While states vary in their cybersecurity
laws, it’s clear that the stakes are rising for cities to protect their data
from loss or theft. Kentucky’s HB 5 is a great example of how states are
starting to push for higher cybersecurity accountability, and other states are
sure to follow. And it makes sense. With taxpayer dollars funding public
services, it’s important that citizens know their information is protected if
they are required to hand it over for taxes, public safety and municipal court
requirements, business licenses, etc.
Ensuring that you’re cybersecure starts
with certain information technology essentials. Whether you’ve neglected to
invest in your IT for a while or are continually improving it year after year,
it’s worth taking a look to see if you’ve got the right cybersecurity foundation in
Having basics such as data backup,
offsite data storage, business-class email, document management, and IT
professionals monitoring and maintaining your hardware and software will go a
long way toward meeting most of your cybersecurity needs. In rare cases, you
might need more specialized security such as encrypting single computers or
building a private cloud, but investing in information technology essentials
means most of your cybersecurity worries go away. While IT may seem costly sometimes,
ask yourself, “What’s the cost of a data breach if citizens’ personal
information is stolen?”
To talk more about cybersecurity, please contact us.
In the early
days, websites worked a lot like one-way brochures or printed material. You
created something for someone to read, they read it, and the “transaction”
ended there. Perhaps contact information or a next step existed, but it wasn’t
that important. Websites simply communicated information to people, and that
terms like “calls to action” and “conversion” are inescapable when talking
about modern websites. All this means is that websites have become ways to get
your audience to interact with you. In other words, you get them to do
something. If your website shows signs that no one is taking action based on
the information you provide, then it’s considered a failure or a wasted
it might be easier to avoid measuring this kind of engagement, but you will
serve citizens better if you pay more attention to “calls to action” on your
website. In fact, you’re probably already seeing citizens engage more heavily
with some parts of your website than other parts.
some common calls to action that you may want to add, enhance, and improve on
your city’s website.
think of more calls to action beyond the five listed above. No matter what they
are, calls to action help get your citizens to do something, to engage with
you. Signs of their activity will show unmistakable proof that your website is
useful to citizens. You may also find that some calls to action are less
popular, or that calls to action may be too hard to find. Fixing and tweaking
the way you engage with citizens will go a long way toward improving the way
you communicate to the outside world through your website and make it much more
useful to people.
To talk in more detail about website calls to action, please contact us.
One of a city clerk’s most
important duties is handling documents to follow state or local record
retention policies. Because these policies usually follow from a law, it’s
important that city clerks meticulously maintain their records. However, this
job grows more challenging, especially as the volume of information increases
so rapidly today. Paper documents, electronic documents, PDFs, emails, etc. all
require retention according to strict rules.
To handle this kind of policy
precision with such a high volume of documents requires that city clerks rely
more and more on technology. If a city has not considered a modern document
management solution, they may be surprised at the records retention benefits
First, it’s useful to know
two key things that happen with a document management system that will help
your record retention activities.
If you still think that your
current processes are fine and that document management might be overkill,
consider the following benefits that will impact your work as a city clerk.
As you can see, the benefits
of applying record retention policies to a modern document management system
has the potential to save you money, time, and hassle. Once implemented, you
will find that the benefits ripple out much further than just affecting your
role as city clerk. Other departments will enjoy the ease of finding documents
more quickly, elected officials will like the quick responses to open records
requests, and citizens will like the transparency. Many embarrassing city situations
often arise when they cannot find information due to outdated document
management methods. You’ll be ahead of the curve by applying best practices to
your role as a city clerk through leveraging technology to help you do your
To talk about records retention in more detail, please contact us.
Television shows such as The Walking Dead have placed the city of Senoia squarely in the spotlight. That means more tourists, more attention, and more demands on city services. Plus, stricter expectations of government entities about records retention, data backup, and cybersecurity led the city of Senoia to consider ways of quickly modernizing its information technology.
After looking at some costly options that would have addressed each technology area, Senoia took a look at the Georgia Municipal Association’s IT in a Box service. Not only did it fit the city’s budget, but the service also modernized many technology areas in one fell swoop including data backup, disaster recovery, and hardware.
Senoia City Clerk Debby Volk spoke to GMA about how IT in a Box—powered by Sophicity—helped modernize the city’s information technology, how it improved their response to open records requests, and why cities need to modernize critical aspects of their information technology before an emergency happens.
As a growing city, we needed to modernize our information technology on a few levels. First and foremost, we identified a need to more effectively archive our email. We also lagged behind in many technology areas such as data backup, disaster recovery, document management, hardware, and networking equipment. Other productivity issues, such as everyone having different versions of Microsoft Office, also made it hard to share documents and files with each other.
We did attempt to look at these problems in a piecemeal fashion, but the solutions were costly and required high cost IT consultants. Plus, we needed more responsive IT support without it breaking our budget. Sometimes it could take up to three days for someone to help us out with an IT issue, and that was becoming too long a wait.
First, it’s important that email archiving is modernized and as up-to-date as possible. The expectations attached to open records requests increase each year, and we wanted to make sure we could respond quickly without consuming many days of staff time. All cities are eventually going to need to modernize email archiving, and Sophicity provided a strong platform while also offering the ability to conduct the email searches. The mayor, city manager, and city attorney all saw that aspect as important.
Second, our city manager made some calls about IT in a Box after hearing that it was offered through the Georgia Municipal Association. He was very pleased about what he heard. Because Sophicity provided so many essential aspects of IT bundled together under a low price, it was really a no brainer—especially because we knew many other Georgia cities used it.
Our emails are now archived and they can be easily retrieved. When we receive an open records request now, Sophicity handles the difficult work of finding the emails. We sit back and let them handle it. Because it’s an enterprise class email system, we don’t have to worry about a host of problems that plagued us before. For example, even if a user deletes an email, it’s still archived and findable if it’s needed as part of an open records request.
Also, Sophicity modernized our information technology across so many areas. They helped us replace servers and network equipment, upgraded our software, and established 7 day a week helpdesk support. Our technology is now faster and more stable, and we’re able to do so much more than previously. If there’s a problem, we call Sophicity. If there’s a problem with a hardware or software vendor, Sophicity handles all communications. They work with those vendors to resolve issues and keep all software continually upgraded. Sophicity even came down onsite on a weekend in order to handle an important issue with our public safety’s technology.
This modernization has saved us a lot of time and allows for a predictable IT budget instead of reactive, unpredictable hourly charges. All of our Microsoft software is up-to-date and consistent, so we can all share files with each other easily. And probably most importantly, we’re prepared in case of a disaster. If a server crashes or even if a major disaster destroys our buildings, our data is recoverable and accessible in hours. Our data is stored both onsite and offsite, and Sophicity tests our backups on a regular schedule.
Cities need to find an information technology solution that covers important needs from email archiving to data backup. Like insurance, it’s not a matter of if but when an emergency will happen. Cities need to find a solution to their IT needs before an emergency occurs. Luckily, we haven’t had an emergency but we now feel secure knowing that Sophicity handles such important needs with our data and technology. Things like email archiving and data backup are not nice-to-haves anymore. They are necessities. It’s good to know that GMA and Sophicity are taking care of us, and it’s one less worry for us here in the office.
Originally published on the Georgia Municipal Association website.
Our very own Nathan Eisner, COO of Sophicity, delivered training to cities on Cyber Security on Tuesday, March 3 in Waycross, Georgia and today in Moultrie, Georgia. Accompanied by Pam Helton from the Georgia Municipal Association, the training sessions focused on preparing city staff and elected officials with a non-technical foundation to ensure their cities are properly protecting their data.
For more information, take a look at the GMA flyer.
for police officers have quickly gone from an expensive novelty to something
that cities need to seriously consider. Even the President is now placing
pressure on cities and pushing for financial incentives to help pay for body
cameras. A recent article from The Arizona Republic points out
that body cameras will actually become the norm within 10 years. Like it or
not, these technology-intensive cameras will eventually become part of your
public safety budget—if they aren’t being considered already.
articles focus on the cameras, the logistics, and the politics of body cameras,
many gloss over the underlying technology. If you’re using, actively planning
for, or discussing the use of body cameras for your police officers, then we
want to offer up a few questions you need to consider that are easy to
might fear the costs of having to invest in body cameras, the situation gives
cities an opportunity to examine the state of their current technology. Many of
the questions above don’t just apply to body camera data. Data backup, disaster
recovery, record retention, data storage, encryption, security, and testing
come into play with all city data and information. Luckily, many of the investments
needed are more cost-effective than ever.
about storage, security, and data backup needs for body camera data, please
all heard overblown technology claims, such as “Apple computers never get
viruses.” But they do, and when they do there is outrage and possible backlash
against what’s still a pretty good product. Similarly, we still hear claims
such as the cloud being 100% reliable and that upgrades and maintenance don’t
interfere at all with users. Then, when there is an outage or some downtime
related to maintenance, the critics point fingers and claim that the cloud did
not deliver what was promised. Often, they will also use that frustration as an
argument that they want to go back to hosting their own servers and bring back
their software onsite.
happening here is common in the world of technology (and with many other things
in life). A new technology legitimately improves upon a previous technology,
but the expectations are set too high. So even if expectations reach 99.9%,
critics will rip apart the 0.1% that caused it to not reach 100%. But if we’re
accustomed to lower expectations from old technology, then something we expect
to work 85% of the time will delight us if it hits 90%, even if that means
higher costs and more risk than with modern technology.
A recent article on LinkedIn
lays out some common points that people bring up to shoot down the cloud based
on real but skewed data. The author points out three representative points that
often cause a lot of doubt, but let’s look closer at these oft-heard claims.
92 outages totaling 39.77 hours for the year. As stated by Microsoft's own
Chief Reliability Strategist David Bills, cloud service failure is, "inevitable".”
Reality: By focusing only on
the total amount of downtime during the year, it’s easy to miss the high
percentage of total uptime. If cloud services run 24/7/365, that means Azure’s
uptime during 2014 was 99.5%. And Azure was actually the anomaly by a long shot.
Other common cloud services
such as Rackspace, Google Cloud Platform, Joyent, and Amazon Web Services all
had higher than 99.9% uptime. From our experience, these performance results
easily beat out most onsite servers and match or exceed most data centers.
Cloud service providers invest in plenty of redundant power lines, generators, and
Internet connections that ensure such high uptime for a variety of customers.
Their resources far outpace most onsite setups and smaller data centers.
“A recent Verizon 40
hour cloud shutdown proved that cloud DC maintenance is not seamless in all
Reality: First, it’s
important to note that this situation with Verizon is another anomaly. The article from which the author quotes
clearly says, “For an industry that generally measures downtime in minutes or
several hours, this was a long shutdown.” But who ever said maintenance was
seamless? It may be less intrusive than traditional ways of conducting
maintenance, but an occasional interruption or pause is not unheard of. Compare
these brief interruptions with the amount of downtime, staff time, and IT
maintenance costs of making updates to your current onsite servers. With cloud
providers, you don’t even have to think about maintenance. You may experience
an occasional few minutes of downtime, and a rare anomaly might lead to an
outage for hours. But the way that cloud providers conduct maintenance is much
faster, less interruptive, and less costly than traditional server maintenance—by a long shot.
(CPs) have a commercial interest to hype to their potential and existing
customers how easy it is to migrate workloads to the cloud.”
Reality: Sure, you will hear
vendors do what they always do: sell and make everything sound easy. But the
author mentions another important point: “One study conducted by BT found that
32% of enterprises don’t have the skills internally to manage cloud migrations.”
While a cloud provider can help with the migration, you need a strong IT staff
or vendor that has done these kinds of migrations many many times. The right IT
professionals will help you:
assume that once they have signed a contract with the CP that their
Reality: Obviously, that’s an
incorrect assumption for any hardware or software you would use. Even when
traditionally buying software from a vendor that installs a server onsite, you
still have to find space for that server, connect it to your network, and
maintain that server. That’s why you would have your IT staff or vendor help
with patching, updates, and upgrades. With cloud service providers, you still
need IT professionals monitoring your cloud data and applications, alerting you
to any issues, ensuring security (such as antivirus, antispam, content
filtering, etc.), updating and patching the software, and tracking your cloud
assets for reporting purposes. Your IT staff or vendor will also help you with
any data migration needs or day-to-day technical help.
to abnormal data about the cloud prevents you from making a good business
decision. Overblown points will scare the less technically-minded away and
encourage them to stick with less secure, more risky traditional technology
solutions. The two most important points to remember are:
To talk about migrating to the cloud in more detail, please contact us.
A recent article from Sarasota’s Herald-Tribune
reported on a sensitive political situation concerning who manages the IT
department within the city. While we’re not obviously speculating or commenting
on the politics involved, it was striking to see the mayor quoted as saying,
“We went through all these things that nobody, but nobody, understands. We have
no way of knowing what goes on in the cyberspace games we're playing.” That
lack of knowledge about IT from key city officials can have devastating
consequences. Follow-up articles noted that onsite data storage was at high risk for a disaster
and that the city faced dangerous security risks.
In many cases, we often see conversations about IT in which
important stakeholders such as elected officials and even city management don’t
fully understand IT enough to understand critical risks and make good judgments
about technology investments. IT often doesn’t help by remaining obscure,
technical, and tactical when explaining its activities to city officials and
managers. While that strategy may buy IT time, eventually it risks political
explosions like those seen at Sarasota.
Key stakeholders don’t need to be technical to understand
IT. Instead, it’s important that they ask the right questions of IT in order to
get a good non-technical, business understanding of IT’s accomplishments and
any red flags. Even if you’re a technology novice, here are some questions that
are important to clarify in order for IT information presented to city
officials or managers to have the most impact.
While the situation in Sarasota is extreme, it shows what
can happen when ignorance about what IT does adds fuel to existing political
fires. As a mayor or city manager, it may be tough to introduce the topic of IT
to councilmembers who don’t have day-to-day operational knowledge. Yet, it is
part of your responsibility to demand and receive information that makes sense,
even if you have to go back to IT a few times to demand the right kind of
information you need. More importantly, a lack of understandable,
business-focused answers reflects a problem. Bad IT staff or vendors often hide
behind technical jargon to cover up problems or inexperience. By asking the
right questions, you expose these problems to light much quicker and allow all
stakeholders to understand exactly what IT is doing.
To talk about IT communication in more detail, please contact us.
Like an old car, it’s tempting to use your desktop and laptop computers until the blue screen of death beckons them into technology heaven. After all, you invested a lot of money in those computers and you want your full bang for the buck. And while you might hear that best practices indicate that you replace all hardware every 3-5 years (and more like 2-3 years for laptops), you may think of that rule applying to the more important servers rather than the “less important” everyday computers that your employees use.
However, there are critical business reasons to replace your desktop and laptop computers that affect your bottom line both directly and indirectly. Here are five things to consider when taking a look at your aging desktop and laptop computers at your organization.
Even if your older computers are maintained well like an old classic car, you’ll still see employees having problems using modern software or Internet applications. Perhaps a new kind of software won’t work, or works slow. Or your employees can’t watch videos or load information from important websites. Older computers simply can’t keep up with modern software (similar to how an old smartphone can’t handle modern versions of GPS software). You’re crippling your employee productivity by having them use older computers.
To talk more about desktop and laptop replacement, please contact us.
about denial of service attacks? That’s where hackers will pummel an
organization’s website servers with tons of bogus traffic so that the website
becomes impossible for people to access. A recent story from the Columbia Daily Tribune reported that the city of Columbia,
Missouri experienced a denial of service attack that led to a three-day website
outage. That meant citizens could not access city services and information
while valuable city staff time was tied up helping deal with the emergency.
bad news? Denial of service attacks are hard to prevent. If a relatively
sophisticated hacker wants to go after you, they will likely be able to have a
negative effect on your website. However, it helps when your city can respond
within hours rather than days to eliminate the negative effects of a denial of
are some tips and best practices that you can implement to best handle a denial
of service attack and recover as quickly as possible—without overtaxing your
For cities on a tight budget, simply moving your website hosting to the cloud and engaging the ongoing monitoring services of experienced IT professionals will help you more likely respond and recover from denial of service attacks in hours rather than days. Plus, these kinds of technology investments also help you with important areas such as:
To talk more about mitigating the risk from denial of service attacks, please contact us.
Our Focus | Products | Resources | Company | Contact | Sitemap | Login
© 2009-2015 Sophicity, all rights reserved. Sophicity®, "We put the IT in City”, and the Sophicity logo are registered trademarks of Sophicity.