This article is posted with permission from Sophicity’s CitySmart blog and shares non-technical, municipal-relevant insights about critical technology issues, focusing on how technology reduces costs, helps better serve citizens, and lessens cybersecurity risks. Sophicity is solely responsible for the article’s content.
Waiting until a disruption or disaster should not be the moment when you take action. Think about how you act proactively when dealing with many aspects of your life.
- Car service and maintenance to lessen the chance of an accident.
- Health checkups, exercise, and a good diet to lessen the chance of a heart attack or stroke.
- Repairs and maintenance on your house to prevent the effects of flooding, thunderstorms, leaks, or safety hazards.
Yet, technology at a city often gets treated like a beater car you’re driving into the ground, a person never exercising and eating whatever they want, or a house that you just let decay and rot over time with minimal upkeep. Why?
Too many times, we see cities only take action when a disruption or disaster hits. That’s way, way too late. Let’s look at some scenarios that might strike a chord with your city. If any of these scenarios speak to you, then you need to act. Now.
Warning Sign #1: No data backup testing.
If you have data backup and you’re not regularly testing it, then you may be in for a surprise.
Your city has some kind of data backup process but rarely or never tests it. A server fails containing all of your financial data. You grab your tape, external hard drive, or other form of data backup and attempt to restore the data. It doesn’t work. It’s gone.
Every city needs a combination of both onsite and offsite data backup to recover from both small events (like a server failure) and bigger disasters (like a tornado). Then you need real-time monitoring to identity issues and (at a minimum) test your data backup quarterly.
Warning Sign #2: No policy and procedures involving website hosting.
Too many cities still find themselves in situations where a third party webmaster is the only person with knowledge about the city’s website hosting. Another common situation is when the city surprisingly learns the vendor is no longer available or not even there.
A webmaster gets angry at the city and holds the website hosting information hostage. The city cannot access its website on the back end to make changes or regain administrative control. In this situation, the angry webmaster could even shut the website down.
IT professionals can help cities acquire and manage a city domain name, set up website hosting with a reputable service provider, and give administrative access to authorized city staff to avoid “hostage” situations.
Warning Sign #3: Aging hardware and software.
Unlike other long-lasting physical assets, technology assets often have relatively short lifespans. Hardware and software often needs replacing every three to five years because it gets old and outdated, is no longer supported by the vendor, and becomes unsecure.
A 15-year-old server critical to running city operations fails (such as your accounting and financial system).
Cities need to follow a hardware and software lifecycle management policy that mandates modernizing technology (such as upgrading servers at least every five years).
Warning Sign #4: Free or consumer-grade antivirus software.
Free or consumer-grade antivirus software isn’t adequate for protecting a city. Plus, it’s often “maintained” by individual employees who don’t keep the software up-to-date on their computers.
An employee clicks on an email attachment that seems like it comes from their boss. Because the antivirus software hasn’t been updated for a few months, the email attachment initiates a virus that gives a hacker access to sensitive city information. A massive data breach occurs.
Cities need enterprise-grade antivirus software that’s monitored and maintained by IT professionals. This ensures that it’s always up-to-date and preventing as many virus threats as possible.
Warning Sign #5: Non-technical staff handling IT problems.
As a way for cities to save money and quickly handle operational items, non-technical employees sometimes step in to handle IT problems. But that lack of expertise makes their actions risky and dangerous—even if they have good intentions.
A non-technical employee sets up a wireless router incorrectly. Through the security holes in the router, a major data breach ensues when hackers are able to access confidential information on the city’s network.
Trained IT professionals need to handle the intricacies of technology—from data backup to configuring hardware such as a wireless router. Just because you can buy consumer-grade equipment from a retail store doesn’t mean that it’s appropriate for your city.
In Part 2, we’ll talk about five more disasters that are waiting to happen.