Tag Archives: Municipalities

What type of testing is right for your website – Understanding the difference in website testing

In the last few weeks there has been a rise in reported malware and malicious attacks on small municipalities. Testing of three small municipality websites in recent weeks by our team has resulted in failures on all sites basic security parameters. We often hear small organizations saying they don’t need to worry about attacks, they aren’t “big enough” but anyone can be a target.

Regular testing your website for known vulnerabilities and emerging threats should become a part of your Cyber Security Road Map. The first step is identifying the type of web testing that is right for your infrastructure. Here are a few key questions to consider;

1) Where is your website hosted – do you host it yourself? Is it hosted by a third-party?
2) Who is responsible for the security of the host system, the operating system?
3) Do you have a web application firewall such as CloudFlare in front of your website?
4) Is your website a static page with content?
5) Do you have a login and if so what type of data is behind the login? Customer, pricing, private personal?
6) Do you have any API interactions with other applications?

When you start down the road of testing your website you want to consider the host operating system and the application. There are two key types of testing available, fully automated scanning and manual testing. Fully automated scanning is used for both host operating systems and web applications. The host operating system scan will scan for all currently known vulnerabilities affecting that operation system. It will report back on the CVE, the risk and usually suggested remediation tips. The same is true for the web application scanning. The fully automated web application scanner will scan your website at a minimum for the OWASP top 10 vulnerabilities and report back on risks and remediation. https://owasp.org/www-project-top-ten/.

Manual testing means that you have an actual person who is using various methods to determine the security of a host or the application and If the rules of the engagement permit, they will attempt to exploit a vulnerability and gain access, modify content or download information. There are varying degrees of manual testing, the simplest is one tester and one day and the more extensive 2 testers and 5 days of testing.

The type of test that is required for your website really depends on two main factors –

 

1. Have the host and application ever been tested before?

2. What is the criticality of the data being processed or stored on this site?

 

For example, if you have a very static page of content that is hosted by a third party, chances are a good OWASP 10 scan of you site will be sufficient to let you know if you have any glaring misconfigurations that could lead to a website defacement or potential attack on your site. If your website has a login and you allow users to sign up for accounts and host dynamic content, you would want to make sure you consider a manual test at least for the first test. Once a thorough baseline has been established for the site, testing can become more routine and automated.

We recommend you develop a plan for testing and make sure to include the above considerations. There might be special notifications you have to give in writing to a third party before you test an application, you might have to have a testing IP whitelisted in a web application firewall, you may need special accounts set up in the application for testing.

If you are unsure what type of test is right for your website, reach out to us and we will be glad to discuss options with you.

http://www.mi613.ca

Share

Customer Service Excellence – Maximizing Efficiency and Improving Customer Service

April 15th 12pm – 1 pm EST

Customer Service Excellence – Maximizing Efficiency and Improving Customer Service

AccessE11 Citizen Issue ManagementMunicipal 311 Software Designed for Local Government

Produce better relationships with citizens through automated status updates with a highly-integrated platform your staff will love.

  • Is your municipality looking for ways to improve your complaint and service request management?
  • Do you want to better understand the issues citizens are bringing to your municipality?
  • Would you like for your citizens to be able to view and update the issues they bring to your municipality?
  • Would you like valuable reports for your department heads and council?
  • How about collaborating with staff on the issues they are managing?
  • Want to streamline services requests and effectively manage them?

AccessE11 is a cloud-based, easy-to-use software solution to assist municipalities in better managing, tracking and reporting citizen inquiries, issues and complaints impacting your community.

Register for our April Webinar to learn about all of this and more!

Presented in Partnership with The Ontario Municipal Leadership Institute

           

Share

Digital Speaker Series – Trade Treaty Obligations in Canadian Public Sector Procurement

It has been nearly four years since the implementation of CETA and CFTA. In that time we have seen the arrival of CPTPP, the shift from NAFTA to CUSMA and Canada’s continued negotiation of more public procurement agreements. Join public procurement lawyer Timothy Cullen’s interactive presentation for:

  • an overview of applicable trade treaty procurement rules;
  • a post-implementation update on the trade treaties in force; and
  • insights on what lies ahead.

Join us Tuesday, April 27 at 10:00 AM ET to learn more! 

Learn More & Register Here

Share

Key Considerations for Local Government Software Adoption

When it comes to adopting new software, local governments have historically been somewhat cautious. And you can understand why. Government authorities face a number of unique challenges and must operate under certain constraints that do not always apply to others.

For instance, local government systems that are public-facing must be highly reliable because they have to be online 24/7/365. They must also be private and secure, particularly where personally identifiable information for residents comes into play.

Furthermore, they must have the ability to serve a large number of users. Unlike commercial businesses, a local authority’s target audience is the entire population of a region. Meaning systems have to be capable of supporting multiple languages and accessibility needs and be able to withstand unexpected surges in demand.

Civic Pulse recently conducted a survey asking local officials what they look for in government software. In order of importance, their top criteria included affordability, low “total cost of ownership”, and local government fit. Ease of use was important too, as were strong service and support.

The results indicate a clear pattern. Local governments are not averse and, in fact, are looking to implement better software. But successful solutions must easily adapt to existing processes, constraints, and practices. Otherwise, most local officials will be reticent to implement them.

Local Government Fit

Local governments want software that provides them with extra “capabilities” but that doesn’t necessitate massive changes to existing processes. However, unless they are built from the ground up with municipalities in mind, off-the-shelf solutions rarely mesh well with existing municipal operations and often fail during implementation. And even if they can be customized to do what is necessary, the amount of work, risk and cost usually increases to the point of being untenable – particularly for smaller municipalities.

The problem is this: local governments can’t make do with one-size-fits-all software anymore. As the Civic Pulse research shows, local authorities differ from each other significantly across multiple dimensions.

Total Cost of Ownership (TCO)

More than ever, municipalities are dealing with severe budget constraints. COVID-19 continues to affect our communities in terms of public-health, socially and economically, and local governments are bearing the brunt of this. Reduced revenues coupled with the need to maintain existing services and direct more money to public health have come at a significant cost.

Not surprisingly municipalities are looking for ways to control their expenses, including how they are choosing to implement new software solutions.

What is TCO?

Simple: it’s the sum of all direct and indirect costs associated with buying, implementing and managing the software over its duration of use.

There is a wide range of factors that impact TCO. For instance, easy-to-use software lowers TCO because staff time to learn and use the software is reduced. Software with exceptional vendor service and support also has a lower TCO because resolution of software issues or response to user queries happens quickly.

Software vendors that will appeal to local government brands feature comprehensive knowledge bases for self-help, online training, and dedicated remote support capabilities. Increasingly, vendors are moving to show government departments their return on software investments in real-time. Measuring the TCO against labour-saved by the solution gives local governments the data they need to justify continued spending.

Affordability

Affordability is perhaps the biggest constraint for government departments looking to purchase software. Local governments need to keep their infrastructure costs low to continue providing high-quality, front-line services to the public.

Consistent with what is happening in the private sector, local governments are embracing cloud-based solutions that minimize large capital purchases and the need for additional in-house IT resources. This has the added benefit of allowing the infrastructure to scale with demand, ensuring that any unnecessary spend on infrastructure is avoided. Flexible pricing models that allow local governments to choose the capabilities they need a la carte are also attractive.

AccessE11 – Built for Local Government

A large number of local governments have selected AccessE11’s citizen request software precisely for the reasons described above. With AccessE11, local governments get a solution that is:

• Created with municipal operations in mind

• Extremely simple to adopt and use

• Adaptable to each municipality’s unique needs without costly software development

• Cloud-based and accessible from anywhere on any device

• Affordable for municipalities of any size

Share

Free Webinar – Customer Service Excellence – Maximizing Efficiency and Improving Customer Service

Customer Service Excellence – Maximizing Efficiency and Improving Customer Service

March 23rd  12pm – 1pm EST

AccessE11 Citizen Issue ManagementMunicipal 311 Software Designed for Local Government

Is your municipality looking for ways to improve your complaint and service request management? Do you want to better understand the issues citizens are bringing to your municipality? Would you like for your citizens to be able to view and update the issues they bring to your municipality?

Would you like valuable reports for your department heads and council? How about collaborating with staff on the issues they are managing? Want to streamline services requests and effectively manage them?

AccessE11 is a cloud-based, easy-to-use software solution to assist municipalities in better managing, tracking and reporting citizen inquiries, issues and complaints impacting your community.

Register for our March Webinar to learn about all of this and more!

Presented in Partnership with The Ontario Municipal Leadership Institute

                 

 

Share

Canada Healthy Communities Initiative Webinar

Canada Healthy Communities Initiative Webinar – March 5

The Government of Canada has announced that the Community Foundations of Canada, along with the Canadian Urban Institute, are now accepting proposals for access to $31 million under the Healthy Communities Initiative. Please join us on Friday, March 5th at 1 p.m. EST for a hands-on webinar as we walk through how to apply and share ideas from communities that use Penelope software to assist those most affected by COVID-19.

Mar 5, 2021 01:00 PM in Eastern Time (US and Canada)

Learn more by viewing our recent article.

Register here

Share

Responding to Complex Social Issues: Municipal Roles and Promising Solutions to Homelessness, Addictions, and Social Disorder

CAMA’S 50TH ANNIVERSARY PROFESSIONAL DEVELOPMENT SERIES – FREE WEBINARS

As part of our ongoing commitment to our members we are pleased to introduce the CAMA 50th Anniversary Professional Development Series for 2021. This new program will be comprised of various webinars that are coordinated for the CAO/City Manager, senior managers and their employees.   Along with our own webinar series, CAMA Partner companies will be providing educational and informative learning opportunities that showcase innovative services and products relevant to municipal management.  

Free of charge to all CAMA members this will be a wonderful way to provide an eclectic selection of resources to all your employees. Please forward to your staff members.

Webinar: Responding to Complex Social Issues: Municipal Roles and Promising Solutions to Homelessness, Addictions, and Social Disorder

Hosted by: Canadian Association of Municipal Administrators (CAMA)
Date:  Thursday, February 11th, 2021
Time:  2:00 p.m. to 3:30 p.m. EST
Virtual Zoom Platform

Speakers:
Dr. Alina Turner, HelpSeeker/Turner Strategies
Dena Kae Beno, Housing and Homelessness Coordinator, City of Abbotsford, BC

Who Can Attend this Webinar?: CAMA Members and Their Employees. Non-Members are also welcome to attend.
Who Will Benefit from this Webinar: CAOs and Senior Management

Registration Cost: FREE but registration is required 
Registration Link
Click here for more details about the session

Municipalities of varying sizes across Canada are struggling to respond to the increasing visibility and velocity of complex social challenges. The visibility of the drug crisis, compounded by housing affordability challenges, and convoluted health and social response systems have highlighted the need for new ways of approaching these issues.

What are promising approaches within the municipal purview and sphere of influences? This session will provide a practical overview of the national landscape to ground emerging promising approaches and learnings from diverse communities. Rather than a silver bullet, the focus will be on untangling the current complexity involved in social challenges into actionable, systems responses that balance diverse community needs. 

Contact Jennifer Goodine, CAMA Executive Director at [email protected] if you have any questions about this opportunity.
Share

2021 is going to be busy!

Some of you may be too young to remember this but back in 1985 the Coca-Cola company introduced “New Coke”

 

But the only thing new about it was the label, everything else was the same

 

So just 77 days after losing millions of dollars and being called a national disaster, they brought back Coca Cola Classic

 

Well, a few weeks in and 2021 is starting to feeling a lot like 2020 Classic…with a new label

 

But no one really expected the pandemic to disappear, businesses to open back up and everything else to go back to normal with the flip of a calendar page

 

So my bold prediction…2021 is going to be crazy busy

 

There’s a lot of work to do to fully re-open and adapt our businesses for the new normal…remote working, document digitization and up-skilling for the new economy

 

To that end, we’ve launched a couple of great courses on Strategic Sourcing and Negotiations

 

And we got a nice little shout out from our friends at Argentus:

 

So please check it out and let us know how we can help with your Procurement Training needs

Mohammed

 

Mohammed Naseer Faridy

Chief Executive Officer, OneView 

Share

Customer Service Excellence – Maximizing Efficiency and Improving Customer Service

AccessE11 Citizen Issue ManagementMunicipal 311 Software Designed for Local Government

Is your municipality looking for ways to improve your complaint and service request management? Do you want to better understand the issues citizens are bringing to your municipality? Would you like valuable reports for your department heads and council? How about collaborating with staff on the issues they are managing? Want to streamline services requests and effectively manage them?

AccessE11 is a cloud-based, easy-to-use software solution to assist municipalities in better managing, tracking and reporting citizen inquiries, issues and complaints impacting your community.

Register for our January Webinar to learn about all of this and more!

January 19th 12pm – 1pm EST

Presented in Partnership with The Ontario Municipal Leadership Institute

Share

Code Enforcement with AccessE11

The mandate of municipal government is to provide access to civic amenities and to ensure that residents follow the local laws and ordinances adopted by City Council.

In general, there are operating processes in place to monitor and enforce these municipal codes. However, it is often the residents themselves that witness and report code violations, at which point the municipality’s responsibility is to initiate an investigation and resolve the situation. When this occurs, there are additional complexities involved, with many municipalities struggling to track and meet their service targets to address citizen-initiated complaints. Any departments responsible for code enforcement must triage citizen complaints across a diverse range of property maintenance, parking, noise, nuisance and other issues. Then, activities must be coordinated with officers in the field, all actions tracked, and any documents consolidated until compliance is reached.

Using the AccessE11 service request management platform, multiple municipalities have streamlined and automated their code enforcement approach, making it effortless for staff to capture citizen complaints, assign the right team, resolve the underlying issues, institute centralized tracking and record keeping, and easily report on issues individually or on an aggregated basis.

Capturing Code Issues

Increasingly, residents expect to be able to interact with their municipality in the same way they do private-sector organizations via multiple channels, and this applies equally to code enforcement.

In light of this, AccessE11 has created a platform that allows citizens to report their concerns online, by email, and using integrated mobile apps. Categorization of each violation by category (permit issue, graffiti, trash & debris, noise etc.) is completely flexible, and geolocation of the issue and inclusion of pictures/other details is simple.

Once reported, the software automatically creates a case to track the issue, acknowledges receipt to the citizen, sets follow-up and due dates, and routes the case to a specific staff member. Moreover, it immediately makes the information available in configurable dashboards, embedded maps and reports to provide a centralized, cohesive view of all past and ongoing code enforcement activities.

Processing Citizen Issues

Inspections are an integral part of the resolution process and, to that end, code enforcement officers are provided with an up to date and prioritized view of the complaints they need to follow-up with the AccessE11 mobile app for staff. Depending on whether or not a violation is observed, an officer on location can close the case immediately, or further document it with corrective actions and a date for a follow-up inspection if required.

Some municipalities also use code sweeps within delimited geographical areas as a proactive means of enhancing the safety, cleanliness and conditions of a neighbourhood. In this scenario, officers can create cases for tracking purposes directly using the mobile app. All relevant information is seamlessly and centrally logged with no need for the officer to visit the municipal office simply to enter data.

From the time an issue is reported through to closure, departmental managers, assigned staff and, to an appropriate extent, the reporting citizen are kept informed with automated, real-time notifications. Code enforcement teams are able to work seamlessly and avoid crossed wires. The reporting citizen can also get updates on their concern at any time by visiting AccessE11’s citizen-facing portal.

Operational Effectiveness

Citizens demand services from municipalities, but they also expect them to use tax dollars wisely. Authorities have a duty to avoid waste wherever possible and act in the public interest.

To that end, they need systems that allow them to make informed decisions and measure the success of their activities. AccessE11’s platform allows code enforcement departments to visualize and report on valuable data, letting them make evidence-based decisions. Managers can prioritize tasks, collect data on current and historic trends, measure against service targets, and gauge the effectiveness of the municipality’s response to issues. This data-driven approach enables managers to get a better handle on the overall efficacy of their teams, as well as the productivity of individual members.

Share