31% of desktops still use Windows XP, so chances are you may be one of those organizations with people still using it. While it’s understandable to stick with a familiar operating system out of habit, it’s important to understand how much your already high security and cyber liability risks will increase after Microsoft stops supporting Windows XP on April 8, 2014.
At Sophicity, we want to make sure that cities are not exposing sensitive data and critical information to hackers and data thieves. By staying on Windows XP, it’s like you’re leaving the front door open for criminals to steal your data.
Here are some important security points about the dangers of keeping Windows XP.
Windows XP was an expensive investment. Why are there such security risks in software from such a well-known vendor like Microsoft?
Windows XP came out in 2001. If you bought a new car in 2001, you might still be using it today. But no matter how good it was, today it’s outdated and lacks important modern safety features that have evolved over the last 12 years. Software works the same way but becomes even more obsolete, quicker, because of the fast pace of technology. So many security threats and responses to those threats have occurred since 2001. The way Windows XP was fundamentally built means that it lacks critical security features that are now built into modern operating systems. Such an old piece of software cannot be “fixed” by Microsoft. That’s why they just build new operating systems every few years.
What are the specific security risks?
When support ends on April 8, 2014, Windows Updates will stop. As you may know from using your individual computer, Windows Updates often include important security patches and malicious software removal tools to preventatively address security threats. When those updates stop coming, Windows XP simply cannot respond to the plethora of modern security attacks and to criminals exposing holes in this old software. As a result, you will be more vulnerable to attacks.
Why can’t I just use antivirus software?
Antivirus software alone does not protect any computer, including Windows XP computers. A computer needs a combination of well-built modern software with security protection built in, updates and patches from the software vendor (such as Windows Updates), and antivirus software all working together to provide a strong security foundation. Only relying on antivirus software for an unsupported Windows XP is like installing an alarm system in a building with no locks and that no one ever visits in person.
If you want to take next steps to decommission Windows XP, we recommend that you:
If you’ve seen the TV show Parks and Recreation,
you know that even through the satire the show’s writers still communicate an
understanding that a city’s parks and recreation department is important for a
community. Parks and recreational activities bring citizens, civic groups, and
tourists together to partake in a city’s quality of life. It’s a critical way
for a city to market itself to both citizens and possible future residents.
That means your parks and recreation page must
accommodate a variety of needs and questions that people have when exploring
your city’s website. To help you analyze if you have the right information on
your parks and recreation page, check to see if you provide the following
content to your website visitors.
Once you have the foundations of this page’s information
down, you can enhance the page by adding visuals. Showcasing pictures of your
parks, trails, community centers, natural beauty, and past events will
reinforce the quality of life of your city and the vitality of your parks and
recreational facilities. Overall, with just some basic information you can
create a useful, functional page that works for citizens, groups, and tourists
To talk about your website content in more detail, please contact us.
Information security is not something you should assume
or feel in your gut. Yet, a study shows that many organizations think that way.
Referenced in a recent PC World article, a joint study between
Office Depot and McAfee revealed a few startling statistics about small and
medium business owners:
Since we always notice many parallels between SMBs and
cities, it’s safe to say from our observations that many cities feel a similar
false sense of security. But are you really secure? To check, ask yourself the
While the PC World article states that there is no one size fits
all situation to help solve an organization’s data security, we do feel that
there are some common areas that can be addressed. Yes, each city might
approach data backup or mobile security differently. But the point is that
these areas need to be addressed, whatever the details. Your city’s data is too
important to be so unprotected.
To talk about data security in more detail, please contact us.
In many of our posts, we mention the cloud. You probably
hear that term a lot and get the general idea of it (accessing software, data,
and files through the Internet that you would normally access through your own
servers). But what exactly makes something hosted “in the cloud”?
Since the cloud has become so important to cities as a
way to reduce costs and increase the quality of technology services, it helps to
have a non-technical understanding of something very technical. In this post,
we’ll take you through what makes something “the cloud” versus normal hardware
and information technology services.
The cloud is built upon servers, so it will help to
review what a server is—and does. A server is a specialized computer that
hosts important software, data, and files such as your website, your email
system, your document management system, your accounting software, etc. Unlike
your desktop computer, a server connects to multiple computers so that it can
deliver specific information to those computers. For example, if you have an
email server, it delivers email to individual computers at your city. Each
computer needs to connect to the email server in order to access email.
Traditionally, a city would buy a server for a particular
function (such as email) and all city computers would connect to that server to
access the information. But sometimes a city is unable to manage its own
servers due to complexity, lack of time, or lack of onsite IT resources. That’s
when a city might consider a data center.
A traditional data center simply hosts your servers for
you. Sure, the server management may be more complex. You might own or lease
servers that are dedicated—which means they are solely for your use. Those
dedicated servers may be used for one specific piece of software (e.g.
accounting software). To reduce costs, your servers may also be shared servers,
which means that other customers may share space on the same server if you’re
not using all of the space. Shared or dedicated, you access your servers
remotely through the Internet. The technology then works exactly as described
Data centers might reduce your costs, especially if a
data center can host many servers much more efficiently than you can. However,
it’s still just placing the burden of your server management onto another
company. You still own or lease a machine, and you can even visit the data
center to look at your machines if you’d like.
The cloud takes the idea of the data center a step
further by eliminating the idea of owning or leasing specific machines.
With traditional data centers, machines are still
isolated and discrete. Even if you share a server, you can still say that, for
example, five customers have websites hosted on one server.
Cloud data centers scale up to such a high degree that
they eliminate the idea of discrete servers. To make it easy to visualize,
think of a traditional data center with only 100 servers. Those servers are
each owned or partially owned by specific customers. That means those machines
need to stay separate and discrete. Even if a few servers are not using all of
the space available, it doesn’t matter. If your city owns or leases one of
those servers, you’re paying for the space—used or not.
A cloud data center instead coalesces the space from all
100 servers into a gigantic pool. From that pool, the cloud data center carves
out “virtual servers.” That means instead of a server tied to a physical
machine, a virtual server is just a chunk of that overall space from the 100
servers. That means one physical server could be any number of virtual servers,
or a virtual server could be distributed across many physical servers. It’s fluid.
In other words, the idea of server space associated with a
specific physical server has disappeared. That’s part of the reason why it’s
called the “cloud.” At this level, server hosting works almost like magic. All
you need is an Internet connection—and you don’t need to worry about hosting
your own servers anymore.
So why is this technology good for you?
First, by pooling together server resources so
efficiently, cloud software providers significantly cut costs. Hardware
maintenance and software license costs decrease from this gained efficiency.
Second, cloud data centers are usually run by the best,
most reliable IT vendors around such as Microsoft, Google, and Amazon. That
means they have resources that smaller data centers lack such as 24/7
monitoring, management, and high levels of physical and information security.
Third, cloud data centers are now too big to fail since
so many large businesses and government entities rely on them for mission
critical data. For example, Google cannot go out of business. That same
technology benefits you. Cloud software originates from servers with multiple
Internet connections, a great deal of redundant backup power, and data spread
across different geographies. Short of an Internet outage local to your own
area, cloud software rarely fails. And even then, once the power comes back on,
you can access your data again.
As you can see, servers have grown up quite a bit and, in
a way, have “ascended” into the cloud.
To talk about the cloud in more detail, please contact us.
Back in June, we wrote about Windows 8 and offered an analysis about whether cities should
upgrade. On October 17, 2013, Microsoft released Windows 8.1 and offered a
variety of improvements that attempted to remove many of the reasons that dissuaded
organizations from wanting to adopt Windows 8.
Our analysis of Windows 8 pointed out two key problems: a
lack of business urgency in upgrading, and a confusing user experience. We know
that cities need software that is functional and easy-to-use, so switching to
something that is perceived as unessential and confusing might prevent an
We dug through many Windows 8.1 reviews and conducted our
own analysis to highlight the key improvements. Let’s see how Windows 8.1 compares
to the original Windows 8.
Given these improved features and user experience, cities
may want to consider upgrading to Windows 8.1 if it makes sense for their
particular situation. Even though Windows 8.1 is easier to use than Windows 8, there
is still going to be a learning curve for city employees—just like any major
operating system or software upgrade. You also want to make sure that your
applications and software can run on Windows 8.1. Some older versions of
accounting, court, or other key operational software might not work on Windows
8.1, so you’ll want to do a full application compatibility analysis.
As of the date of this blog post, Windows 7 is still used
by about 46% of all computers while Windows 8 and 8.1 are only used by about 9%.
Many are still sticking with Windows 7 for now, but Windows 8 and 8.1 will
increase in adoption over time. Depending on your situation, there will be a
right time to switch. Just make sure you don’t make the leap before looking.
If you want to discuss Windows 8.1 or your current
operating system in more detail, please contact us.
If you’re used to sending and distributing documents
through email or dumping them onto a shared drive in a crazy variety of
folders, you’re probably glad to know that a document management system will
eliminate those chaotic problems. But how? Once your document management system
is implemented, you might wonder how you’ll distribute or receive documents if
you’re no longer using email or shared folders.
Early on, your city should establish clear business
processes for documents that establish and smooth out how documents will be
distributed. In this post, we discuss five key setup areas that help take the
mystery out of document distribution and make it much easier for city staff.
As you can see, document management systems can
potentially solve a lot of chaotic document distribution problems. But a city
needs to spend non-technical time defining workflows. Once that happens, your
IT staff or vendor can help you set up notifications, permissions, versioning,
and archiving that help enact your workflows. Then, you’ll see that the
problems of asking yourself “Where’s that document?” will go away. No more searching
through your emails or shared drives. Instead, you’ll know exactly where to
access your documents.
To talk more about distributing documents within a
document management system, please
While many cities agree that they need to store and back
up their data offsite, we often get into a lot of complicated discussions about
what “offsite” actually means. Isn’t “offsite” literally someplace that is not onsite
at the building where you’re storing your information? Why doesn’t a particular
“offsite” building count as offsite?
To help clarify what constitutes as “offsite,” let’s run
through some imaginary but representative scenarios that we often hear when
talking to cities. In these scenarios, we’ll assume the onsite data is stored
at City Hall.
Scenario 1: We store our data backups
“offsite” at the fire station down the street.
Why it’s not “offsite”:
While you are storing your data in a completely different building, it’s too
geographically close to City Hall. If a tornado, thunderstorm, or other weather
disaster were to affect several blocks of the city, both City Hall and the fire
station would be at risk of losing all data. Disaster recovery needs to account
for a catastrophic disaster, so having your data stored “offsite” down the
street is just not far enough away to constitute as true offsite data backup.
Scenario 2: We store our data backups
“offsite” on a flash drive at the mayor’s house.
Why it’s not “offsite”:
Even if your mayor is the most trustworthy person in the world, this is a bad
solution from all perspectives. First, the mayor likely lives nearby, so the
same proximity flaws from Scenario 1 apply. But you are also introducing other
risks. What if the flash drive is lost or stolen? Where is the mayor storing
the flash drive? On a kitchen table? In a vault? Near water or coffee or
something magnetized? How do you know that the mayor isn’t storing the data
somewhere else? What happens if the mayor is not reelected? Does the new mayor
have to keep the city’s data at his or her house? Having a single person
handling a portable piece of media like a flash drive and carrying it back and
forth from home to City Hall, even if they’re diligently doing it every day, is
way too risky.
Scenario 3: Our IT provider stores our
backups at his house.
Why it’s not “offsite”:
Not only is this completely unprofessional for an IT provider, but it’s like a
worse version of Scenario 2. At least the mayor is someone elected to look out
for the best interests of the city. An IT provider’s job is to get paid to implement
data backup best practices that mitigate risk for the city. You may even know
the IT provider, but in no way should you ever trust your data to reside at anyone’s
house. The liability is enormous. What if you decide to sever relations with
this IT provider? What if the IT provider gets angry and holds your data
hostage? What is the IT provider doing with your data at home? How is your IT
provider able to test and audit your data professionally? Any backups stored at
someone’s house is a bad, bad, bad strategy.
Scenario 4: Our data backups are stored at a
building about six miles away from City Hall.
This scenario is not as bad as the others, and it’s
tempting to allow for such distance to constitute as offsite data backup.
Another temptation connected to keeping data within driving distance is a sort
of irrational feeling of security—if the data is close and you can drive to see
it, it feels safer. But again, think of natural disasters. Earthquake. Tornado.
Hurricane. Flooding. It’s not uncommon for such disasters to tear across wide
swathes of a city. For true 100% disaster recovery, you need to make sure your
data is stored much further away—quite geographically remote from your city.
So, if the above scenarios are not offsite, what does
constitute offsite? As a general rule, offsite backup should meet the following
And today, you have a great opportunity to do offsite
data backup right. With such cheap unlimited cloud data storage available,
there are plenty of good and easy-to-setup options for offsite data backup. The
costs have lowered so much and the quality of offsite data backup has risen so
much that even smaller cities can affordably implement automated, encrypted,
secure data backup.
To talk about offsite data backup in more detail, please contact us.
Just like greeting and orienting someone when they walk into City Hall, a city’s website must do the same thing with its City Hall website page. Your City Hall page might also be called City Services or serve as the City Clerk’s page. However you organize your information, you need a page that introduces citizens to city administrators and directs them to your most important services.
While the content on this page should be basic and functional, you want to make sure you provide a good balance of relevant and thorough information. We see too many City Hall pages as only dry lists of names or lacking essential information. In this post, we provide some tips about what content you need for a successful City Hall page.
While function really takes precedence on this page, you want a few flourishes that show you’re a good host—like City Hall itself. Your City Hall is about business, steering citizens to where they need to go. But you also welcome them, smile, and engage them in some small talk before moving them on their way. Your City Hall web page works in the same way. Greet citizens, be helpful, and use the information you present and prioritize on your City Hall web page to send them on their way.
To talk about website content in more detail, please contact us.
A very nasty computer virus called Cryptolocker is circulating around businesses, government entities, and many other organizations. We’ve already seen one city infected with this virus and have heard of several other victimized cities. This is not something you want infecting your city’s computers.
To help protect you against the Cryptolocker virus, we’ll answer some common questions and offer some proactive tips—especially if you feel unprotected against viruses.
Ransomware is one of the scariest viruses out there. We’ve become so dependent on our electronic data, either on our computers or in the cloud, that losing access to that data would be devastating. And hackers know that. So, they prohibit access to your data in exchange for a ransom. It’s the digital equivalent of taking your most valuable possessions hostage.
It encrypts the hard drive of your infected computer, meaning you cannot access or read your data. A popup window will appear and you’ll read a ransom demand for money in exchange for what’s called a “private key” so that you can decrypt your hard drive. It’s like a hacker has a padlock on your data, and the hacker has both keys. Supposedly, if you pay the hacker it’s like they give you one key and you both open the padlock at the same time.
We typically do not recommend paying the ransom. The hackers will tell you that if the money is not paid within a certain amount of time (usually about 24 hours) then the private key is destroyed and the contents of your computer are lost forever. But these are criminals. Once they have your credit card information, what will stop the hackers from using your credit card information again (or even stealing your identity)?
In the short term, an enterprise-level antivirus solution can easily detect and eliminate the virus. However, if you already saw the popup window demanding a ransom, then it’s already too late to unencrypt your files. You’ll lose your data, but the virus will be eliminated by the antivirus software.
In the long term, or even if you haven’t been infected by the virus, you want to take proactive steps to protect yourself from Cryptolocker and other viruses.
If you feel unprotected against a virus of this caliber, please contact us. We will be more than happy to answer any questions you may have.
GMA helps city procure equipment to start operations and launch website, data backup & disaster recovery, and email.
As one of the newest cities in Georgia, Peachtree Corners is
located in fast-growing Gwinnett County in metro-Atlanta.
Located near successful business clusters such as Technology
Park and The Forum, Peachtree Corners is a planned community
that is now the largest city in Gwinnett County. Like any new city,
Peachtree Corners is creating everything from scratch – from its
vision of the future to the most tactical aspects of its operations.
From the start, Peachtree Corners needed robust IT to help them
hit the ground running. Like most cities, they needed a website,
basic hardware to help run operations, software licensing, and
email. Without the basics in place early on, Peachtree Corners
would not be able to effectively serve citizens—and these citizens
would be watching this new city very carefully.
In addition, Peachtree Corners also had to think about ongoing
costs that included data backup, disaster recovery, website
hosting, website content management, hardware support, and
access to a helpdesk. The city had not yet budgeted for longterm
future IT costs, and the potential high cost of building an IT
infrastructure seemed daunting.
Peachtree Corners solved these challenges by using the Georgia
Municipal Association’s “IT in a Box” service. Powered by
Sophicity, “IT in a Box” is a complete IT solution for cities and
local governments. The service includes a website, online
payments, onsite data backup, unlimited offsite storage of data
backups, email, document management, Microsoft Office for
desktops, server, desktop, and mobile management, vendor
management and a seven-day a week helpdesk.
“IT in a Box” helped Peachtree Corners:
Peachtree Corners saved $66,459 of the costs typically spent
launching a city network of their environment and size. “IT in a
Box” helped Peachtree Corners establish a strong technology
foundation and create a predictable IT budget.
Sophicity was instrumental in getting Peachtree Corners off the ground and running in regards to all aspects of IT.
They provided the City with outstanding service in putting together the entire IT infrastructure from the desktop
computers and servers to the security to protect it. The support team did an outstanding job during those first
pivotal moments of setting up users for email, answering phone calls for support, and establishing security settings
for each user based on their role with the City. Sophicity was also integral in helping the City build, launch and
maintain our website. - Accounting Manager/Clerk of Court Brandon Branham
Print-friendly version of the Peachtree Corners, Georgia IT in a Box case study.
Sophicity is an IT services and consulting company providing technology solutions to city
governments and municipal leagues. Among the services Sophicity delivers in “IT in a
Box” are a website, online payments, onsite data backup, unlimited offsite storage of data
backups, email, document management, Microsoft Office for desktops, server, desktop,
and mobile management, vendor management and a seven-day a week helpdesk. Read more about IT in a Box.
Our Focus | Products | Resources | Company | Contact | Sitemap | Login
© 2009-2016 Mimsware Corporation, all rights reserved. Sophicity®, "We put the IT in City”, and the Sophicity logo are registered trademarks of Mimsware Corporation d/b/a Sophicity.