We put the IT in city®

CitySmart Blog

Friday, August 5, 2016
Dave Mims, CEO
Dave MimsIT in a Box is one of the many services provided by the Georgia Municipal Association to Georgia cities. To learn about all GMA services, check out the "We Are GMA" video below.
Thursday, August 4, 2016
Robert Parker, Network Infrastructure Consultant

Robert ParkerWith software, cities feel that they often face a dilemma. Standardized, out-of-the-box software lowers cost but restricts customization. Customized software better meets the needs of cities but may increase cost. What to do?

Let’s specifically look at document management software as an example of resolving this dilemma. Luckily, document management software has existed for a long time. That means it’s matured over time and gives cities the best of both worlds—standardization and customization. Sound too good to be true? Let’s look at both sides in more detail.

Standardized Benefits

Over the years, document management system creators and practitioners have learned a lot about best practices that apply to all organizations. These best practices get baked into the software and you benefit from them without needing to customize. In fact, many of these standardized benefits feature items you may not have thought to include if you had created your own document management software requirements—and they come right out of the box.

  • Security: Modern document management systems keep information secure through encryption, strict authorization and permissions settings, and the ability to comply with laws and policies.
  • Storage: Often stored in the cloud, your electronic documents rest in a low-cost yet rigorously maintained set of data centers that eliminates your need to buy and maintain hardware. These storage benefits allow you to easily back up data, store large amounts of electronic documents at a low cost, and scan paper files for electronic upload.
  • Implementation: With a standardized document management system, implementation usually happens more quickly than with a customized solution.
  • Folder and file structures: Document management systems usually enforce folder and file structures that allow you to easily organize and find data. Unlike how document organization gets confusing when you manually handle it on your computer, a document management system will help guide you toward organizing your information in a structure that makes sense to all users.
  • Workflows: With workflows, documents are guided through a series of steps such as drafting, editing, reviewing, and approving. Workflows help you follow a quality control process for documents.
  • Search: Similar to looking up something on Google, document management systems offer search tools that make it easy to find files. You can either search for documents based on keywords that you’ve tagged onto certain documents or you can search for phrases within documents. Search algorithms also work on the backend to help bring up the most relevant items first in a list of search results.

Customized Benefits

While standardized, document management software also offers customized benefits that are relevant to cities.

  • Automatic filing of documents: You can set up rules for filing documents that happen automatically. For example, cities can apply their record retention schedules to specific documents to make sure they are filed, stored, and purged according to state law and city ordinance.
  • Document organization: While the software provides some standardized structure as noted above, you can also customize the organization of your documents. For example, you may want to set up different document management repositories for each city department that have unique organization, rules, and workflows.
  • Dashboard: You are able to customize the dashboard you see after logging into your document management system. For example, your dashboard may only show your to-dos, your most recently opened documents, and links to your most accessed document folders. You can customize dashboards in a way that applies to all users or you can allow users to tweak their own dashboards.
  • Application integration: When setting up your document management system, your IT staff or vendor can help you integrate with important applications. One common application integration is with Microsoft Office. In that case, you can open and create Microsoft Word, Excel, or PowerPoint files within your document management system without having to separately open those Microsoft applications.
  • Look and feel: While look and feel may seem the least of your worries, it shouldn’t get overlooked. For example, you can customize the look and feel of your document management system so that it contains your city logo and colors to create a personalized touch. Look and feel is a small but important detail that allows people to log into something every day that appears pleasant and fun to use.

With document management software, you absolutely can have it both ways—customizing it for your city while enjoying standardized benefits baked into the software. It helps to have IT staff or a vendor work with you on the technical aspects to make sure that you’re properly customizing your document management software in a way that meets your needs and complies with the law.

Questions about document management software? Reach out to us today with questions.

Thursday, July 28, 2016
Nathan Eisner, COO

Nathan EisnerYou most likely have city employees who work at departmental sites that are separate from your office building. At the very least, they check emails on their smartphones. Are you finding it difficult to support employees who work across separate sites? Could it be that your IT staff or vendor hasn’t kept up with the pace of technology?

Department heads and staff at these remote sites grow frustrated because their technology is essentially broken—and responses to technical issues are very slow. A modernized helpdesk remains inexpensive and yet accommodates the needs of a remote site workforce. If you’re evaluating whether or not your helpdesk meets these needs, then consider the following areas where they must succeed.

1. 24/7/365 Support

Obviously, time comes into play when supporting city workers. It’s not uncommon that staff need help with their laptops, smartphones, and tablets before and after normal workday hours. Also, servers may fail at two in the morning or a night shift officer may need support when encountering an IT issue. An IT helpdesk can’t go home at the end of a workday and return the next morning. They must remain available to handle IT problems 24/7/365.

2. Multiple Devices

Employees will need help with laptops, smartphones, tablets, printers, and other machines spanning many devices and operating systems. An IT helpdesk cannot limit itself to only a select few devices such as workstations in the office. A wide breadth of knowledge and experience with both old and new devices, operating systems, and applications is critical in supporting the needs of cities as technology continues to rapidly change.

3. Security

Any modern IT helpdesk helping remote employees must have security down to a science. While serving remote sites, your helpdesk can help with making sure:

  • Firewalls are manually “hardened”—which just means that any entryways to your servers and workstations from the outside world (such as hackers) are closed off unless needed by authorized users.
  • Network accounts are only set up and accessed by authorized users.
  • Users are authenticated when contacting helpdesk and gaining access to applications.
  • Users have the correct permissions and rights to access certain types of information within databases and applications.
  • The city logs information about user activity in order to help document data access and diagnose issues.

4. Remote Sessions

An essential element of remote help is the use of remote helpdesk sessions. That’s when an IT engineer will temporarily request access to your computer so that they can help resolve a specific issue as if they were physically present. Whatever software your helpdesk chooses with which to conduct remote helpdesk sessions needs to be secure and non-intrusive so the user remains aware when support is engaged. Remote sessions can even take place with smartphones and tablets.

If after taking a look through these four areas you realize that you’ve got some holes in your IT helpdesk, then work with your IT staff or vendor to address these gaps. Some of these elements may seem out of your reach or like overkill (such as a 24/7/365 helpdesk), but they’re really not. IT helpdesks have evolved as quickly as the technology you now hold in your hands. If you want to better serve or enable your employees, then a modern IT helpdesk is a must.

Evaluating IT helpdesk options for your city? Reach out to us with any questions.

Thursday, July 21, 2016
Victoria Boyko, Software Development Consultant

Victoria BoykoMany cities post minutes to their websites. However, questions remain about how to best do it. Currently, there are no specific laws that require cities to provide minutes on their website (because all cities do not have websites). As a result, cities may not post minutes to their website at all, they may post them irregularly, or they may post them in ways that make it hard for citizens to find.

While not a legal requirement, posting minutes to your city’s website is a helpful service to provide your citizens. This activity hits upon many things that are important to cities and citizens—government transparency, information sharing, and civic participation. Plus, sharing minutes on your website gets your information out to the most people in the quickest, most convenient fashion.

Use this checklist to see if you’re posting your minutes properly and making them easy for citizens to find.

Publish approved minutes at a minimum.

If you have a website, at least post your approved minutes when they are ready. However, you also have the option to post draft minutes before they are approved if you’d like to quickly share information with citizens. Make sure you clearly indicate if you are posting draft minutes versus approved minutes.

Post your minutes in a timely fashion, and keep them indefinitely on your website.

Similar to how you normally distribute minutes, you can follow a similar process for your website. Either post the draft minutes to your website (such as within two business days of the meeting) or wait to post the approved minutes. Once posted, keep the minutes on your website indefinitely—similar to how you keep them indefinitely in your city’s archive.

Unfortunately, it’s not uncommon for a city to fail to keep minutes updated on their website. That can be frustrating for citizens. Make the task of posting minutes to your website as routine as your normal drafting and approving of your minutes as dictated by law and ordinance.

On your meeting minutes webpage, at least show the current year’s minutes, previous year’s minutes, and a link to archived minutes with all previous years.

To keep your minutes webpage uncluttered and easy to use, consider at least showing links to:

  • The current year’s minutes.
  • The previous year’s minutes.
  • An archive of all other minutes.

By highlighting the current and previous year on your minutes webpage, you make it easier for people to find these most commonly searched for minutes. It is less likely that people will search for old minutes, so you can create a link to an archived minutes page for that purpose. Many cities also just put up links on their minutes webpage for each year, which is also fine—as long as the current and previous year’s minutes are prominent and easy to find.

Make it easy for people to find and access minutes from any webpage.

Your city website likely has navigation links at the top of each page that never change—such as Home, Government, Departments, Business, Community. etc. Make sure that people can easily find minutes through these links. For example, there may be a link right on the Home page for Agendas and Minutes. Or, there may possibly be a link under Government to the City Council page where the Agendas and Minutes link could be found. Either would be easy to find.

On the other hand, if a person can’t find an easy path to your minutes then you are making them hard to locate. Grab three or four people who don’t know your website well and ask them to try finding your minutes. If they’re all having trouble, then consider rearranging how you get people to this information on your website.

Label the minutes by year, month, and day, and publish in PDF form.

When people look for specific minutes, they will look for the year, month, and day. Label files with that information so that filenames communicate what the document actually contains. Also, minutes need to be presented in an unaltered, official, and final form. A PDF is usually the best publishing format for this requirement. Publishing a PDF is the best way to ensure that you are offering the official, final version and it's also the most convenient type of file for people to download and print. A PDF is a universal file format that works on any computer and it's usually preferred by city clerks.

Overall, publishing minutes to your website is one of the services you can provide your citizens who primarily access information through the internet. When doing so, it’s best to follow your current laws and ordinances, make it easy for people to find minutes, and provide the files in the most convenient format. If you follow the tips above, then you’re scoring some major service and transparency points with your citizens.

Questions about posting minutes to your website? Reach out to us today.

Thursday, July 14, 2016
Brian Ocfemia, Technical Account Manager

Brian OcfemiaAs we talk to cities at various events and conferences, we sometimes hear that they don’t have a centralized place to access shared files—such as a server or a location in the cloud. That means cities may still store important files on individual desktop computers. Let’s take a step back and look at three major risks in such a situation.

Risk #1: Data backup and disaster recovery

Storing important files on a single computer means that if something happens to that computer then you will lose all of your files. You may occasionally back up files on an external hard drive or flash drive, but relying on a manual process that can be skipped or performed incorrectly is a risk—especially because you may not regularly test those backups. Plus, you’re also relying on a single person’s computer—and that single person may accidentally or purposely delete files without you ever knowing they’re gone. No matter how much you trust that person, they may act as the sole owner of those files—not your city.

Risk #2: Security

A single computer isn’t guaranteed to make sure your files are consistently secured against threats. Employee error (such as clicking on a malicious website link or email attachment) is one of the most common sources of viruses and malware which opens your city up to hackers. With that kind of security hole, a hacker may steal your information or prevent you from accessing your files. Weak or irregularly updated antivirus and antimalware software on a single person’s desktop computer just isn’t enough to adequately protect important city information. No matter how well-intentioned, a single user presents too many security risks if files are primarily stored on their personal desktop computer.

Risk #3: Access

City employees shouldn’t have to rely on one person to give them access to important city files. What if that person is sick or on vacation? What if they get fired or leave their job? Any user who has been granted authorized access to important files should be able to access them in a centralized, neutral location. A single user also has the potential to be arbitrary, whimsical, unavailable, or difficult about giving access to important files—which can be a hindrance to productivity, operations, or answering open records requests.

So, what should you do instead of storing files on a personal desktop computer?

No matter how small your city, you still need to create a place where electronic files are centrally maintained and secured—and where users with authorized access can find these files. Some options (depending on your budget and technology limitations) include:

  • Onsite server with network drives. Essentially, this server works like a central computer that authorized users at your city can access. You store your files here, city staff can access those files just as if they were on their computer, and your IT staff or vendor helps maintain and secure the server.
  • Online file storage services. These services exist in the cloud which means—with the help of your IT staff or vendor—they are secure and accessible (only to authorized users) from any device or location. Use business-class versions of these services—not the consumer-grade versions.
  • Document management system. A document management system will give you a business-class way to store, search, and securely access documents. With a document management system, you’re able to not only centrally store and manage documents but you also get to tag, label, and organize them in ways that will help your day-to-day work (such as more easily responding to open records requests). These systems contain a lot of capabilities that are especially important to city clerks.

If you still want to store files on a computer, then a newer computer will generally offer a lot of room. But that’s still not wise—no matter how much space that computer offers. What’s more important is where the files are located, protecting the files from data loss, and securing who has access to the files. Limiting file access to a single person’s desktop computer is just way too risky for a city.

Questions about file storage? Reach out to us today.

Tuesday, July 12, 2016
Dave Mims, CEO
Dave MimsAt the Georgia Municipal Assocation's (GMA) 2016 Annual Convention, GMA's Kelli Bennett interviewed me about IT in a Box. Watch the video to learn more about what IT in a Box includes and why these services help cities save money, modernize their technology, and serve citizens.

Thursday, July 7, 2016
John Miller, Senior Consultant

John MillerMany cities—especially smaller cities—often ask us if they need to “go digital.” By that, they’re usually asking if they should transition their information from paper to electronic, start centrally storing and managing electronic information in the cloud, and modernize their technology to help with accessing that information such as upgrading their email system, document management system, or website.

These are good questions for smaller cities. After all, they have minimal staff who are strapped for time and working with limited budgets. If going digital is a convenience, then smaller cities could probably push it off to the side.

However, it’s clear that going digital is a necessity. And not going digital leads to a variety of critical problems. Think of it like carrying insurance. You don’t think about your insurance a lot during your day-to-day work, but it’s there when a disaster hits. Let’s look at some critical areas where “going digital” is a necessity.

Data Backup and Disaster Recovery

With paper, it’s very difficult to assure yourself that your information will survive a fire, a flood, or a tornado. We’ve even encountered situations where paper with valuable information has aged so much that it starts to crumble or termites have gotten at it. All it takes is one incident like a fire and your valuable city information is destroyed.

By scanning your paper information and turning it into electronic information, you are able to protect it from disaster. With offsite data backup, you can store that information in a data center far from your city and know that you will be able to access that information even after the worst disaster.

Information Access and Retrieval

Quite simply, it’s easier to find electronic information. Once you are digital, you can find important documents and information in seconds rather than spending lots of time sifting through paper records. Modern document management systems help you label and organize documents so that they are easy to find. Similar to how you search for things on Google, you can search for documents and information in the same way. This capability helps with compliance (see below) and also makes your time-strapped staff much happier when they can find information quicker.

Information Portability

By portability, we mean the ability to share information with others. It’s fairly standard today for many government entities and businesses to share and receive digital information. In fact, you may even find that electronic sharing and retrieval of information is required by some entities. Even if it’s not required, it’s way more convenient to citizens, businesses, and government entities to offer electronic information. Whether you post information directly to your website, offer it on a PDF, or have it stored electronically at your city in a document management system, you can easily send and share information with authorized people when it’s in electronic form.


Often overlooked, going digital helps with security. Sure, with paper you can lock rooms and prohibit physical access to file cabinets. But it’s not uncommon that access to city assets can be easily—in fact, very easily—obtained on-site. When your information is digital, your IT staff or vendor can make sure it’s only accessible to authorized people.

Open Records Compliance

Open records laws, regulations, and policies evolve each year so that expectations related to information access, retrieval, and security continue to grow. With paper, you risk slowly responding to open records requests. You may also have the opposite problem of not purging documents on a regular schedule. As a result, you might store decades-old documents that you’re not legally required to keep.

Going digital better equips you to respond to open records requests in a timely fashion, set up automated processes that ensure you’re following record retention schedules, purge documents that you legally no longer need, and back up data in case of disaster.

Going digital strikes at the heart of many necessities around information today—security, compliance, backup, and ease of access. So even if you’re a smaller city, you need to consider digitizing any information you have that currently resides on paper along with modernizing your technology enough to be able to easily access and share that information.

Questions about going digital? Reach out to us with any questions.

Thursday, June 30, 2016
Dave Mims, CEO

Dave MimsYou spoke. We listened. Over the past year, cities have told us that their requirements for data backup and video archiving grow more and more immense. For example, the requirement for many cities to capture, record, and store body camera video has drastically increased the amount of storage space they need. In fact, some cities (such as in Georgia after a new law passed in 2016) must store that information or face legal penalties. Also, cities (such as those in Arkansas) are feeling more pressure from state legislatures about strictly adhering to laws and best practices related to cybersecurity.

Overall, there’s just too much at risk today to neglect a city’s electronic storage capabilities and underlying information security. Here are some new features of IT in a Box that help address these concerns:

Data Backup Archiving

We already provide cities with onsite data backup storage for quick data recovery and unlimited offsite data backup storage for disaster recovery. That now includes storing and archiving all versions of your important files, documents, and data. Archiving is the long-term storage and indefinite retention of your backed up data. This archived information is always accessible in case you need it (such as for an open records request).

Video Archiving

Cities tell us that body camera and squad car video storage costs are a big concern for them—and storage needs for video data will only continue to grow at an increasingly rapid pace. IT in a Box saves cities money with our unlimited offsite video storage and retention. That means:

  • No more buying additional expensive onsite storage for video. With IT in a Box, you can now keep your most recent videos onsite for quick access while we archive all of your videos offsite for long-term access.
  • As the quantity of your squad car and body camera video footage continues to rapidly grow, your storage costs do not change over time.

Policy and Compliance

To best protect against cyberattacks, our IT in a Box staff will help you adopt policies and best practices to educate staff and make sure your technology helps you comply with state law. In addition to staff training, we shore up any security holes by securing, documenting, regularly testing, and proactively managing all of your technology including:

  • Applications and systems
  • Vendor access
  • Network access
  • Wireless access
  • Physical access
  • User access
  • Remote access
  • And more

For Arkansas specifically, we help cities become compliant with the state’s Legislative Audit.

Questions about these new services? Reach out to us with questions.

Learn more about IT in a Box.

Thursday, June 23, 2016
Dave Mims, CEO

Dave MimsRecently, I gave a presentation at the 2016 Arkansas Municipal League Annual Convention about cyberthreats. As part of a three-hour training session entitled “Working in a Social World” that featured Arkansas cities (including Gravette, Fayetteville, and Mayflower) sharing various social media successes, I ended the session with some caution about cyberthreats. Cyberthreats threaten the technology that underpins many of these social media successes—and my observations were tailored to complement the overall discussion.

Overall, I addressed how to protect cities from cyberthreats. A cyberattack does more than just shut down a city’s IT operations. Today, we see incidents where hackers and some “hacktivists” hold a city’s information for ransom. These attacks can be very dangerous to cities and need fending off.

Check out my entire presentation here. In it, you’ll read in more detail about: 

What? - What do I need to know?

  • Passwords
  • Virus
  • Attacks
  • Data Backup
  • Security Updates
  • Physical Security
  • City Websites

How? – How have some real cities been impacted?

Based on real cities, I provide examples that accurately represent what we often see at cities. Cyberattacks are costly, destructive, and embarrassing for cities.

  • City #1: Virus initiates $90,000 transaction!
  • City #2: Virus deletes financial data!
  • City #3: Virus hacks city website!
  • Ransomware: Again!

Help! – Where is help!

  • The Arkansas Legislative Audit requirements
  • The Top 10 most common Arkansas Legislative Audit Issues
  • IT in a Box - a review of the latest IT in a Box developments that help resolve these issues
  • How IT in a Box drives Legislative Audit compliance


  • Is your city at risk from a cyberattack? Data loss? Unauthorized access (external or internal)? Erroneous changes? Website?
  • Is your technology dated? Unlicensed? Unsupported? No longer maintained? Still using paper?
  • Are you frustrated with anything (or even all things) IT?
  • Are you unable to meet legislative audit compliance?

When you subscribe to IT in a Box:

  • Cyber protection is provided and proactively managed.
  • IT needs are addressed and technology is proactively kept modern.
  • Legislative Audit compliance is met in Arkansas and proactively maintained.

Questions about your ability to fend off cyberthreats? Reach out to us today.

Thursday, June 16, 2016
Anthony Fantino, Network Infrastructure Consultant

Anthony FantinoSomeone attempted a $90,000 transaction from my machine. What do I do?

Let that sink in. As the finance officer, city clerk, treasurer, or city manager, how would you feel? What would you do? How did it happen? Where would you look?

When a person, externally or even internally, attempts to steal money or data from a city, investigators will start looking for information to help them find the culprit. So, what information will lead them to finding the person who committed the crime?

Unfortunately, your city may not have the right policies in place to not only prevent unauthorized access to information but also to track who accesses it, what’s accessed, and when it’s accessed. That leaves your city with security holes that open you up to hacking, theft, and even fraud.

What can you do as a city to make sure only authorized users have access to sensitive information? Look carefully at the following areas.

User Access and Authorization

First, begin with making sure your systems and software allow you to set different levels of permission for different users. For example, some users may not need access to payroll information. Modern technology systems allow for granular user permissions within servers, websites, and applications. If you don’t set these permissions appropriately, you risk users looking at information that they should not access—and they may possibly misuse, change, or delete that information. Users should only be able to access information relevant to their job function.

Physical Access

Often overlooked, it’s important for cities to physically secure important technology like servers. An unauthorized person should not have physical access to your servers or be able to walk into your server room as if it’s the breakroom. All it takes is one disgruntled employee to steal information or damage your computer equipment and hardware (which may lead to permanent data loss). Secure rooms with servers so that only authorized employees can access them. Require use of a key fob or similar security checkpoint.

Wireless Access

Second only to physical access, wireless access is another common security hole. Cities are at risk when they leave wireless access open and unencrypted, or if they use weak or well-known default administrative passwords for securing wireless devices. Hackers can easily hop onto your network through these access points and begin sniffing around your most sensitive information right from the parking lot. You need to keep your wireless access password protected with a strong password, encrypted, and limited to authorized users.

Remote Access

Obviously, employees sometimes need access to a city application through a secure remote connection to a server. But it needs to be logged and tracked. Too many cities don’t track and monitor who logs on and when they log on. This creates security problems. If you don’t know the identity of someone logging in, or even that they’re logging in at all, then how do you know that it’s an authorized user? By tracking remote access, you make sure that only authorized users are accessing your servers and applications.

Access and authorization vulnerabilities that cities face are not just addressed by technology. They begin to get addressed by setting policy. Cities need to set the right policies and work with their technology staff and vendors to implement training, processes, and technology to meet these policies. If your current technology systems cannot handle these demands, you may need to modernize your technology in order to accommodate current security requirements and best practices for government data.

Questions about how to begin addressing these gaps? Reach out to us to further discuss these areas.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 |