We put the IT in city®

CitySmart Blog

Wednesday, November 14, 2012
Randy Weaver, Business Development

From October 24 to October 26, the great city of Valdosta hosted this year’s Georgia City-County Management Association (GCCMA) conference. From my experience, this organization hosts some of the best municipal conferences to attend in Georgia. Valdosta provided a great backdrop for this event, hosting dinner in its newly renovated downtown as well as providing tours to the nearby Moody Air Force Base. GCCMA also presented a great segment on Valdosta’s downtown redevelopment project.

The event was attended by more than 60 city and county managers. After sitting in on many sessions, talking to a variety of city and county managers, and taking a lot of notes, I collected some of the key takeaways and themes from the conference.

  1. Stress is weighing down city managers. The fact that the keynote presentation focused on stress shows that the rough economic recovery is forcing city managers to work harder, longer, and under more pressure. Doing more with less is difficult, and managing that stress was a key topic during the conference. Walt Stasinski, President of Potential Unlimited, did a great (and entertaining) job talking about stress and ways to remedy it.
  2. Information technology too often falls upon city managers as another “hat” to wear. Adding to their stress, city managers or assistant city managers are often stuck handling information technology. Often, they have trouble hiring for an IT role and finding people with the appropriate education to handle their most sensitive city operations. IT vendor management is an especially unfortunate time drain. That’s partly why we tend to help cities run small or large projects often just to handle the vendors—whether it’s a fiber optic project or networking computers in a new building. City managers have shown interest in alternative options to IT hiring because of these concerns.
  3. Cities are overpaying for websites. Many cities have continued to put out RFPs for websites expecting to pay anywhere from $10,000 to $50,000. Of course, many vendors will oblige that budget! Cities need to be educated about lower cost website options that can handle all of their needs—from a modern look and feel to sophisticated functions such as online payments. Incorrect website budget expectations are causing cities to waste money.
  4. Making city employees happy is more important than ever. Some of the sessions focused on better ways to negotiate employee contracts to help attract and retain talented employees. As cities go through rough times with hard-hit budgets, the last thing city managers want is for their best employees to go on strike or leave to go work someplace else. Some solutions that were discussed involved managing these potential problems earlier rather than later, and exploring ways to strategically outsource some work to keep employee hiring stable yet flexible.
  5. Pension plan questions need answers. The Great Recession made many people question their pension plans, and those questions still ripple down the road as the economy recovers. Quite a few people were hurt from the stock market crash, and a few sessions focused on helping city staff build sound retirement plans to take care of not only themselves but also their families. As a key part of attracting long-term talent to cities, pensions and retirement plans cannot be ignored.

Overall, attending the GCCMA conference was a great experience. I feel lucky to have talked to and learned from so many admirable city and county managers working hard and doing the best for their cities throughout Georgia. Despite their stresses, they are stepping up to the task of managing their cities. By networking with their peers at conferences like these, they end up sharing best practices and hard-won experience with each other. I can’t think of a better investment of time.

Thursday, November 8, 2012
Dave Mims, CEO

Just like many small businesses, we see a lot of cities that still have old websites with too much outdated content. Usually, these are signs that the city does not have an easy-to-use content management system (CMS) to update website content.

Technology has moved forward so quickly that it’s easy to think that websites still need a technical webmaster to handle everything related to the website. However, most websites today are managed and updated at very low cost by marketing and communications departments with almost no technical expertise.

Here are five things that your website content management system must allow you to do in 2012. If you cannot do these things, you are severely limited in your communications efforts with citizens and wasting too much time on what should be simple tasks.

  1. You must be able to create and publish your own content. A “webmaster” who still uploads all of your content along with handling every technical aspect of your website is a major red flag. A “wearing all hats” webmaster is not needed in 2012. So many content management systems exist that make creating and publishing content as easy to use as Microsoft Word. In addition, citizens expect updated, fresh content about news, city council meetings, and events. If your last news item or city council meeting minutes on your homepage is more than 3 months old, it reflects poorly on your city.
  2. You must be able to update your content anytime, anywhere. Content management systems today are convenient because you can log in from anywhere—home, the office, a coffee shop—and update content. This is especially useful because of the nature of content today. People expect fresh content. When news hits, you should be able to update your website instantaneously from wherever you are. You shouldn’t be stuck without the ability to update until getting into the office at 9 a.m. the next morning.
  3. You must be able to set roles and permissions. Obviously, you don’t want all employees to be able to change your core website content. That’s why setting roles and permissions is standard in most content management systems. You can make sure that some people are administrators, some can update only certain parts of the website, and some can only create and upload content for approval. This keeps content creation flexible and easy while still limiting who can alter the website.
  4. You must be able to collaborate and share the most current versions of content. Good content management systems allow you to collaborate on a piece of content without confusion. Let’s say I’m working on information about a community event downtown. I can upload the event information and then another person can review it and make changes. If someone else also wants to review it, it is clear what the latest version is and who modified it.
  5. You must be able to centralize and organize content. The great thing about a content management system is that all content is centralized and organized. You can review all recent news items, city council agendas, city council minutes, event items, and any other content uploaded to the CMS. Good content management systems organize content by category—by topics (news, events, etc.), type of content (articles, blog posts, etc.), and tags (tax information, public safety information, etc.). This way, it’s easy to keep track of all content that has been published or that is still pending review.

If your city cannot easily do any of these things right now with its website, then you might be delighted to find many compelling, low-cost content management system options on the market that will literally transform the way you create and publish website content. A website that remains updated and fresh shows vitality for your city, and as trends move more toward better and better content on websites, you need to be able to demonstrate that your city is always communicating with its citizens.

To discuss content management systems in more detail, please contact us.

Tuesday, November 6, 2012
John Miller, Network Manager

One of the most common scenarios we see when cities are struggling with document management is when employees rely too much on email for sending, storing, and revising documents. You’ve all felt that pain, right? Which version is the most recent version? When did I send that file? Uh oh, I need that document from two years ago—let me check my archive email folder…

An excellent infographic from KnowledgeTree has been making the rounds, and it quantifies some of the impact of email on document management. We selected some of the stats that particularly struck us as significant – and alarming.

  • 90% of documents are revised more than two times. That means a lot of documents need to be swapped back and forth between various people.
  • 46% of people share draft documents via email.
  • 59% of people gather feedback via email.
  • KnowledgeTree says, “Using email to gather approvals adds a day and a half delay compared to a document management tool.”

Clearly, this reflects a lot of time wasted, frustration, and slowed productivity. No wonder city clerks often tell us they appreciate a document management solution that saves them time and money, while making everyone’s jobs easier. Email alone just does not work for document management.

Switching to a document management tool helps alleviate many of these email inefficiencies.

  • Finding Documents Instead of searching your unorganized email for documents, a document management system centralizes documents and makes them easy to find.
  • Never Losing Documents What if you need an important document for an audit or a legal reason and...you could have sworn it was in your email. With a document management system that scans and stores all city documents, the responsibility of keeping and accessing documents becomes a citywide function and policy – and not relying on employee email inboxes.
  • Better Audit and Open Records Readiness During an audit or open records request, searching emails for information is a costly and logistical nightmare. A document management system makes you audit ready and quick to access any needed documents.
  • Automating Workflow With email, sending off documents for revision and feedback can get haphazard and chaotic. Who is reviewing what, and when? What’s the most recent version? Automated workflow capabilities enforce simple rules, including locking out documents to everyone but the person editing, requiring various steps of a review process to be followed, and ensuring that proper approvals are made to all documents.

If you’d like to talk more about the benefits of document management versus email, contact us.

Thursday, November 1, 2012
Clint Nelms, COO

As cyberattacks continue to affect cities, cities are finding not only their defenses weak but also their knowledge about cybersecurity to be minimal. It’s difficult to keep up, but the consequences of not keeping up are costly. Hackers recently stole $400,000 from the city of Burlington, Washington, and phishing attacks continue to increase in complexity—with often lethal results.

GovTech recently featured a great resource for local government called the Center for Internet Security based in Albany, New York. It’s not only a good website for cybersecurity resources but also for communication between different cities to help share information.

In examining the Center for Internet Security’s website, we were impressed to see various guides targeted toward non-technical decision makers such as elected officials, administrative officials, and business managers (such as finance officers). We wanted to highlight a few of the guides we found most beneficial for cities.

Getting Started

The Getting Started guide is an excellent overview of cybersecurity for those who have not dealt with the topic head on before. Some key insights include:

  • “Cyber security is a business function, and technology is a tool that can be used to more securely protect information assets.” It’s important to understand that it’s a business function, rather than just a technology “nice-to-have.” If you think about cybersecurity more like insurance, your mindset is more aligned with its business importance.
  • The threat of cybersecurity means local government shutting down. The report makes it clear that if a city’s website goes down, data is lost, or information is stolen, then the city becomes fully compromised. These are risks too great to ignore.
  • The guide provides a “Top Ten Cyber Security Action Items” list with excellent prioritization of key cybersecurity activities. We especially like the practical advice about recognizing a problem, recommendations on dealing with a cybersecurity problem, and extra tips about physically securing equipment and hardware (including disposal).

Erasing Information and Disposal of Electronic Media Guide

An often overlooked but important area of cybersecurity, this guide has some excellent non-technical information about how to erase and dispose of sensitive data. Some key insights include:

  • The guide points out that “deleting files does not erase information.” We’ve found that many non-technical users and decision makers believe that deleting information means it’s gone. It’s not—which is especially important if someone steals a device, or a laptop is reused by an employee who should not have access to sensitive information that may still be on it.
  • Data erasing and disposing techniques are discussed, which give an idea of the complexity and seriousness of this activity. The guide recommends using an expert contractor or vendor if no one on a city’s IT staff has experience professionally erasing and disposing of data. This ensures you comply with all laws and regulations around data disposal.
  • An easy-to-use matrix is provided that covers what method you should use to erase and dispose of data for various media types (hard drives, printers, copiers, fax machines, CDs, DVDs, USB drives, tapes, cell phones, etc.).

Secure Credit Card Payment Process

Because so many cities have shifted to online payments, it’s clear that this is an extremely sensitive area that hackers often try to exploit. This guide gives a great non-technical overview of this complex area.

  • The guide describes basic online payment industry standards. If the acronyms PCI-DSS, PA-DSS, and PTS sound unfamiliar, this section is a must read for city officials.
  • Many cities think that they are not considered merchants or, that if they use a third party payment vendor, that these payment compliance laws do not apply directly to them. Think again. The guide discusses how local government is responsible for following payment compliance – even when using third parties.
  • In blunt, stark terms, the guide justifies any costs of compliance. It’s easy to tune out vendors who talk about compliance but then tell you it will cost money to upgrade hardware and software (which may require some fundamental changes to your server and workstation maintenance). But, again, think of it as insurance. What happens if citizens’ credit card information is stolen? The cost—both direct and indirect—is too high to risk.

We recommend visiting the Center for Internet Security’s website, taking a look at the information, and getting more involved with them. Also, if you want to discuss any of these areas in more detail, please contact us.

Tuesday, October 30, 2012
Dave Mims, CEO

A recent article in the Guardian featured an interview with Dominic Campbell, the idealist who started FutureGov. As someone who worked in local government early in his career, he grew jaded by many things—one of which was IT budget bloat.

The article explains some of Campbell’s key frustrations:

Campbell, 32, is scathing about the public sector IT establishment. He first came across the corporate purveyors of costly, grandiose systems as a local government trainee in Barnet in 2002. [...] [Campbell says,] “...I became aware of these huge, expensive IT systems which were not value for money, which were not doing the job they claimed they would do, were slow, and involved ridiculous amounts of time telling people they were stupid, because they couldn't use a stupid system." Local government's fatal attraction to these IT systems (he describes them as "one big rip-off") was symptomatic of the reasons why he left the municipal world.”

While he’s talking about local government in the United Kingdom, the same problems exist for local government in the United States. Largely, it’s a lingering aftereffect from the IT explosion of the late 1990s and 2000s when organizations were conditioned to think of their problems as only solvable by “IT systems.” These “IT systems” were billed as “solutions” by vendors looking to make LOTS of money—but often without precisely solving an organization’s needs.

Today, many of these systems are expensive overkill, and they’ve been disruptively challenged by current technology trends (such as cloud computing). However, if it is not your job to keep up with the speed of technology, you (and many vendors that want to persuade you) may still think a giant “IT system” is the answer to your needs.

To help you better prevent system bloat in your IT budget, here are some key places to assess what you currently have and see if some cost savings are in order:

Website Hosting and Maintenance

This is probably one of the easiest areas to cut costs, especially if you haven’t reexamined your website in the last three to five years.

  • If you still have a “webmaster,” that’s a major red flag. Webmasters are now considered almost obsolete. There are so many content management systems that make updating website content as easy as using Microsoft Word.
  • Examine your annual website hosting fees or at least see if you’re spending excessive IT staff time and money maintaining your own website. Shop for other options, even if you think your website hosting fees are reasonable. You’ll be surprised.
  • If you haven’t updated your website in many years because you think it would be too expensive, or you have gone through a costly redesign at some point with little discussion about the needs of your staff and end users, then you are likely in a position to reevaluate your website costs.

Tape, Disk, or Other Manual Backup Systems

Even if you are using a very good tape, disk, or other manual backup system, you’re wasting money. Automating data backup and getting rid of physical storage devices helps you decrease liability and save money. We also find that these cumbersome and costly manual systems often fail basic data backup testing and auditing requirements, usually because the manual aspect introduces too many possible points of failure. People forget to back up the data, fail to test the backups, or handle storage media improperly.

Email Servers

With so many powerful and low cost email cloud options offered by major companies (Google, Microsoft), it’s often overkill to have your own email servers and licenses. While we like Microsoft, we recommend even getting rid of your Microsoft Exchange servers and using their cloud solutions instead. The cost savings, scalability, and security is much better than the hassle of managing your own servers.

Document Management Systems

Be careful about bloat here. There are many document management systems that are simply overkill. We recently wrote an article discussing some ways to evaluate a document management system vendor. Basically, you need a cost-effective and agile solution to:

  • Scan, store, and archive documents.
  • Set access and authorization rights.
  • Automate document workflows.
  • Access documents anytime/anywhere.

If you sense that you are paying too much or that there are zillions of document management features you’ve never used, you want to shop around.

Online Meeting and Conference Call Software

If you are paying a large chunk of money for conference call software, it’s likely a waste. There are many free or low-cost systems with the high quality software and communications technology you need to conduct conference calls. Often, cities are sold expensive conference call systems with excessive features that they never use. A trusted IT vendor can help recommend some free or low-cost software that meets the needs of cities.

Of course, there are many other line-of-business systems you should challenge (such as accounting, public safety, court, etc.) that may be wasting your money. But the areas discussed above are some of the foundational, key areas of technology spending where we often find most sources of IT bloat. By cutting this bloat, you save taxpayer money while also increasing the return on your technology investments.

Contact us if you’d like to discuss any of these areas in more detail.

Friday, October 26, 2012
Dave Mims, President

Recently, Fairfax County, Virginia experienced a notable failure in its online payment system when the website went down on the day of an important tax deadline. According to the article, the county handled the situation poorly—telling citizens they would still be charged late fees despite the online payment option being unavailable. Obviously, citizens were angry. The county later relented and provided an extension.

With revenue and money on the line, the failure of an online payment system can be one of a city’s most embarrassing and noticeable failures. Many online payment vendors exist, and the breadth of choices and costs can be overwhelming. On the most basic level, though, a city cannot simply choose the cheapest vendor or be wowed by features. At its core, you have to know it’s going to work and truly serve citizens in a high quality fashion.

We have provided ten questions to ask your online payments vendor—whether you’re already using one or you’re looking for options. There are plenty of questions to ask beyond these—especially considering your business processes, desired future payment capabilities, and specific features—but these questions cover the basic fundamentals that are too often glossed over when looking for an online payments solution.

  1. Where is the website hosted? Is the online payment system part of your existing website? Or will it send citizens to a third party website? You want to make sure you know enough details about where the site is hosted to make sure it is meeting your needs and adheres to best practices.
  2. Will the online payment experience be seamless for the customer? Will it feel like customers are still on the city’s website, without an abrupt jump to another website? Abrupt jumps on a website can cause customer wariness. The online payment system should either plug in seamlessly, or website design and development resources should be available to make that transition smooth for customers.
  3. What is the guaranteed uptime of the online payments site? A robust cloud solution should push this to near 100%, but ultimately you want to make sure something as service-focused as paying online is working nearly all of the time. If you are hosting your own servers or using a data center, make sure you vet the hosting provider thoroughly. If peak times, such as the day when everyone is likely to pay their bill, crash the server, then that is a major red flag.
  4. What is the security of the online payments site? Cities should expect the same security from an online payments vendor that they would expect from their personal online banking. That means an industry standard level of encryption, strong authentication, strong passwords, regular auditing, and the ability of the vendor to provide documentation proving that they are testing their security controls on an ongoing basis. In addition to these basic technical requirements, it should also be clear who can access and change any payment information. Permissions and access need to be controlled with sufficient rigor and protection.
  5. How is the data backup and disaster recovery? If a server goes down, what is the time to recovery? Again, having a cloud solution helps immensely, but any online payment system should have significant data backup, disaster recovery, and business continuity.
  6. How is customer support? If people experience technical problems, how is the technical helpdesk in terms of responding and resolving those problems? Customers should not be left hanging with issues, and the most common user issues should be resolved by clear forms, helpful error messages, and ways for users to help themselves.
  7. What is the system’s ease of use? An online payment system should be easy to use, understand, and navigate from step to step. Using clear simple English (instead of technical jargon), it lets people know what step they’re at in the process and orients them at all times. Your most non-technical user should be able to use and understand it.
  8. Are there a variety of payment options? A good online payment system should provide a variety of payment options such as checking accounts, multiple credit cards, etc. It should also remind customers that they can also pay in person or by phone. Sometimes if people balk at using an online payment system, they resort to the phone or in person in panic. Provide as many options as possible to reassure citizens.
  9. Are logins and passwords easy? The login and password process should be easy, and it should not be a problem in case someone forgot a username or password. Capchas and difficult login credentials should not be an obstacle to using the online payment system. Otherwise, less people will use it.
  10. Is administrative access easy to use to resolve problems? Can someone at city hall make sure simple problems are resolved? You should not have to rely on technical support for simple problems such as a customer filling in a form incorrectly or disputing a simple billing error.

While we can only speculate about the source of Fairfax County’s online payment issues, from our experience we’ve seen similar problems occur when there is poor website hosting, lack of planning for peak use times, and a lack of strong technical maintenance and support. These kinds of problems are preventable if you have the right IT infrastructure in place to handle your customer demand.

Contact us if you’d like to discuss online payment systems in further detail.

Thursday, October 25, 2012
Clint Nelms, Network Infrastructure Practice Manager

A few months ago, we wrote a blog post about severe weather threats. Those continual threats highlight the need for every city to consider and implement a serious data backup solution. Since that post, Hurricane Isaac came hurdling through the Gulf of Mexico and threatened many of the same areas that Hurricane Katrina compromised back in 2005. Right now, Hurricane Sandy is projected to hit New England and threaten many of its cities.

Too many cities still have ineffective data backup and disaster recovery solutions. They may still use tape backup, manually back up data with disks or tape, or keep all of their servers onsite. They may consider an offsite backup solution as storing data in a different building or in a bank vault a few miles away. Considering the nature of disasters, these solutions are not good enough to meet the high standards of modern data backup and disaster recovery best practices.

Instead of simply finger wagging about best practices, let’s imagine a nightmare scenario and how it would play out. Then, let’s examine that same scenario through an “ideal” lens—that you can easily make a reality.

The Nightmare: Long Time to Recovery and Permanently Lost Data

Let’s say a disaster affected your city. It doesn’t matter what—a hurricane, severe thunderstorms, wildfire, a tornado, fire, or theft can all have the same impact. These are also relatively common scenarios, and not hard to imagine. We’ll assume you’re doing at least some data backup. (If you aren’t backing up any of your data, it’s clear what would happen in case of a disaster).

Let’s say that all of your servers are located onsite. Your city clerk takes tape backups to a bank vault every week. In the disaster, your servers are lost or destroyed. They are no more. Based upon our experiences from assessing many cities over the years, here is a sample scenario detailing what you can expect to happen:

  • First, you need to order new servers. Based on the time it takes to order hardware, expect about 3-4 weeks until they arrive.
  • The city is out of business until the servers arrive. Even though the city manually backed up its onsite data onto tape, it has no offsite or remotely accessible data to rely on while the new servers are in transit. For 3-4 weeks, the city is reliant upon any services that are paper- or cloud-based. It will have to set up some temporary processes of dealing with data (e.g. property taxes, fees, payroll, etc.) until the servers arrive.
  • Finally, the servers arrive—three weeks after the disaster. It’s time to get the tape backups loaded onto those servers.
  • You recall that the city clerk does a weekly manual backup on Fridays. Since the disaster happened on a Thursday, you realize you have no data from the previous Monday through that Thursday. You’re starting off realizing you’ve permanently lost four days of data.
  • After loading the tapes and transferring the data (which takes a long time), you eventually discover that about 30% of the tapes fail. There goes 30% more of your data. When you probe into the matter, you find out that no one on the city staff was testing the data backups. They had just assumed the tape backups were working.
  • You are able to restore about 70% of the city’s previous data, but it takes a while for everything to restore properly. The city’s IT staff person and IT vendor had not done disaster simulations, so they run into a variety of technical issues as they try to get the data up and running.

Finally, eight weeks after the disaster occurred, 70% of the city’s data is now running and functional. But eight weeks is a long time. The city wound up losing 30% of its data, was out of commission for 3-4 weeks while the hardware arrived, and then spent 5 more weeks until the 70% of the saved data could be used with full functionality.

You never need to find yourself in this situation. Let’s look at the ideal—which is actually reality for many cities following disaster recovery best practices.

The Dream (That You Can Easily Make a Reality)

Your situation: You have onsite and offsite data backup. It runs automatically and is handled by an IT vendor. You test often and simulate a disaster on a quarterly basis. Your disaster recovery plan covers all possible disaster scenarios, from a simple server failure to a full catastrophe.

In the disaster, your servers are lost or destroyed. They are no more. Based upon our experiences assessing cities over the years (especially from the cities we work with), here is a sample scenario detailing what you can expect to happen:

  • Since your backups are hourly, your last data backup snapshot was from 11 a.m. on Thursday when the disaster hit.
  • Since you have offsite data backup, your data is stored in two separate data centers thousands of miles away from your city.
  • The city calls the IT vendor after the disaster hits. New servers are shipped to the city, fully loaded with the city’s data.
  • Those servers arrive 24 hours after the disaster. They are fully functional and ready for operations.
  • These servers work like a charm, since they are regularly tested and audited.
  • While the city does not have a functional City Hall, it has decided to set up in a room at the public library as a temporary location. Since all email, document management, and website data is stored in the cloud, these services were not affected by the disaster. Employees have been accessing these services at home or at the library through a simple broadband Internet connection.
  • For all intents and purposes, other than losing their physical building to a disaster, the city is running and fully functional.

One week after the disaster occurred, the city lost only a miniscule portion of its data (any data that was not saved after the last hourly snapshot at 11 a.m., Thursday). The city only had to worry about electricity. Once electricity was restored, the city just needed Internet access for most services (those based in the cloud) and only waited 24 hours for its onsite non-cloud servers to arrive. Within a week, it was almost as if a disaster had not occurred.

Some simple investments in data backup and disaster recovery ensure that a city is a leader—up, functional, and helping citizens from the minute the disaster occurs. When a city loses all or most of its data, it cannot help citizens when they need the most help. Make sure you have a workable, comprehensive disaster recovery program in place. Contact us if you feel your disaster recovery is lacking.

Wednesday, October 24, 2012
Dave Mims, President

Georgia Municipal Association helps city stabilize data backup, disaster recovery and email

The City of Flowery Branch, Ga. is a cozy community nestled on the banks of Lake Lanier with its history dating back to the late 1800s. Despite the town’s historical charm, Flowery Branch needed its network infrastructure to catch up to modern technology.


Antiquated and unreliable, Flowery Branch’s IT services concerned city officials. The stability and security of the city’s email, server hosting and data backup affected city operations and jeopardized the ability to recover from a disaster.

However, costs to implement and maintain technology upgrades also alarmed Flowery Branch’s city leaders. In their technology assessment, hardware, software and labor expenses to upgrade technology were higher than what the city had budgeted. It seemed like a lose-lose situation.


Flowery Branch engaged with the Georgia Municipal Association and utilized its “IT in a Box” service.

Powered by Sophicity, “IT in a Box” is a complete IT solution for cities and local governments. The service includes a website, data backup, offsite storage, email, document management, Microsoft Office for desktops, server and desktop management, vendor management and a seven-day a week helpdesk.


By leveraging vendor management, which is included with IT in a Box, Flowery Branch’s telecom contract was renegotiated creating a potential savings of $203,886.90 over a 10-year period. In the first year alone, the city saved $39,035 (or 48 percent) of the costs typically spent modernizing a network of its environment and size. These savings helped Flowery Branch stabilize its technology and create a predictable IT budget.

Additionally, “IT in a Box” helped Flowery Branch:

  • Mitigate the risk of data loss through onsite and offsite server backups
  • Ensure a highly available and dependable email system
  • Move to a faster Internet connection
  • Decrease spending on telecommunications services
“The City of Flowery Branch certainly feels as though we gained a partner in working through our IT issues. Sophicity has been responsive in showing us options that made operational and fiscal sense.”
— City Manager Bill Andrew

If you're interested in learning more, contact us about IT in a Box.

Print-friendly version of the Flowery Branch, Georgia IT in a Box case study.

About Sophicity

Sophicity is an IT services and consulting company providing technology solutions to city governments and municipal leagues. Among the services Sophicity delivers in "IT in a Box" are a website, data backup, offsite storage, email, document management, Microsoft Office for desktops, server and desktop management, vendor management, and a seven-day a week helpdesk. Read more about IT in a Box.

Friday, October 19, 2012
Dave Mims, President

While a federal law does not necessarily signify any local government requirements any time soon, cloud computing may soon become a requirement at the federal level. A new law (the 2012 Cloud Computing Act) presented to the United States Senate in September mostly outlines the definition of the cloud as it pertains to criminal and civil protections against unauthorized access. But NextGov highlighted some important verbiage at the end of the law.

Not later than 180 days after the date of the enactment of this act and not less frequently than once each year thereafter for four years, the head of each federal agency described in section 901(b) of title 31, United States Code, shall, consistent with Cloud First policy outlined in the document of the Office of Management and Budget titled "Federal Cloud Computing Strategy" and dated Feb. 8, 2011, submit to the administrator of the Office of Electronic Government and Information Technology of the Office of Management and Budget a three-year forecast of the plans of the agency relating to the procurement of cloud computing services and support relating to such services.

While some in the media have noted problems with the law (scope, wording, potential overregulation), we tend to view such legislative attempts—whether they succeed or fail—as signs of things to come. And the law does highlight some of the key reasons to invest in the cloud.

  • Cost savings By reassessing your hardware and software investments, you’ll often find that the cloud will save you money. The federal government’s Office of Management and Budget estimates $5 billion in savings if more agencies use the cloud. While your savings may be more modest, they will still be significant.
  • Efficiencies gained Because your services are managed by high-end vendors who operate on a massive scale, you gain efficiencies that are hard to obtain if you or a traditional data center manages your hardware. Almost 100% uptime, quick speeds, minimal technical problems, 24/7 support, and full data backup and disaster recovery are only a few of the efficiencies gained with cloud services.
  • Pay for what you use Probably one of the greatest selling points about the cloud is that you only pay for what you use—like a utility. In the past, many cities have had to invest in expensive servers and software licenses that were often more than they needed. If the city needed to scale up or scale down, it was nearly impossible to do so on short notice. With the cloud, if you need to add or subtract a server, a user account, or a software license, you can do it with a click of a button.

In addition, we’ve also seen cloud computing alleviate some of the worries that the law talks about related to data privacy, retention, and security:

  • Data privacy While many cities worry about the privacy of sensitive data in the cloud, the reality is that the cloud often requires stricter and more comprehensive privacy standards than cities can craft themselves. Cloud vendors are often massive companies with too much to lose if data does not remain private—and so they employ the best security standards and policies when handling your data. Plus, because the data is not stored on personal devices, there is less chance of employees accidentally sharing or leaving private information on an unprotected or stolen device.
  • Data retention The cloud offers stricter and more robust ways of archiving, retaining, and purging data. This is especially useful when dealing with open records requests, audits, and documenting information. To avoid future liability, the higher expectations for data collection and retention can be handled well by cloud solutions.
  • Data security One of the greatest bargains with cloud computing is the high level of security. Since major vendors often offer cloud services, they have some of the highest security standards in place. When combined with a city’s policies, your data ends up protected from hackers, encrypted, and restricted to only authorized users. With increased attempts at hacking happening every day, this level of security is becoming standard.

Despite some lingering issues about the law (such as its vague definition of cloud computing), know that you’re heading on the right track if you place more of your services in the cloud. The cloud saves you money, increases efficiency, and helps you avoid many future liability issues. And eventually, it may even be the law.

If you'd like to discuss these issues in more detail, feel free to contact us.

Tuesday, October 16, 2012
John Miller, Network Infrastructure Manager

Lately, a lot of articles are discussing the pros and cons of teleworking and employees bringing their own device to use at work. Since these activities are such a cultural change for organizations, these same debates are probably taking place at your city. In this post, we review some of the most recent discussion points and guide you toward what you need to be thinking about concerning telework.

A Teleworking Calculator Shows Budget Impact

A variety of government technology publications recently wrote about a telework calculator created by Govloop and HP. By individual or team, the telework calculator shows (roughly) how much you might save by taking into account:

  • The number of days you’d telework per week
  • Round trip miles per day
  • Vehicle type
  • Average time spent commuting per day

Not only does the calculator point out an annual cost savings per employee but it also shows productivity gained in terms of hours and money. While the calculator can only provide rough estimates, these calculations do accurately represent the kinds of indirect benefits that a technology upgrade and shift to teleworking can have on cities.

We have written about the benefits of telework before, so it’s interesting to note some reinforcement of our ideas by this fact (shared on Govloop after you calculate your savings): “The average employer will pay nearly $10,000 per employee towards energy, real estate and production costs each year.” If you can even shave a fraction of these employee costs through teleworking, you’re saving real dollars in your city budget.

Security Concerns With Teleworking

Unless you purchase computers for all employees upon which they can only perform city business, then your employees are probably using their own desktop computers, laptops, and smartphones to do their telework. While this may save money and ease the act of teleworking, the dark side of this trend is poor security.

Government Technology’s recent article is representative of these concerns, pointing out that securing and supporting these devices is creating a headache for IT staff. In addition, the bring your own device trend can also create a headache for city administration. How much is a city obligated to offset the costs of teleworking? That means:

  • How much should I subsidize the use of a device (laptop, tablet, smartphone)?
  • How do I secure the device?
  • How do I support the user when they have problems with the device?

In the past, we’ve discussed our recommendations about employees bringing their own device. We believe in enabling teleworking, but you need to be strict about employees’ personal devices.

  • When you’re dealing with sensitive government data, being overly nice and accommodating to employees is not going to work long term. There needs to be some clear restrictions and policies.
  • Probably the best solution to consider that can make everyone happy (or happiest) is a cloud solution. Cloud solutions can be secured and supported as much as you want, regardless of what device is being used.
  • In addition, if you’re noticing too many IT support calls related to old or poorly maintained employee-owned devices, you might just consider buying new city-owned devices to standardize and simplify your IT support.

Read more about these topics from some of our past articles:

Why Teleworking Works for Local Government
How City Employees Can Bring Their Own Devices Without Risk
Dear Local Government: Be Enthused About Cloud Computing

If you have questions about teleworking and employees bringing their own devices to work, please contact us.

| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 |