We put the IT in city®

CitySmart Blog

Thursday, October 2, 2014
Nathan Eisner, CMO

A recent story reported in PC Magazine and other news outlets talked about a vicious form of malware that affected many retail point of sale systems. The most disturbing fact? Up-to-date antivirus and software patches failed to prevent this malware from taking over the point of sale systems, stealing information, and wreaking havoc.

Stories like these tempt small businesses and city governments to throw up their hands. If antivirus and patching can’t prevent malware and hackers stealing information, then how can you really secure yourself?

In fact, there’s plenty you can do. A common misconception is that antivirus serves as the be-all-end-all solution for protecting your information. But antivirus is only one tool to prevent such dangerous attacks. Here are some others. 

1. Back up your data, both onsite and offsite.

The best defense is often having a plan in case the worst happens. If your data is stolen, held for ransom, or corrupted, then you need to have an automated onsite and offsite data backup and disaster recovery solution in place. No antivirus software is perfect. Even if it’s a rare event, there is always a chance you can get hit by a virus. If a computer or server is so infected that it needs to be wiped clean and decommissioned, it’s essential that you have that data backed up. 

2. Train employees about phishing and malicious links, emails, and attachments.

All of the antivirus software in the world won’t prevent a virus if an employee clicks on a malicious website link or opens a suspicious attachment. Hackers and cyber criminals play on the human factor. After all, if a person gives them permission to access company or government data by clicking on something, they are inside your gates at that point. The more your employees show wariness and caution about suspicious links, emails, and attachments, the less chance that a virus will creep past your antivirus software.

3. Build strong network security.

While your antivirus software might be great, it has to work overtime when many virus attempts are getting inside your network. Perform a network assessment to judge the strength of your firewall, the ease or difficulty of unauthorized user access, administrator password strength, and wireless access points. If your network security is weak, the chances of an attack succeeding are much greater because more threats are getting inside your network. Even the best antivirus software shows its weakness when too many threats hit it at once on a daily basis.

4. Use enterprise antivirus software with people managing it.

Off-the-shelf antivirus software installed ad hoc on people’s computers is simply not good enough for businesses or government. Enterprise antivirus software is managed by people. Because businesses and government entities are such high targets by having intellectual property, money, and sensitive data potentially exposed, the stakes are higher. When IT professionals are helping managing your antivirus, they can more easily spot red flags and respond to virus attacks immediately. They stay on top of virus threats in a way that individual non-technical users simply can’t do. 

5. Encrypt your data.

Even if hackers can access your data, encryption can make that data useless to them. Many high profile data breaches in the past few years were made worse when the data stolen wasn’t encrypted. Compared to the cost of data loss, fines, and emergency remedies, the cost of encrypting data is quite a bargain. Especially for your most sensitive information, encrypting data on your servers and computers is essential and a great way to frustrate hackers.

Despite the fear of malware attacks that crippled organizations like UPS and Supervalu, there is more to protecting your network than simple antivirus. To take next steps, we recommend assessing the strength of your data backup, network security, and encryption. Shore up any holes. Then make sure that IT professionals are managing your antivirus while complementing that service with employee training that mitigates the risk of someone clicking on an attachment with a virus. By applying a more holistic strategy, you’ll up your cyber security and decrease your cyber liability.

To talk about cybersecurity in more detail, please contact us.

Thursday, September 25, 2014
Clint Nelms, COO

IT vendors are both an expensive investment and a commitment. Like any relationship, a good IT vendor is often hard to find but it’s a great thing once you find one. And like any relationship, there are signs indicating when it’s bad, and when it’s good.

I know. We’re an IT vendor, so you might be a bit suspect if we were to share our four signs of when you should break up. Instead, we’ve collected specific points and complaints that we’ve heard from actual city decision makers from a large number of sales meetings this year. These insights include customers, prospective customers, and other decision makers who have had good and bad experiences with IT vendors.

Here are the things they point out as red flags. If you’re seeing these signs repeatedly, then city decision makers nearly all say you need to look for a new IT vendor. 

1. Your IT vendor confuses you with too much technical language.

We often hear, “If you ask our IT vendor for the time, he tells you how to build a clock.” Great IT vendors speak to you in concise, relevant business terms. That means taking something complex and making it simple. Or simply just sharing the bottom line about a particular issue. Throwing around too much technical mumbo-jumbo isn’t a sign that your IT vendor is brilliant—it’s a sign that they’re likely hiding behind confusing language and not explaining or understanding your business problems correctly.

2. Your IT vendor blames and passes on responsibility to other vendors.

We’ve written about the discipline of vendor management and why it quickly becomes one of our most popular services for our customers. We make sure other vendors stick to your business requirements, ensure proper installation and configuration, and work with vendors on technical issues. Bad IT vendors will routinely blame other vendors for IT problems, throw up their hands, and say that the hardware or software vendor needs to fix the problem themselves. It’s a classic complaint about IT service providers. Instead of working with software vendors when there is a problem, they point the finger at the software vendor and say. “It’s their problem, not mine.”

3. Your IT vendor always wants you to buy something.

Many IT vendors often get your business because they seem so cheap. Then, once they’re inside, they start telling you, “That costs extra” when you thought many services were included. They may also try to sell you hardware, software, or other products as a remedy to a real technical issue. It’s another classic complaint. Many IT providers make money from reselling hardware (or worse, from building and selling their own hardware). The best IT providers simply provide services without trying to upsell you at every given opportunity.

4. Your IT vendor implements their own policies instead of working in partnership with you.

A good IT provider listens to your city when implementing any technology-related policies that affect your operations (such as security policies). That requires true consulting—working with cities to craft policies tailored to your organization. Unfortunately though, many lazy IT vendors simply implement a standard policy without discussing what your city considers appropriate. This situation can result in your staff unable to fully function because they are locked down too tight by an arbitrary policy that may not fit your organization.  

The common theme of these red flags isn’t surprising. These bad IT vendors simply don’t listen to you, they don’t do the hard work of strategizing and customizing their services to your needs, and they don’t accept the responsibility of creatively and efficiently solving your technology problems. Instead, they try to cut costs through shortcuts and cookie cutter services that may do you more harm than good. Look instead for an IT vendor that listens to you, crafts services around your needs, and accept the responsibility of managing your IT environment—including working with other hardware and software vendors to resolve problems.

To talk more about selecting the right IT vendor, please contact us.

Thursday, September 18, 2014
Dave Mims, CEO

Mr. Stan Brown, City Manager, Oakwood, GAAs you or others you know have probably experienced, tablets (such as Surfaces, iPads, Nooks, Nexuses, etc.) have entered our lives as a way to both increase our productivity and entertain us. They are easy to use and provide many of the same functions as traditional desktops or laptops—without the hassle. Because tablets provide you on-the-go email, document access, and Internet access, we find they are also becoming essential productivity tools for mayors and council members, as well as others involved in council meetings.

In fact, we've heard over and over that cities want tablets—especially for elected officials. Based on this feedback, we’re happy to announce that IT in a Box will include tablets for council members.

So, why tablets? And why IT in a Box? With IT in a Box tablets, you’ll experience the following benefits.

  • Go paperless. Tablets help eliminate the costly, burdensome process of your city printing and delivering paper meeting agendas and related documents.

  • Enjoy the ease of modern technology. Access agendas, documents, the Internet, and other productivity tools with a swipe of your finger.

  • Mr. Andrew Hartley, City Attorney, Georgetown, KYTake your IT in a Box tablet wherever you go. IT in a Box tablets aren’t just for council meetings. Carry your tablet everywhere for secure, anywhere / anytime access to your city email, calendar, Internet, documents, and more.

  • Keep your data secure and protected. Keep your data secure and protected with the latest antivirus, antispam, software security patching, and automated tablet maintenance—all included with IT in a Box.

  • Be prepared for open records requests. Your city email account clearly separates city business from your personal email, making it easy to respond to open records requests.

  • Enjoy full 7 days a week IT support. Technical issue? We’ll support you whether you’re in the office, working from home, or on the road—7 days a week.

  • Microsoft productivity software included. IT in a Box tablets come with commonly used software such as Microsoft Outlook, Word, Excel, OneNote, and more.

  • Full Windows 8.1. Run the same applications from your tablet that you do on your desktop or laptop!

Mr. Jim Windham, Councilman, Oxford, GAAt this time, we are currently piloting the use of IT in a Box tablets and collecting feedback to make this service even more effective for you before rolling it out.

A big thank you goes out to Mr. Andrew Hartley (City Attorney at Georgetown KY), Mr. Stan Brown (City Manager at Oakwood GA), and Mr. Jim Windham (Councilman at Oxford GA) for signing up to be our early adopters (aka testers). Each represents a vital role in council meetings, so gaining their feedback and perspectives will be very beneficial. We plan to fully roll out the IT in a Box tablets in January 2015.

To learn more about this service, please contact us

Thursday, September 11, 2014
Alicia Klemola, Account Manager

With the media using its usual scare tactics, it’s tempting to follow their alarmist lead and view the recent celebrity cloud nude photo hacking scandal as a sign that the cloud is an unsecure place to store data, files, and documents. After all, if private nude pictures cannot be protected from hackers, then how will you protect your business’s much more important confidential information and intellectual property? One alarming fact you’ve probably read is that many of the celebrities said they had deleted their photos long ago. Yet, those photos were still found by hackers in the cloud despite this deletion.

Let’s slow down a bit and digest this incident. First, despite their celebrity status, these people are still non-technical individuals—not IT experts. Many common individual errors in personal data privacy were committed by these celebrities. And the flaws mostly came down to weak passwords and a misunderstanding of how cloud security works.

For your business or city, we offer some reassurances in the wake of the scandal to let you know where these celebrities messed up and how your business should differently operate. 

1. Your cloud data should be protected by enterprise-level firewalls.

Free cloud software managed by vendors usually has solid firewalls in place. But because they are serving millions of consumers who are not paying for the cloud services, these vendors may not ratchet up their security as much as for a business or government entity that needs more firewall power. For example, different classes of firewalls exist that enforce higher security to keep out unauthorized users. These firewalls can be customized for your particular security needs.

2. You need to enforce strong passwords and possibly extra layers of user authentication security.

In many of the nude photo hacking scandal articles, a common point of entry was weak passwords and user authentication. It’s easy for many hackers to go after sensitive information with programs that crack weak- to medium-strength passwords. You need a policy that enforces strong passwords with a mix of letters, numbers, and characters. The passwords should also be a certain minimum length such as 8 characters and changed monthly or quarterly. In addition, you can doubly ensure password security by adding an extra layer of authentication such as a mobile confirmation once a password is entered.

3. Train your people to spot phishing scams and other suspicious links and attachments.

People are still one of the weakest links in your cyber security chain. They often present easy access points for hackers attempting to steal your sensitive information. Train your employees about how phishing scams work, how to spot suspicious emails and attachments, and when giving away usernames and passwords is legitimate. There are still too many cases when employees are fooled by an email with links that look legitimate, and the employee ends up giving hackers an access point to your data.

4. Deleting files is not as simple as clicking delete.

We talked about this in detail in a recent post, but it’s extremely important to know that deleting a file may not delete it for good. First, simply deleting a file on your computer only means that the space it takes up is available to be overwritten by a new file. It’s often still there. Second, files may or may not be synced everywhere in the cloud. Or, new files may be synced but not deleted files. Deleting in one place may not delete a file everywhere. In the celebrities’ cases, they thought that deleting a file on an iPhone meant it was also deleted in iCloud. In their case, it wasn’t. An IT professional can help you configure your archiving and deletion policies to make sure that deleted files are truly deleted.

5. Syncing files without proper oversight exposes you to security and data backup risks.

Be very careful about syncing cloud data to other devices. Ideally, you should store data and allow access to it from one central cloud location. If the data replicates itself locally on various devices, you open up the risk of your data appearing in a less secure location. It may be easier for a hacker to hack a personal device rather than your cloud servers. But if your sensitive data is encrypted and only accessible via your cloud servers (with view-only mobile access), then it’s much harder for a hacker to grab that data.

Waves of alarm always occur about the cloud when something like this scandal happens. It’s easy to blame cloud security when we should be using this incident as cloud education. If these celebrities understood how their data is stored, accessed, and deleted, then they would not have run into this issue. These are individuals, and so they can survive such an attack relatively unscathed. But as a business or government organization, you need to take advantage of the cloud’s benefits and high security while adopting common sense best practices that help protect your most sensitive data. Use the cloud, but don’t make the same mistakes as these celebrities.

To about cloud security in more detail, please contact us.

Thursday, September 4, 2014
John Miller, Senior Consultant

In many organizations, email is quite simply a mess. Sometimes, you might have loose policies where you can keep any email forever as long as there is storage space. In other cases, you might have arbitrary or necessary storage limits where you are responsible for deleting emails just to make room for more email. Either extreme is not healthy for a business or government organization.

You might say that keeping emails is understandable, for obvious reasons. If emails are needed for legal reasons or a city receives an open records request, it’s important that emails are accessible. As long as the email is somewhere, everything is fine. Right?

Actually, there’s much more to email archiving than just storing your emails in any old place. In this post, we offer up five reasons why you need to have business-class email archiving in place at your organization. 

1. Employee searching and reference.

The most obvious and prosaic argument for email archiving is simply that emails often contain a lot of important business and historical information that is useful to employees. Old emails might include notes about a project from two years ago, a forgotten vendor name from a meeting last year, or login information to a website. If employees are forced to delete emails or if they’re responsible for storing emails, there is a risk of losing important information. Email archiving ensures that employees can easily look up information from past emails.

2. Protection of sensitive information.

With a business-class email system, your email will be encrypted and protected by a variety of security measures. If employees are left to do their own archiving, there is a risk of storing old emails in insecure locations such as an external hard drive, thumb drive, or folders on the desktop that an unauthorized person might be able to access. With automatic archiving features in a business-class email system, the archived email will be set aside, encrypted, and protected against unauthorized users.

3. Storage.

Despite many cloud email systems offering more and more storage space, email storage can still grow unwieldy with many zip files, PDFs, PowerPoint presentations, pictures, audio files, and video files. Email archiving goes a long way toward compressing the size of old emails and storing them in a place where it’s expected you won’t be accessing them often. If your server storage is limited, this aspect of email archiving is critical to free up space.

4. Data backup and disaster recovery.

Email archiving forms part of a comprehensive data backup and disaster recovery strategy. Any archived emails need to be encrypted, easily accessible, and stored properly when backed up both onsite and offsite. If an email server fails, you need to make sure you don’t lose archived emails. You are still legally bound to produce important emails if requested, and the excuse of poor data backup and disaster recovery will not cut it with authorities.

5. Legal requests and compliance.

Your records management is extremely important when you are bound by law to produce emails. For businesses, you may need to produce emails as the result of following a contract, responding to a legal request, or complying with something like Sarbanes-Oxley. For government, you may need to respond to open records requests and correlate your archived email with record retention laws. You don’t want to be caught in a situation where you’re legally bound to produce an email and you are unable to do so. That failure could result in lawsuits and expensive fines.

To get started with email archiving, it’s good to look at the quality of your current email system. Are you using a free email service (like organization@yahoo.com)? Are you using an outdated email server with limited archiving and storage capabilities? Are you storing sensitive emails in insecure locations such as tape backups or thumb drives? Once you assess your current email capabilities, consider switching over to a more modern email system that encompasses email archiving and mechanisms to help you follow the law and retain emails the right way.

To talk about email archiving in more detail, please contact us.

Tuesday, August 26, 2014
Brian Ocfemia, Technical Account Manager
A recent Forbes article references a study from Docurated that highlights some alarming statistics about the current state of document management. Some key stats that the Forbes author highlights in the article include:
  • “Despite the hype around Cloud, 77% of respondents still use file servers as their primary repository.”
  • “Cloud Storage is being deployed but more than 79% of documents are still stored on-premises.”
  • “68% of organizations have 5 or more storage repositories.”
It’s likely that many cities and small businesses are in the same boat as the majority of respondents from Docurated’s survey. With the cloud and modern document management systems making it easier for cities and small businesses to create, store, and maintain documents, there’s no reason why these organizations need to settle for obsolete solutions that make business more difficult to conduct. Here are some tips that will help you get up to speed and put yourself in the minority of organizations that are doing document management right. 

1. Move your documents to the cloud to help disaster recovery.

As the statistics relate, too many documents are still stored on-premises. This increases the risk of a fire, flood, tornado, or other disaster wiping out important city or business documents. Ask yourself: If your documents were completely lost, how would that affect business? You would probably experience irreparable harm and possibly go out of business. Many cities would become crippled and unable to serve citizens effectively. Moving your documents to the cloud stores them safely offsite, including all of your paper documents (once you scan and store them). 

2. Move your documents to the cloud to make them more accessible from different locations.

If you still store documents on file servers, those servers tend to be closed off unless you’re at the office. In today’s world, people use laptops, tablets, and smartphones to work on the go. Teleworking becomes more and more of the norm as salespeople, creative workers, and business travelers work outside the office. They need access to documents without having to come into the office or use a difficult remote access VPN connection. The cloud makes it easy to not only keep documents secure but also gives people access to them while away from the office.

3. Move to one cloud document management solution to centralize your documents in one place.

So, you’re looking for an important business document. Is it on this file server? Another file server? Someone’s individual computer? The statistic about an average of more than five document storage repositories at many organizations is a sign of undisciplined document management. Different departments, probably out of frustration, simply started storing their documents themselves through the lack of an organization-wide policy. Moving to the cloud gives your organization the opportunity to centralize your documents in one place so that it’s easier for people to find them.

4. Organize and label your documents to help people find them.

Even if documents are centralized in one place, it can still be difficult to find them due to poor organization and labeling. This activity is something your organization should tackle anyway, so moving to the cloud in a centralized location presents the opportunity to sort out documents into a specific structure, decide what to keep or toss, and label using metadata (such as department, author, date approved, etc.). We’ve written some articles about this difficult but rewarding process.

5. Update your document management to help you follow the law.

For cities, this means following laws related to open records requests and record retention schedules. Modern document management systems help you store documents without fear of losing them, allow you to easily access them, and give you the ability to archive or delete them through the help of automation. Sure, you can follow the law manually, but isn’t that a lot tougher and more prone to human error? Leverage technology to ease your burden and automate your legal policies and procedures for documents.
If the above tips intrigue you and you had not been aware of how document management can solve a variety of your current business problems, shop around for some cloud solutions and explore the capabilities of modern document management systems. In this case, it helps to build out some requirements about what you’re looking for. You might be surprised to find that there’s a document management system out there waiting for you that can tackle your requirements—and a whole lot more. To talk about document management systems in more detail, please contact us.  
Friday, August 22, 2014
Nathan Eisner, CMO

It takes a lot of effort to purchase software. But once it’s inside an organization, the vigilance and due diligence seems to stop. It’s a like a person who spends a lot of time shopping for clothes but neglects the clothes once they’re bought and hanging in a closet. Because software needs to support business functions, unused software becomes a bad investment that wastes your money. In fact, the technology industry has a term for unused software: “shelfware.”

If you doubt the severity of this problem, consider the Internal Revenue Service. They wasted $11 million in unused mainframe software licenses. Other research confirms that a majority of organizations do not track software or know how much of it goes unused. While wrapping your head around your organization’s software can be intimidating, it’s a necessary step toward potentially saving you a lot of money.

Software grows like weeds, cropping up on computers everywhere throughout an organization and accruing over the years. Here are some tips to pin down and declutter your software with the goal of streamlining your budget. 

1. Take a software inventory.

Too many organizations don’t even have a sense of what software they have. If they do, it’s recorded on random Excel spreadsheets floating around an organization. Conduct an inventory to track down every last piece of software you’re using on computers and servers. Collect this information in a centralized place that’s easy to access. That information should include essential information about the software such as the version, date of purchase, number of licenses, etc. Automated software is available to help you with this inventory if your environment is large and complex.

2. Describe the business problem solved by the software.

This is a reality check for your organization. It may seem like a time waster, but this is an important question that rarely gets asked head on about your software. Why did you purchase it? What business problem is it solving? Just writing down the reason makes you realize if the software has a clear use, a vague use, or no use at all. If people begin debating the software’s use, then that’s a discussion worth having. Describing the business problem the software solves brings a lot of inefficiency and waste to light.

3. Prioritize the software’s importance to your organization.

After outlining the business problems, analyze your software based on priority. What software is mission critical? What software is for specialized use? What software seems to just waste space and collect dust? For example, you may have initially invested in an electronic note-taking software that had a clear business purpose but that no one ever adopted. Or, you might have GIS software that a particular department heavily uses to do their jobs but that no one else uses. A sense of software priority helps you understand if you’re maximizing your investments.

4. Look at the frequency of use.

While different kinds of software may have different intensity levels of use, it’s good to look at the reality of the actual use. For example, is the note-taking software referenced above not used because of user apathy or lack of training? Or is it because traditional note-taking is faster or the note-taking software’s benefits are too incremental to make an impact? Frequency of use will bring to light software that may be underused, which means your investment is not paying off. It helps you spot areas that you can remedy through policy and training, or possibly software that isn’t of much use that you can let go.

5. Explore options to reduce software costs.

Based on the data you collected in the first four steps, you now have the analysis needed to justify what you can cut, adapt, and save. For example, you might find that your GIS software is used heavily by five people but you bought 30 software licenses. In that case, you might consider switching to a cloud version where you pay by the user, and pay for only what you need. Or, you might revitalize the use of a particular piece of “shelfware” by training users, leveraging your support contract more, and creating policies that require use of the software in order to save you time and increase employee productivity.

Software is an investment, and it needs to pay off. If you scrutinize every capital purchase and analyze monthly operational expenses, then it doesn’t make sense to ignore software investments that flush money down the drain through disuse. There are plenty of remedies to apply once you get a handle on your software. Getting rid of it, cutting down the number of licenses, and moving your software to the cloud can all help you reduce costs. Use our tips on collecting the data, and then cut the bloat from your software costs to positively impact your bottom line.

To talk more about conducting a software inventory, please contact us.

Tuesday, August 12, 2014
Clint Nelms, COO

Too often, many businesses and organizations have a data backup solution in place and assume it’s working. As long as it appears to back up your data in some form, you feel fine. But if you’ve had an unchallenged data backup process going on for even just a few years, you might want to ask some questions.

That’s because many data backup systems still fail to restore data when an emergency occurs. Assumptions...well, you know the saying. Too many businesses and organizations still assume their data backup is working when they have no clear idea of what’s being backed up, how it works, and even who is backing it up.

Answering the following five questions is essential for understanding if your data backup solution needs an overhaul or a serious upgrade. 

1. WHY are you backing up data?

This may seem like an obvious first question. But different data has different priority. Often, businesses and organizations will spend a lot of time and money backing up everything—even old, uncritical documents that take up a lot of space. It’s good to spend time assessing your data. What’s the most mission-critical data that you need to restore the quickest? What’s next in priority? Is there any old data that does not need regular daily or weekly backups?

2. WHERE are you backing up data?

A recent article from Network Computing indicated that many organizations still use tape backup. That means a majority of organizations—possibly yours—rely on outdated, corruptible technology when better data backup solutions exist. Manual onsite data backup with traditional storage devices like tape, external hard drives, or thumb drives places your data at critical risk. It’s better than nothing, but too many things go wrong with these solutions. At a minimum, you need to back up your data both onsite and offsite through automated servers or a cloud solution to ensure full security and disaster recovery.

3. WHO is backing up your data?

In too many circumstances, non-technical people are saddled with handling manual data backups such as tape or external hard drives. When someone wears too many hats, data backup can easily fall off someone’s to-do list. Professional IT staff or an IT vendor needs to handle the complicated processes of data backup to ensure that your data is captured, tested, and recoverable in case of a disaster.

4. WHAT are you using to back up your data?

As mentioned above, manual data backup solutions have become outdated and high-risk. Typically, businesses are better off if they use an onsite server to back up data but the risk of full disaster still exists if your building is destroyed or severely damaged. Using the cheap storage of the cloud helps with offsite backups, and using cloud applications ensures that you can access your data from any location. Sometimes, you might still find a need to use an onsite redundant server (or servers) for certain applications where a server failure might risk data loss or interrupted business continuity.

5. WHEN do you back up your data?

This is also why it’s important to ask “Why?” Depending on the importance of particular data, you may want to back it up every hour, every day, or every week. We recommend at least every day for mission-critical or highly used data. For example, you might use an onsite server to capture hourly snapshots of financial or ecommerce data during the day. For all files (including non-essential documents), you might send a daily snapshot at the end of each day to the cloud. Having a regular schedule that is automated and enhanced by modern technology avoids issues of infrequent data backup (such as every week) or forgetting to back up data.

It’s also worth noting that cost may inhibit you from thinking about answering these questions and looking for a better solution. First, consider the cost of data loss. If a server fails or a disaster hits, what will happen? That’s usually a sobering thought and highly encourages many businesses to make the investment. But second, technology has significantly advanced to the point where many modern data backup solutions are comparable or even less costly than traditional tape or server backups. When you add automation and reliability to your cost-benefit analysis, it definitely doesn’t hurt to shop around for a better solution.

To talk more the 5 Ws of data backup, please contact us.

Tuesday, August 5, 2014
Alicia Klemola, Account Manager

It’s summer, and you’re probably enjoying the season but not the air conditioning bills that always skyrocket to keep you cool. With heat and cold, you clearly see the direct cause and effect relationship. You know that if heat waves extend over long periods of time, your power consumption will rise. If power bills become severe on a tight budget, then you might think of ways to reduce your air conditioning bills given the special circumstances.

Yet, technology increases your power consumption 24/7/365, stealing your money like a thief in the night. The cause and effect is less apparent. You know you need your servers and computers to help you run your business. Whatever it takes to maintain those machines, you’ll do it—including lots and lots of air conditioning to make sure servers and computers don’t overheat.

Luckily, there are ways to reduce your power consumption—and save money—if you know how to eliminate as much of your hardware’s power hungry appetite as possible. Use the following tips to assess your technology and explore if you can find ways to recoup some money through power savings. 

1. Reduce your total number of servers.

We live in a day and age when cloud computing has revolutionized technology. That means you don’t need as many servers. Instead, you can access critical software and applications through the Internet. This software is hosted in massive cloud data centers where you don’t have to worry about cooling and maintaining your own servers. The more servers you have, the harder your air conditioning has to work. So, the more servers you eliminate and switch over to cloud software, the more money you save.

2. Replace older desktops and laptops.

As technology improves, hardware manufacturers build leaner and meaner desktops and laptops. That technology includes advances in power efficiency, and so newer machines end up using a lot less power than older machines. Your older desktops and laptops are far less power efficient than newer models. Of course, while power consumption alone probably isn’t enough of a reason to justify replacing a computer, it’s another argument for your business case if you’re looking for reasons to purchase new computers.

3. Implement a telework policy.

An obvious way to lessen power consumption is by not using it at all. If your staff can work as effectively at home as they can in the office, let them stay home all or part of the week. Beyond power consumption, teleworking has proven to offer many benefits for both you and your employees. It gives your employees more flexible time to do their work while taking care of personal needs (such as kid-related activities or taking care of relatives), and you benefit from increased employee morale and productivity. Offering teleworking also helps with recruiting talent for your organization.

4. Power down or decommission servers and computers that no one is using.

This might sound like a silly or obvious tip, but you’d be surprised. In many business environments that we’ve seen over the years, we often find servers and computers running 24/7 that no one is using, and that no one has used for years. If you’re not using a server any more, work with your IT staff or vendor to decommission it properly. The same logic applies to computers that are just on and running. Only power up hardware that is regularly or semi-regularly used for a specific purpose.

5. Check load balancing on any servers that are running onsite.

Load balancing is quite technical and we won’t get into the nuts and bolts of it here. But it’s something your IT staff or vendor should rigorously monitor and check. On a high level, load balancing ensures that a server or servers aren’t overtaxed beyond what they’re capable of (such as a small email server trying to serve too many employees) or running at full capacity when they’re not being used much or at all (such as a GPS software server that few people use but that takes a lot of power to run). Load balancing helps make sure servers are handling as much input as they are capable of handling in the most efficient way.

From the obvious to the technical, there are quite a few ways to reduce your technology power consumption. Much of the time, we tend to run machines in wasteful ways that we wouldn’t do with other equipment. By powering down and eliminating hardware waste, you not only save money but also encourage a greener business environment. A lot of sensible energy policies center on waste, and the more waste you eliminate the better it is for the environment—and for your bottom line.

To talk about energy consumption in more detail, please contact us.  

Tuesday, July 29, 2014
John Miller, Senior Consultant

A recent tragic murder investigation in Atlanta led to a news report by 11Alive about how investigators used computer forensics to uncover deleted files from the alleged killer’s computer. In some discussion about the case as passing conversation, we heard a good question from a client: “If I want to make sure that sensitive business information is deleted from a computer, how do I make sure?”

In this alleged murderer’s case, he didn’t realize that even seeming to permanently delete files does not actually delete them. While investigators are thankful that this person didn’t know any better, it does bring up an important issue for cities and businesses. Simply reverse the situation: What if these investigators were professional criminals, corporate spies, or IT-savvy angry ex-employees who were looking through your seemingly “discarded” hardware with sensitive information inside? How do you protect yourself?

First, it’s good to understand two common misperceptions about deleting data from computers. 

1. When you delete a file, it’s not actually deleted.

You might already know this, but many users do not. They think by deleting a file that it’s gone forever. Tell them to go up to that Recycle Bin or Trash Can icon on their desktop. Double click. And yes, there’s all of their deleted files. It’s only when you delete files from this repository that you “permanently” delete all of your files. If a user does this, those files are now usually inaccessible to both themselves and non-IT savvy users.

2. When you permanently delete a file, it’s not actually deleted.

What? This is an extremely common misperception, and it’s a very dangerous one. Most people do not know that files still exist on your computer even when you “permanently” delete them. On a high level, what happens when you “permanently delete” the file is that you tell the computer that the space that the file takes up can be used if needed. Unless it’s overwritten by other data (which usually only happens if you’ve almost run out of disk space), it’s still there.

These misperceptions lead to cyber liability issues. Let’s say you sell or recycle a computer, and it ends up in the hands of someone outside your organization who is unauthorized to access sensitive information (like intellectual property or social security numbers). All they would need is a professional (for maybe a few hundred dollars) to recover any contents on the hard drive and use that information in a negligent manner. The rarity of such an incident is no excuse for allowing such information to get out there. All it takes is one breach of sensitive information for your city or business to face a lawsuit or even a criminal charge.

So, how do you really delete data? There are three levels of protection and assurance to make sure that deleted data cannot be accessed by people outside your organization. 

1. Encrypt your hardware’s data.

The information is still on your hard drive, but at least the probability becomes nearly nil that anyone can access it. Essentially, you require encryption passwords by a user to access anything on their computer. This is a separate password and set at a higher level than the password for opening up Windows or an application. If a computer gets into someone’s hands through a sale, recycling activity, or theft, the information will be worthless without the encryption password.

2. Professionally wipe the hard drive completely clean.

Encryption still offers a slim chance that someone could access the data. Unfortunately, there is no user-friendly “Wipe Hard Drive” button. To completely wipe the hard drive clean, you need an IT professional to handle the task. You can also try the process yourself, but it’s difficult for a non-technical person and introduces the risk that you haven’t properly wiped the drive clean. It often includes complicated software, technical steps, and even removing the hard drive from your computer and mounting it onto another computer. Let IT professionals handle such a procedure, and they’ll also make sure you’ve complied with cyber liability best practices.

3. Physically destroy the hard drive.

Similar to professionally wiping the hard drive clean, you don’t want to do this yourself. To be thorough and safe, let an IT professional handle the proper destruction of a hard drive to ensure that it’s done safely, completely, and in an environmentally safe way. This is the way to really have confidence that no one will access any data on a hard drive. If it’s gone and destroyed, there’s really no way for that data to be retrieved ever again.

As the alleged murderer found out, data can still be found unless you take further precautions. For cities and businesses, understanding this issue is a great help for cyber liability. Deletion on a computer just isn’t enough, and you risk that data getting into the hands of malicious people. At the very least, encrypt all of your computers (including tablets and smartphones). Then, when it’s time to decommission, use professionals to ensure that your computer’s hard drive is a blank slate or goes to hard drive heaven.

To talk more about encrypting and decommissioning computers, please contact us.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 |