about cyber liability.

But often, cities don’t know what they don’t know. What needs to be done to protect cities? While we’ve written about cyber liability in detail in the past, we’ll use this post to share three key insights that we heard discussed at a recent panel discussion at the 2013 Kentucky League of Cities Conference & Expo.

To start thinking about cyber liability, consider the following points.

  1. First, look at your data backups, since data loss is the most common cyber liability. Simply having the right data backup will save you the most worry about cyber liability. Yet, so many cities still have critical gaps in their onsite or offsite data backup. Cities need to address the following points:
    • Onsite data backup for quick recovery in case of something like server failure.
    • Offsite data backup in case of disaster like fire, flooding, tornadoes, or theft.
    • Testing data backup to ensure that it’s working. We still see so many cities that don’t test their data backup, and that lack of testing often leads to a greater risk of data loss.
    • Auditing data backup by providing documentation and evidence that your data backup is working.
  2. Assess the current state of your technology assets and ongoing maintenance. While tight budgets might be an excuse for not overspending on technology, that doesn’t mean you should neglect investing in the right technology. We see liability result from the following scenarios:
    • Minimal, reactive technology support. Fixing something only when it breaks is a form of neglect and increases liability.
    • Using cheap IT vendors that don’t document their processes, skip industry standard best practices, and host your servers in poorly maintained environments.
    • Poor security, such as lack of enterprise-level antivirus software, weak passwords and administrative credentials (which increases the risk of hacking), and poor configuration of your hardware and software.

    Poor, cheap technology maintenance increases your risk of viruses, hacking, malware, and other activities that lead to liabilities such as data theft, fraud, and other cybercrimes.

  3. If you’re a smaller city, you’re more susceptible to cyber liability. Big cities might receive more publicity when cybercrimes occur, but small cities are the most susceptible to cyber liability because they often don’t spend money to protect themselves. And many think they’re too small to be a target. However, hackers are quite sophisticated and they look for easy targets. Small cities don’t need a lot of technology investment to protect themselves, but at a minimum they need to make sure that:
    • The city’s website is hosted and secured professionally.
    • The city’s data is backed up both onsite and offsite, with regular testing and auditing.
    • The city’s technology infrastructure is proactively maintained and monitored for any issues.
    • The city has enterprise-level antivirus, antispam, and patch management software helping keep technology secure and up-to-date.
    Cyber liability is really only messy when you don’t prepare for it and suffer the end result of an issue like data loss or fraud. But when you simply invest in data backup and modern technology, most of your cyber liability problems go away.

If you’re still worried about the cost of such technology investments, we’ll leave you with two thoughts.

  • Even for small cities, the cost of important technologies has come down while the quality has gone up. If you’re worried about areas like data backup that used to be cost-prohibitive, you’ll be surprised at how affordable a basic solution costs today.
  • If you’re still wary of even adding these low costs to your city budget, think of this investment like insurance. While car insurance can be a bit expensive sometimes, the cost of an accident can be catastrophic. The same rationale goes for cyber liability. Invest in the right technology like insurance. Otherwise, it’s more probable you will experience a cyber liability incident, and the cost of dealing with that incident will far exceed the low monthly costs of investing in the right technology to protect yourself.

To talk about cyber liability in more detail, please contact us.

Tuesday, October 29, 2013
Dave Mims, CEO

Many cities and other government entities have rapidly made the shift from their old email servers and software to cloud email. Many of the reasons have to do with back-end technology aspects such as easier management, security, and data backup.

But cloud email is unique in that it’s a technology where you can actually touch and feel many of its benefits. Compared to older email services, there are some night and day differences you can actually see and experience that will have a tangible impact on your day-to-day work and operations.

Here are five features that we’ve noticed particularly appeal to city staff and administrators.

  1. No hardware. While this will matter more to city administrators or anyone who manages email servers, it’s still a revelation when email servers go away. One of the biggest hassles with traditional email has been its management. That includes servers to purchase, maintain, upgrade, patch, and restart when they crash. Hardware means IT staff, vendors, or even non-technical staff worrying about these machines on a 24/7 basis. Cloud email just requires an Internet connection. This aspect alone removes a lot of headaches.
  2. Anti-malware built in. Most cloud email vendors build anti-malware tools right into their software. This helps prevent most spam email from ever entering a user’s inbox and protects users from clicking on malicious attachments. In the past, cities would often need to install anti-malware software separately. This led to potential email / anti-malware software integration issues, and it involved separate software to purchase, manage, and maintain. With anti-malware built into cloud email, you don’t even have to think about it anymore.
  3. Instant messaging built in. Instant messaging used to be seen as frivolous and distracting by most businesses and government entities, and that perception may still carry into a few cities today. In addition, using instant messaging meant yet another software program to install and manage. Today, the novelty of instant messaging has worn off in a world of social media and mobile communications. Instant messaging is now really just a handy way to quickly communicate with colleagues and it’s built right into cloud email.
  4. Large files easily handled. One of the most annoying things about traditional email servers is the inability to handle large files such as images, zip files, or multiple documents. That’s because email servers could only handle so much load and it restricted the size of each email, along with restricting the total number of emails you can store. With cloud email, file sizes are rarely an issue because of significantly increased storage space. Cloud servers also easily handle emails with large attachments because of vastly superior server capacity.
  5. Integrates easily with mobile phones. While email on mobile phones isn’t new, the power of cloud email on mobile phones is revolutionary. In the past, you may have been restricted to a specific service (like Blackberry) which required its own server, or you may have struggled to connect your own email servers to mobile phones. If you dealt with your own email servers, that meant managing many mobile phones which all constantly accessed your email servers. Service could be sporadic, especially as so many different mobile phones presented unique access problems. With cloud email, mobile phones simply use an app, some log-in information, and you’re accessing email as easily as any Internet service.

While we’ve discussed the back-end benefits of cloud email in past blog posts, the user benefits are just as important in many ways. What strikes us as especially noteworthy is how many different kinds of software are now consolidated and leave very little for people to worry about anymore. Cloud email—like many kinds of cloud software—combines different pieces of important software and creates an easy-to-use experience while eliminating some of the annoying aspects of email that used to be so hard to manage. Overall, cloud email is that rare technology where your city staff can immediately experience the benefits.

To talk about cloud email in more detail, please contact us.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 |
Contact
Contact a Sophicity Consultant Now To Find Out How We Can Help Reduce Your IT Costs Go
bottom