Government Technology News
Tue, 25 Jul 2017 00:33:45 +0200
Digital Counties Survey 2017: Winners Focus on Knowing When, How to Introduce New Tech
County government is increasingly leading the way when it comes to deploying technologies that matter to everyday citizens. Where innovation and out-of-the-box thinking used to fall to bigger, better-funded state IT agencies and the private sector, regional governments have turned their focus to being more adaptable and responsive to the technology needs of their constituents.
But this year, the theme among the five first-place winners is not so much about a shiny, new technology as much as it is about knowing when and how to introduce it. Whether investing in new tools like predictive analytics, going mobile, or opening data to the public, these organizations are making very real differences in the communities they serve.
This year’s 15th Annual Digital Counties Survey, conducted by the Center for Digital Government*, brings attention to this work and the IT teams making it all possible.
King County, Wash., took first place in the 1,000,000 or more-population category for its strategic approach to regional government IT. In recent years, county CIO Bill Kehoe said efforts to tie everything back to the big picture IT strategy have resulted in better efficiencies and a more deliberate deployment of necessary tools.
“That’s the movement that I have seen in the last few years — the organization and the county have gone mainly from operational and transactional to more of a strategic and innovative approach,” he said. “We still have a way to go, but the culture is changing in that direction.”
There is also a lot at stake in the county, not only because of the expectations put on modern digital government, but also the proximity to companies like Amazon and Microsoft. Whenever it comes to rolling out new tech for their internal customer departments, Kehoe said the process of engaging with county staff and educating them is imperative to long-term success. The solution: tailor-made classes designed to fit the individual customer needs.
“We threw a lot of new technology at our customers over the last five to seven years, because the state of the technology in the county coming out of the recession was very outdated, both from a basic infrastructure … to just a lot of outdated technology …,” he said. “What it did was really overloaded some of our customers with new technology that they didn’t necessarily know how to use.”
Despite the Digital Counties recognition, the CIO said they still have their eyes turned to the big-picture issues such as cybersecurity and the growing demand for data services.
Within the larger King County community, meeting the call for greater digital equity and social justice continue to percolate in the minds of leadership and the IT team.
“The expectation is a lot higher and the accountability is a lot higher, which is good, but I wouldn’t say that IT is looked at as, ‘You guys are doing great and don’t need to improve,’" he said. "I think we are always looking to improve and really understand where our customers’ pain points are and new ways to engage with them as well.”
Westchester County, N.Y., took first place in the 500,000 to 999,999-population category for its resourceful and thoughtful use of modern IT tools. And despite his title, county CIO John McCaffrey isn’t afraid to say “no” when those tools don’t add value to the county’s overall mission.
In recent years, McCaffrey has noticed the growing role Westchester’s IT department plays in the daily decision-making process. Rather than the IT team thinking of itself as customer service-oriented, the CIO said they are now considered strategic partners.
“They consider us at every turn, where technology will help, where technology should lay. One of my mantras is no technology for technology sake,” he said. “Sometimes someone is trying to create a technology project around something that shouldn’t be, it’s just a process.”
Perhaps where IT’s skillset is most valuable is in the business process improvement arena, and in looking at the way departments are attacking their daily workloads.
From weeding out duplicative processes to implementing a new solution, McCaffrey said his IT staff have become the trusted voice when it comes to the best way get services to the citizens. Occasionally, he joked, this process doesn’t require new technology at all, just a new way to use it.
“One of our things that we have been getting good recognition on is a contract reform process, and a lot of it is around workflow and document management, and the process itself of eliminating paperwork and eliminating procedures that were just duplicative, but it’s not new technology per se.”
In looking to the future, the CIO said he would like to see the county expand the data it uses to make informed decisions. The ever-expanding Internet of Things and new partnerships could soon improve the ability to pinpoint vital service deployments across all county departments, both predictively and reactively.
Douglas County, Colo., took first place in the 250,000 to 499,999-population category for its aggressive stance in delivering powerful and relevant tools to the hands of their department customers. As Senior IT Manager Craig Vacura explained, the strategy in Douglas County is not so much about pouring money into new technology as it is about building from a good foundation.
Like their colleagues in Washington’s King County, the IT team in Douglas County serves a tech-savvy constituency, some of whom work for the region's technology companies.
“From a county perspective, our leadership really believes in technology and is invested in technology, not just core systems but in areas that are more innovative and require research,” he said. “One of the areas that was really invested in recently is open data and shared systems and partnering with other counties.”
But perhaps as important as providing working tools to the personnel and departments that need them, is the idea of breaking down the barriers between departments and neighboring county partners. Vacura said the county’s efforts to partner with other jurisdictions have netted some great returns, especially with regard to public safety.
Moving forward, Vacura said the county is looking to continue its work with GIS and building what he calls a “fundamental base” for new applications, but they also will be continuing efforts to look deeper into the capabilities of predictive analytics.
One project he said Douglas County officials are excited about is the possibility of using predictive analytics to better serve child welfare and human services functions of the county. As it stands, the county is collaborating with the state of Colorado and academic partners to determine if and how such a tool could be utilized realistically.
Arlington County, Va., took first place in the 150,000 to 249,999-population category for a second year in a row. Jack Belcher, CIO for the county that shares a border with Washington, D.C., said thinking about and acting on technology is not something that happens in a vacuum. Instead, he explained, it happens in the communities it will ultimately affect.
“What we see technology as is really an enabler, and what we try to do in my shop, you’ve got to keep the trains running, so, you’ve got to make sure the servers work, the networks are up and the databases are secure and all that. That’s IT,” he said. “What we are trying to do is advance the discussion about what the future may hold for the community …”
He calls this process shaping the county’s “digital destiny.” Regular input from community groups and leadership through facilitated sessions allow the county’s IT team to respond with solutions that fit within the county’s long-term strategy. “What we’ve done is elevate that discussion,” he said.
From mobility and learning to wellness and livelihood, community engagement is central to mapping the course for Belcher’s organization. When it comes to leadership, the buy-in and engagement, as well as a realistic perspective on tech from an investment review board, has garnered a trust-based relationship between IT and decision-makers.
“Rather than investing in more parking lots, should we be understanding that there is a going to be a rise in autonomous vehicles?" he said. “Maybe we need to understand the considerations around that, and maybe we need to think about more parks and less parking lots. We try to put it in terms of what keeps them up at night in the community”
Albemarle County, Va., took first place in the Up to 150,000-population category for its continued efforts to improve transparency and public access to data as well as efforts to build a better relationship with the public it serves. Though officials could not be reached as of press time, the county climbed from a seventh-place rating to a first-place rating in just the last three years.
*The Center for Digital Government is part of e.Republic, Government Technology's parent company.
WINNERS OF THE 2017 DIGITAL COUNTIES SURVEY
1,000,000 or More Population Category
1st King County, WA
King County shot to first place in 2017 from a fourth-place finish last year, and the rationale behind its top marks are plenty. Among its recent gains in citizen engagement is a 33 percent increase in social media followers across its more than 200 social pages. The county credits at least part of that growth to a micro-blog page, with 64 diverse and specialized contributors who write about their programs, garnering shares from far beyond county limits. Its Peak Democracy project serves as an online town hall, offering information and visualizations on county issues, inviting (and receiving) feedback from residents across a broad spectrum of county issues.
Collaboration efforts include participation in the Community Connectivity Consortium, which built an optical fiber network that provides low-cost, or even free, high-speed fiber access to public, education and government entities. Completed in January 2017 and operated by the University of Washington, the network plays a vital role in meeting community connectivity needs and helps advance digital equity goals.
The workforce challenges faced by the public sector are particularly acute in King County; officials anticipate they’ll lose as much as half of the workforce in the next five years. One tenet of their strategy as it pertains to IT is the recent hire of an analyst focused on IT classifications and compensation, charged with ensuring the county is equipped to attract and keep competent staff. The county is likewise investing in shoring up its policies around data, adding a chief data officer as well as data solution architects to its staff roster. The new team is working to establish data warehouses and governance to ensure the integrity of the county’s data so that it’s as useful as possible in advancing strategic goals.
2nd Montgomery County, MD
Montgomery County, Md., is once again at the top of the pack, earning second place in 2017 just as it did in 2016. Strategic IT planning is detailed and closely tied to the priorities of the county leadership, as demonstrated by the county executive-endorsed Technology Strategic Plan. Officials built on the county’s strong transparency and open government program this past year, adding 62 data sets from 14 departments with automated updates. Operating budget, capital budget and spending information is now available as consumable open data as well. The county uses “no code” solutions like Office 365, SharePoint and Tableau to enable staff without coding skills to put open data to work to improve operations across traditional silos.
The county continues to prioritize strong cybersecurity practices, a strategy bolstered this year by testing of its enterprise resource planning (ERP) and computer-aided dispatch (CAD) systems, renewal of its cyberinsurance policy, mandatory staff and contractor training, and a tabletop exercise that blocked financial system access for a period of five days to evaluate the county’s continuity-of-operations/disaster recovery abilities. A number of possibilities are now being considered to put artificial intelligence (AI) technology to work in the county, including for predictive analytics. A potential use case in county detention facilities would use AI-backed sensors to create alerts when movement is detected in areas where there shouldn’t be any.
The 650-mile FiberNet network provides connectivity to 500 locations with round-the-clock monitoring for the county itself, as well as public schools, a community college, the public housing agency, and the planning and water authorities. The county is currently surveying users and gathering performance data to make sure connectivity lives up to advertised speeds, as well as identify super users and the most popular Wi-Fi spots. Results will inform future broadband strategy and investment.
2nd Oakland County, MI
Moving up three spots from its fifth-place ranking in the 2016 survey is Oakland County, Mich., which is making headway on its cloud-first strategy — the goal of which is for government to be running anytime, anywhere — and maintaining its G2G Marketplace, a simplified way to procure contracts. The county also is working with the state to create a chief information security officer (CISO) as a service for jurisdictions within Michigan that cannot afford or find a qualified CISO to use for risk assessments, IT security leadership and suggestions for mitigating their highest risks. Cybersecurity has been a primary focus, as have the county’s social media efforts, which present a comprehensive picture of a unified jurisdiction and IT department. And the Access Oakland Open Data Portal displays the county’s commitment to open data, which is further evidenced by an upcoming expansion in which the GIS team will present the latest maps and offer examples of how data can be visualized. As the county focuses on new initiatives, the portal will provide the supporting data to the public.
On the innovation front, Oakland County has started getting its toes wet when it comes to artificial intelligence; it’s already in use for geospatial and mapping, and predictive policing and predictive analytics. The county also has plans for autonomous vehicle infrastructure within the next 18 months. Perhaps a model for all local jurisdictions is Oakland County’s rolling three‐year budget, which is balanced for three to five years into the future. This process lets county officials anticipate corrections or adjustments for future operations — and helped it to fund all employee health care and pensions.
3rd Wake County, NC
Though it slipped two spots from last year’s survey, Wake County, N.C., is still maintaining solid alignment of its county and IT goals and initiatives, and its status as an open data pioneer status remains strong. The county also continues to follow robust cybersecurity practices, including its Learning Management System, which contains a security awareness training library that was refreshed in 2016 to include such topics as phishing, password and email security, social engineering, social media, mobile devices, and Internet of Things security. Perhaps most notable is an IT department restructuring that elevated CIO Bill Greeves to chief information and innovation officer, and created a permanent team dedicated to innovation. With Greeves at the helm, this team will advocate for innovation, support best practices and new service initiatives, develop skills for innovation, help people generate ideas, create safe environments for experimentation, and explore disruptive technologies.
The county also has developed the CREATEspace Innovation Lab, which is home to several areas dedicated to learning and innovation. Although Wake County’s newly created interactive fiber map — based on Internet connection data for all municipal, education and higher-ed facilities and locations in and around the county — is only open to contributors in these spaces who have direct and open access to the data, officials say it already has ignited discussions and collaborations on cost savings, economic development, education and more. In addition, the regional council of governments, which represents 38 towns and counties, recently asked to expand the project into a regional resource. And when it comes to public safety, the collaborative City-County Bureau of Identification (CCBI) offers a fingerprint repository for 13 contributing and accessing agencies; provides crime scene fingerprint and palm print evidence, and mugshots and criminal arrest information for all 43 law enforcement entities in the county; and includes a public mugshots portal and Mobile Rapid Fingerprint Identification Module that lets Wake County and Durham County law enforcement officials rapidly and remotely search its criminal database.
4th Alameda County, CA
Fourth-place Alameda County (also its rank in the 2016 survey), home to Oakland and situated across the bay from San Francisco, has embraced the local tech economy with a focus on open data. The county has had a data portal for five years and has hosted five data-oriented hackathons called the “AC Apps Challenge.” More than 720 people in 106 teams have participated, crafting citizen-oriented tools such as an open jobs map and an eligibility pre-screening tool for the CalFresh nutrition program. Nearby Marin County used an Alameda white paper to begin its own challenges.
The county has also doubled down on cybersecurity, launching a dedicated Information Security Office and developing a five-year plan to secure systems and data. On top of that, the county’s IT department has updated its threat detection system, joined the Multi-State Information Sharing and Analysis Center and set up new application delivery controllers with a suite of security functions.
To support its efforts, the county has adopted a robust strategy for hiring and retaining talent, even as it faces stiff competition from local high-paying private-sector tech jobs. Alameda County has paid for premium services on LinkedIn and Dice, and it posts openings on other social media in addition to internal advertising. A digital onboarding process lets prospective hires see policies early and enter information easily. The county also reports impressive results from recruiting aimed at diversifying the workforce with people of color and women, and it has cut down unplanned attrition in its application services office by 69 percent in five years. Once hired, the county makes a point of getting employees involved in its innovation efforts. Alameda County maintains an internal website where employees can share new ideas and collaborate on projects, and has held three employee hackathons called Rethink AC to come up with new solutions for improving the county’s work and customer service.
5th Cook County, IL
Following $154 million in strategic IT investments in 2015, Cook County is beginning to finalize a series of tech upgrades, including an integrated justice system that automatically shares data between three related offices at different levels of government. Other projects coming to fruition include: New enterprise resource planning software, a GIS program allowing any employee to turn spreadsheets into interactive maps for citizens, biometric timeclocks, a new cybersecurity intelligence grid and cloud-based email and file sharing through Office 365.
The county’s efforts to coordinate with different levels of government in Illinois has extended to its cybersecurity program as well. The new Cook County Cyber Threat Intelligence Grid lets municipalities inside the county securely share intelligence online.
Another big push in the county in the past year involves using analytics to generate return on investment in the form of dollars saved and revenue boosted. The county is setting up an integrated tax processing system that will allow citizens to register, file returns and pay taxes all in one place, while simultaneously automating daily processes on the back end that will free up workers to focus on things like compliance. IT officials expect this to create $3 million-$6 million in extra revenue in its first year of operation, a number that should increase over time. On the savings side, the state is saving about $1 million annually as a result of an analysis program that brought together various pieces of data about phone lines. Officials followed the data trail to find unused and unnecessary lines and pull the plug on them, eliminating needless bills.
5th Fairfax County, VA
Fairfax County may have the second highest median household income in the country, but economic, demographic and fiscal challenges have led the county to embrace technology to advance its government strategy. That has meant emphasizing agility, flexibility and scalability. These principles have enhanced the county’s engagement, transparency and smart city efforts.
Take engagement. Fairfax has built multiple platforms to support social media and citizen engagement to interconnect with the county’s population of more than 1 million people. The county has had significant growth in the use of Facebook, Twitter, YouTube and other social media platforms, while visits to the government’s website have soared to more than 19 million annually.
In the collaboration space, the county has been at the forefront of a regional geo-spatial data exchange that involves 23 other governments. This kind of data sharing has helped support emergency response in the nation’s capital area while reducing unnecessary duplication costs. The county has also invested heavily in cybersecurity through its next generation security program. This includes an artificial intelligence-based endpoint security system, as well as a new security information and events management system. By introducing machine learning into its security strategy, the county has built in data protection that will keep pace with new and emerging threats.
6th Miami-Dade County, FL
This year, Miami-Dade made several key enhancements to its IT strategies. First, the county has prioritized transparency and is beginning to see the dividends from its investments. It now has 24 open data sets. Geo-spatial data is critical to any county and Miami-Dade has built 183 layers and has 100 GIS data files available for free use by visitors, businesses and residents.
The county has brought together collaboration and smart city initiatives in a number of ways. It has created a regional smart transit plan involving federal, state and local authorities, and is using a 3-D geographic tool to visualize the impact of changing land use as the county enhances transit opportunities. The county is also rolling out collaborative transportation efforts that involve popular mobility platforms, such as Waze and Uber. The county is also pursuing collaborative initiatives with the private sector to boost the use of predictive analytics in the areas of law enforcement, transportation and water services. Miami-Dade has expanded the use of cloud computing and is providing cloud services to neighboring municipalities, as well as state and federal agencies that operate within the county. Not only will the expanded capability generate revenue for the county, but it enhances cybersecurity protection for these customers as they put more data and services into the county’s cloud infrastructure.
6th San Diego County, CA
San Diego County tied Sacramento County for third place in last year’s survey, slipping slightly to join Miami-Dade County, Fla., in sixth place this year while unleashing an impressive array of IT-centered solutions for employees and 3.2 million residents alike.
A citizen engagement tool available from county libraries, Vet Connect, lets rural veterans meet face-to-face online with a veterans services representative or use video conferencing to access services and do paperwork. Another new app lets the public report issues with gas pumps, price verification and commercial scales; field questions or complaints about smoke, smells, dust, illegal burns, asbestos or unpermitted operations; and alert officials to waste, inoperable vehicles and graffiti. Inside the probation agency, officers got a new app that lets them access offender information on a smartphone; and officials are in the process of moving toward a next-generation 911 system over the next one to two years.
Also noted this year was the county’s Functional Threading approach to collaboration, a key piece of its business model that ensures all agencies work together. In one instance, the Land Use and Environment Group replaced separate permitting systems, streamlining processes across six departments. The county, which outsourced IT 20 years ago, also simplified IT positions this year, reclassifying county IT staff into three new classifications: IT Specialist, IT Analyst or IT Principal. The county also entered into a new IT outsourcing agreement in November with DXC (formerly Hewlett Packard Enterprise).
7th Orange County, FL
Orange County, Fla., home to more than 1.3 million residents and the nation’s second fastest-growing metropolitan city, Orlando, holds onto seventh place for the second year in a row as a result of innovative engagement strategies and smart choices around cybersecurity and staffing.
The county has been engaged in a series of outreach efforts in the year since the June 2016 mass shooting at Orlando's Pulse nightclub. Information Communications Technology (ICT) staff set up and maintain the Orlando United Assistance Center, created to serve those affected by the incident. The county also updated its history center to reflect the tragedy’s impact. Officials also implemented Orange Code, a simplified process to govern land development. A new smartphone app, OCFL Atlas connects citizens to their communities by identifying new construction projects in the county.
The county’s six-year-old emergency notification and information phone app OCFL Alert was recently joined by PulsePoint Respond, an app designed to empower those nearby to assist victims of cardiac arrest, including by directing them to the nearest automated external defibrillator. The app is already credited with saving the life of one person stricken in downtown Orlando.
The county's comprehensive cybersecurity team includes experts in penetration testing, digital forensics, Payment Card Industry and Health Insurance Portability and Accountability Act standards. Orange County is combatting ransomware with analytics and fortified log monitoring; and a dispersed network attached to primary county networks. They have also implemented an advance notification and response system for cybersecurity officials working with physical security systems and their business-centered needs.
The agency also uses a unique consulting model approach to staffing, a combination of outsourcing and insourcing which rotates employees between different teams to for specific assignments. The approach helps enhance skill sets, reduces burnout and gives employees more ownership over departmental decisions.
8th Riverside County, CA
Southern California’s Riverside County, the 10th largest county in the nation, is making big strides toward connecting its nearly 2.4 million residents and streamlining IT costs. Most notably, in an effort to overcome a staggering digital divide, Riverside has undertaken a first-in-the-nation effort to bring 1 GB broadband to all residents and businesses within the county’s 28 cities and 12 participating local tribes. The move is intended to help stimulate economic growth, improve access to telemedicine, and expand education opportunities. Officially called RivCoConnect, the network will be funded through a public-private partnership, proposals for which are due Aug. 3, 2017.
Riverside is also making a strong push toward consolidating its IT, a goal it has been working toward since 2013, focusing on interoperability, resiliency and reducing costs. The county moved to a shared services model in 2016, and completion of the final phase is anticipated in July 2017. One element of this was using VMware NSX to consolidate 53 data centers into a private, county-owned cloud, the costs of which are offset by leasing space in the data center to external customers. Finally, in response to the coming retirement wave, Riverside County has relaunched its internship program, and some interns have already transitioned to permanent full-time IT positions in areas including GIS and IT support. They are also investing in community science, technology, engineering and math (STEM) programs to encourage the next generation’s interest in technology.
9th Palm Beach County, FL
Located along Florida’s eastern shoreline, Palm Beach County was selected in this year’s awards for its efforts in citizen engagement, shared services and technology modernization to make it as effective as possible for residents. The county launched a new website in 2016, which features responsive design and includes social media buttons so citizens can easily get in touch with the county through all major platforms. The site saw 2.9 million pageviews in its first three months. Judges were especially impressed with Palm Beach’s overhaul of its communications system, an effort that began in March 2015 to replace 87 Legacy PBX systems and 10,000 telephones with a single voice over Internet protocol (VoIP) system that will use the county’s broadband fiber network, reducing costs by decreasing reliance on leased AT&T circuits. Work on the system is anticipated to conclude in August 2017. A number of cities have expressed interest in contracting with the county to use the service, so Palm Beach is working with Unify to enter into a joint venture that would create a “Tenant Zone Solution” for interested parties. Also in the area of shared services is the county’s government cloud, which Palm Beach built through a “do-it-yourself-method” to provide shared IT services to public agencies at the lowest possible costs.
10th Tarrant County, TX
Tarrant County is the sixth fastest growing in the U.S., and it’s estimated that a new person moves into the county seat of Fort Worth every 24 minutes. This has spurred the Information Technology Department (ITD) to keep pace with the exploding population. ITD’s Vision 2020 Strategic Plan outlines six goals that make sure IT investments align with the county's business priorities and strategic goals.
Tarrant County has made a strong effort to move toward mobile services, including conducting website load tests before 2016’s busy election season, a move that paid off when the Tarrant County Voter Lookup website received a 2,304 percent traffic increase during that time, nearly 50 percent of which came from mobile devices. The OpenBooks website consolidates information from existing county webpages and allows easy access for interested constituents to participate and comment on county decision-making.
The public health department has invested heavily in collaborative services, and is responsible for the creation and oversight of the Texas Syndromic Surveillance network, which receives data from health professionals over a 49-county region, which it then synthesizes and reports to the Centers for Disease Control and Prevention. Also of note, the county has created a Protective Orders Online Electronic Filing system, which allows complainants a safer, faster way to file for protective orders. The new tool reduces time to file from several days down to a few minutes, resulting in a 42 percent increase in such orders since 2015.
500,000 – 999,999 Population Category
1st Westchester County, NY
Westchester County received top ranking in its population category for a number of important reasons, including the leadership of County Executive Robert P. Astorino, who has set a governing framework that leverages information technology to support what he calls the “Three Ps”: Protect the Taxpayer, Preserve Essential Services and Promote Economic Development. Consider how the county has quickly leveraged mobile technology as a means to both foster better services and provide a conduit to economic opportunities by partnering with the local university to increase activity around mobile applications. The county was an early adopter of mobile devices for workers and has built several customized mobile apps that have advanced field operations.
When it comes to collaboration, Westchester has developed a robust shared services program that has helped a growing number of municipalities, school districts and other entities to save money, increase efficiency and reduce duplicated services. Cybersecurity is another focal point where awareness training is used side by side with the latest tech tools, including artificial intelligence for pattern and advanced threat detection. At the infrastructure level, the county has invested heavily in the Westchester Telecom Network, a state-of-the-art fiber backbone now spanning 1,000 miles and supporting over 3,500 businesses, as well as 50 percent of the municipalities, numerous schools, libraries, health care and public safety organizations within the county.
2nd Sonoma County, CA
Sonoma has made a concerted effort to integrate information and communication technology (ICT) into its overall governing strategies, touching on everything from economic development and safety to health, transportation and environmental stewardship. A key priority is transparency of government operations, and the county has embraced open data, which includes geo-spatial information that supports interoperable solutions as well as other data sets available for public consumption. The county has also set up fiscal dashboards, allowing the public to view Sonoma’s budget health, funding details and much more.
The county has a robust citizen engagement strategy that takes full advantage of the various social media platforms to engage the public on a wide range of activities and incidents, such as floods, fires and road closures. The county has also deployed a customer relationship management (CRM) system that is shared with some of the municipalities within the county. Sonoma county has also invested significantly in its broadband infrastructure. Access Sonoma has developed and promoted a number of broadband initiatives, including a program that provides some residents with high-speed access at reduced costs, as well as training and tech assistance.
3rd Ventura County, CA
Ventura County, Calif., made a significant jump in this year’s survey, earning a third-place finish in its category. Many of the county’s endeavors underscore its belief in transparent practices, including its financial transparency website, recently upgraded with additional tools to help inform the decision-making process for county leaders. Water management is getting a boost from sensor networks that more specifically track performance and help shape policy. A commitment to performance-driven government can also be seen in the public safety area, where dashboards provide insights into recidivism trends and offender populations. Higher caseload volumes credited to state policy changes helped motivate the Human Services Agency’s transition to digital workflows, achieving efficiencies through abandoning traditional paper processes. In addition, several agencies coordinate across a single case management tool to more effectively address homelessness across departments.
Ventura County demonstrates a forward-thinking approach to mobility shared by many leading counties who are working to reduce “app sprawl” by providing their services through popular consumer mobile channels. For example, there are plans to publish restaurant inspection data to Yelp, share road information with Waze and sell county animal licenses on Amazon. An app the county developed called iCop unifies county-wide law enforcement records management systems, equipping officers with real-time data and cutting crime-solving time considerably.
4th Baltimore County, MD
Technology of all types plays into managing the large regional government of Baltimore County. From how it implemented its body-worn camera program to driving more thoughtful data-driven government, the county earned fourth place in its population category this year. In response to a strained financial climate, the county has turned to an internal team called the Operational Excellence Team (OpEx) to identify smarter, data-driven ways of tackling mission critical-processes. Most recently, the OpEx team worked to bring public safety reporting standards in line with federal guidelines and is working to develop a new interagency process between the county, state and federal government in regard to public health and safety. The county is also behind a Esri-based open data platform with more than 60 data sets in it — this includes access to historical imagery and preservation, and water and sewage masterplans. To better connect first responders to the information they need to respond to critical incidents, county IT have equipped battalion chiefs with mobile tablets capable of meeting the demands of their job.
Applications also play a role in the overall Baltimore IT strategy, and include tools like the Stormfighter severe weather resource app, which connects constituents to valuable resources and enables direct citizen-to-county communication. Where cybersecurity is concerned, the county has taken substantial action to ensure its IT assets and staff are prepared for the threats around them. In addition to annual mandatory training, the county partnered with outside auditors to assess the potential weaknesses presented by phishing attacks and other threat vectors. The Skill Base is the county’s skills assessment tool that allows officials access to employees with any number of 256 distinct skill categories to better position employees within the county organization. In another forward-thinking effort, Baltimore County is also working to improve responsiveness through its 16 call centers, the thought being that a cloud-based, scalable option allows for better response times and more flexibility during billing times or emergency situations.
5th Prince George's County, MD
Ask IT officials in Prince George’s County how their work is serving the county’s goals and they can point to specific projects for every single one. The county wants a clean environment? The Office of IT (OIT) deployed a smartphone app for residents to report trash cleanup information. Better government operations? OIT has set up a new customer service request system that keeps people informed as employees work on their problems.
The county has also been making significant inroads in transparency, launching a host of open data tools this year for budgeting, project goal tracking, food inspections, clean water initiatives and more. Many of those involve GIS components, and there are more projects on the way — including an open checkbook and operational dashboards meant to help the county improve work performance.
Prince George’s County also maintains an extensive fiber optic network for schools and government agencies. Recently, the county signed up eight municipalities as subscribers to its Institutional Network and put into place a governance council that brings together input from a number of disparate agencies.
6th San Mateo County, CA
San Mateo County made it into the rankings this year with a robust approach centered around collaboration. The county not only maintains an open data portal complete with performance metrics for various departments, it also searches for multiple ways to create value from that data. The county trains and encourages community members and organizations to use the data as they need, including for understanding and illustrating needs and program impacts. The county has also hosted hackathons for the datasets and its representatives have spoken at conferences to help other local government organizations start open data programs.
San Mateo County’s collaborative approach is also manifesting itself in the form of a “smart region” effort involving a shared fiber-optic network between the county, municipalities, education and public safety districts in the area. A major emphasis for the project is to enhance communication between different entities. The county expects to complete the fiber network this year.
Then there’s the governance model the county has in place for IT. An executive council brings the county manager and leaders from every department together with IT professionals, forming dedicated committees to discuss IT issues on technical levels.
Lastly, the county is taking cybersecurity seriously with a multi-pronged strategy that includes end-user training, digital outreach to employees and regular audits of administrative privileges to go along with software and hardware controls such as fingerprint biometrics and upgraded email security.
7th Gwinnett County, GA
Gwinnett County, Ga., the state’s second most populous county with just over 900,000 residents, has many foundational elements of government technology in place, including a comprehensive cybersecurity strategy. Gwinnett has made above-average strides, establishing firewalls, intrusion prevention systems, and other cloud-based security solutions, along with an internal training program. Gwinnett’s open data efforts are standard, encompassing a range of governmental info such as meeting agendas and minutes, county budget info, and nuanced sets like bids and RFPs. Speaking of procurement, Gwinnett is well positioned to reap the benefits of years of planning. In 2015, the county upgraded to a purchasing system with potential to facilitate better e-procurement, and that effort is ongoing. Gwinnett is also well aware of a common pitfall: purchasing software but not using every feature. To combat this, Gwinnett is emphasizing the use of its performance management system, which it currently uses for survey forms and manual reporting of performance data, but hopes to soon also use its data extraction tools and a transformation utility to connect operational systems in Gwinnett, centralizing the county’s tech.
Where Gwinnett shines brightest, however, is with mobile. Gwinnett has stand-out resident-facing apps such as an interactive property tax calculator that shows values of services received versus property tax paid and a park locator map that allows residents to find amenities near them. The county has effective internal mobile tools for office and field crews, and its website is launching a fully responsive design in 2018.
8th Chester County, PA
Last year, Chester County, Pa., made strides in open data by partnering with OpenGov to publish vast amounts of spending info online. The county also created ChescoCONNECT, an app for community news, events, health and human services info, and emergency alerts. If last year was one of broad steps, this year is one of efficiency and nuance. Chester has done hyper-specific things like putting snapshots of local eateries' most recent inspections online so they are accessible via mobile devices, doing so by using existing software and no new funding. In other efficient progress, Chester is partnering with the U.S. Geological Survey to provide residents with info about water conditions and potential health risks at streams in the county, set to launch soon. It also began using civil e-filing to allow litigants to initiate cases and access files electronically. These may seem like small steps, but they add up to a transparent county with useful open data.
Perhaps the most impressive achievements for Chester were those made in emergency response. Chester now offers text-to-911 services, one of the first counties in the Philadelphia area to do so. It also built PulsePoint, an app aimed at providing life-saving assistance for victims of cardiac arrest. If someone is having a cardiac emergency, PulsePoint contacts users nearby who are trained in CPR, giving them the location of the emergency as well as the nearest automated external defibrillator. These efforts are poised to continue thanks to the recent establishment of a strategic plan to emphasize better customer service in government.
9th DeKalb County, GA
Making their first appearance as a Digital Counties Survey winner, DeKalb County, Ga., is working to reorient government services to accommodate a shifting demographic, and county officials have taken steps to provide residents with the best information technology services possible. Improvement began with an open and honest countywide information technology assessment (PDF) conducted in summer 2016, which identified several opportunities for improvement.
One area that drives the county's evolution is their cloud- and mobile-first strategy. By aiming to host applications and services in the cloud, the county is already working with a forward-thinking industry. Cloud infrastructure also cuts costs of onsite storage and allows for flexibility by not having to divert employee time to maintenance of systems. It's no secret that smartphones have changed the way residents across the country connect to the Internet. For lower-income families, phones are often the only connection they have to the Web, so prioritizing those users for DeKalb gets at the hardest to reach populations. When the county redesigned its website in November 2016, it was optimized for mobile users using responsive design in Drupal, in conjunction with a targeted social media campaign across all major platforms, and the county’s agendas were made publicly available through Granicus.
Perhaps the largest gains have been from DeKalb's efforts toward increasing cybersecurity and protecting valuable data. The county introduced a suite of cyberapplications, including intrusion detection systems and intrusion prevention systems (IDS/IPS) to help manage threats. Analytics dashboards are also reviewed daily to evaluate the state of the system. Intrusion attempts, vectors and targets are monitored continuously, with alerts set up for notifications of the need for remedial actions.
10th San Joaquin County, CA
In the summer of 2015, San Joaquin Valley, Calif., was chosen as one of Google’s kickoff sites for its Government Innovation Lab. The goal was to import some of the company's trademark “moonshot” thinking and apply it to local government problems. If returning to the top 10 of the Digital Counties survey is any indication, then the workshop was a booming success. One of the major goals addressed in the county was maintaining a well trained and committed workforce. Sitting adjacent to Silicon Valley, the IT department suffered from tough competition, but through a series of internships and reforms to the hiring process, the county was able to make tremendous strides in workforce acquisition and retention.
The other main goal for county officials was implementing a “No youth in the Justice System” program. Focusing on the high rate of recidivism, the county developed a program that utilized technology to create a data sharing tool that provides timely identification and analysis of data that is related to law enforcement dealings with youth. This tool and data will be used across departments to guide placement, link community support services and inform the virtual team with the goal of reducing the probability of the youth re-offending.
250,000 – 499,999 Population Category
1st Douglas County, CO
Colorado’s Douglas County made significant digital strides over the past year, jumping from ninth place in the 2016 survey to the top of its respective population category this year — and it’s easy to see why. For starters, the county’s Department of Human Services is, with some assistance from the state, taking part in an artificial intelligence pilot with New Zealand’s Auckland University of Technology. Using machine learning techniques, statewide historical data for at-risk children is being analyzed to determine whether at-risk indicators can be identified in the data, and is being cross-checked with actual risk assessment results to help shape the algorithm. The county also maintains strong open data and transparency initiatives, including making data that was commonly requested by constituents open to the public and enabling data visualizations directly within its open data platform. Douglas County also established a federation agreement with the state's Open Data portal, which means that county-level tabular open data is also available through direct access or API access within the state's portal. And transparency work is ongoing: In 2017, Douglas County is partnering with municipalities within its borders to determine the next phase of growth, with the goal that engaging in intergovernmental public data sharing and eliminating technical barriers to data will further enhance information and service offerings to citizens — as if jurisdictional boundaries do not exist. Last year, NearMeDC.com, a roadwork notification application, was still in the works. But it launched in 2016 and, based on open data, gives citizens current community information, and they can sign up and be notified of road construction in areas they define. And that same information is available in Waze. Also, last year saw the launch of the Douglas County Innovation League — a county-wide training program to instill Lean thinking. At the same time, IT was instructed to implement Scaled Agile Framework, which is an expansion of ITIL Service Management, and continuous improvement of core agile delivery practices.
2nd Dutchess County, NY
Jumping three spots from last year’s survey, Dutchess County, N.Y., population 296,916, not only has its IT Strategic Plan tied to county priorities, but also boasts solid disaster recovery initiatives, including integrated video surveillance that was implemented at the new $4.8 million Stabilization Center that opened this past March. Seamless integration exists between 911 Emergency Response, the Sheriff’s Office and the new the Stabilization Center, which offers crisis counseling, among other things. Dutchess County also maintains robust cybersecurity measures, and is extending its Web security policy to satellite locations via security-as-a-service, which allows satellite locations to access strong, scalable and cost-effective security services.
While the county utilizes social media and other methods to ensure solid engagement efforts with citizens, it’s worth noting that crowdsourcing initiatives are under consideration to further engage citizens and include them as strategic partners in improving how government works. When it comes to shared services, Dutchess County shows significant strength, having expanded greatly over the last year — its GIS applications are shared with 30 municipalities, businesses and the public, which saves $14 million annually. The Office of Central and Information Services (OCIS) also is forward-thinking when it comes to artificial intelligence (AI). In addition to considering AI for predictive policing and fraud detection, the county also is debating the use of chatbots for its internal IT Help Desk hotline to answer routine calls such as unlocking accounts and resetting passwords. And OCIS is considering the potential of Internet of Things, particularly as it pertains to supporting the Department of Public Works, which already has deployed sensors in highway vehicles that monitor and measure various performance metrics — metrics that OCIS is thinking about tracking and reporting to improve public transparency.
3rd Chesterfield County, VA
After a strong showing in last year’s Digital Counties Survey, Chesterfield County continues its streak with a wide range of efforts across several areas. The county’s centralized Information Systems Technology (IST) department works diligently to ensure their strides forward in areas like open data and cross-agency collaboration are in line with the county’s mission and strategic plan. Chesterfield indicated that cloud computing is its No. 1 priority this year, and that shows as they’ve worked to migrate systems to the cloud to streamline work and reduce redundancy among organizations. This includes collaboration with other state and regional entities, particularly in public safety, where this year the Police Department created a site based on Google Groups for sharing alerts and other timely information with 39 local businesses along a high-crime corridor across two counties, and the number of members is expected to grow. A similar tactic was taken in IST’s hiring process, which has seen its staff vacancy rate drop 16 percent since 2013, in part due to a cloud-based recruiting tool and a strategic recruitment plan that have helped to streamline the recruiting process and cut down the time it takes to hire candidates, ensuring qualified applicants are not lost due to delays. This system took first place in Virginia's Datathon 2016: Governor’s Workforce Innovation Challenge.
More than 80 percent of the county has access to wired broadband, while more than 90 percent have access to Wi-Fi. This is partly due to Chesterfield’s efforts to place public Wi-Fi in more than 110 locations such as parks, libraries and historical sites around the county. Chesterfield also boasts great interaction on social media platforms, where the county actively seeks citizen participation and input.
4th Washoe County, NV
As major tech companies such as Apple and Tesla have moved into northern Nevada’s Washoe County, they have not only increased the population, but also brought more tech-savvy citizens who have high expectations for IT services from their government. Its fourth place finish this year is a credit to its progress in transparency, citizen engagement and cybersecurity, among other initiatives. The Technology Services department ensures that each of its annually updated objectives maps directly to one of the county’s strategic goals.
Washoe redesigned its county website in 2015 and is already planning a refresh to keep up with user expectations. They also bolstered their frequently asked questions page to improve the site's usefulness, and improved Board of County Commissioners meeting videos as part of a push for transparency. They are also launching a mobile solution so citizens who are unable to attend board meetings can still comment and make their voices heard.
Recently, the county implemented a business intelligence solution from SAP that integrates data from previously siloed applications, allowing county employees to better understand and visualize data, while also making financial information more transparent for citizens. In an effort to bolster cybersecurity, which the county lists as its No. 1 priority, Washoe County recently completed an external assessment of its credit card handling procedures, including its first internal and external security penetration tests. Based on the results of the assessment, the security team is already working to address additional cyberconcerns.
5th Clackamas County, OR
In Oregon’s Clackamas County — one of the state’s more populated counties — a technology-centric view plays a huge role in daily living and governing. With an unprecedented influx of people into the county and the greater Portland area, the installation and maintenance of broadband has been an essential strategy point for the regional government. The connectivity infrastructure has helped to not only grow the local economy, but also has allowed for home businesses to thrive. For the school district, the increased connectivity has resulted in substantial savings, bringing the monthly cost down from $10,000 a month to $255 a month for Internet access. The regional government has also been focused on bolstering its mobile capabilities with a mobile-first strategy and growing an engaged and flexible workforce. To attract new blood into their ranks, officials have embraced four-day workweeks and generous retirement packages. What’s more, the regional government does not require degrees and has a loose dress code within reason. With more call than ever for 24/7 accessibility to government resources, the county has been providing the right tools for the job. Online services like building permitting and inspection, court citations ordinance fees, pet health annual licensing and concealed handgun permitting are all available to the public. When it comes to collaborating with other partners, the county has embraced the opportunity to work with the state’s Department of Transportation to provide dark fiber to all possible county intersections. In the near future, the county plans to move applications to the cloud.
5th Leon County, FL
In Leon County, fifth-place winner in the 250,000 to 499,999 population category, technology plays a big part in not only how the regional government serves its citizens, but also in how it cooperates with the local governments around it. Joint-jurisdictional programs, like the shared data centers for the State’s Attorney’s office and the Clerk’s office and the Tallahassee-Leon County GIS (TLCGIS) program, are prime examples of sharing technology to further the public good. When it comes to using technology to keep the public safe, Leon County’s emergency website offers visitors up-to-date severe weather alerts and safety resources; the same goes for the one-stop emergency alerts mobile app. Open data and transparency and mobility also play heavily into the county’s overall strategy. The Your Check Book application allows citizens access to the county spending, contracts, audits and meeting minutes, while the Citizens Connect app enables the public to report issues, make inquiries and find emergency information. In their efforts to streamline government operations, IT also played into how the county handles Medicare processing. With a new case management system, the county is able to more quickly and accurately validate information for state reimbursements. Looking ahead, the county plans on increasing the mobility of its workforce as well as setting the stage for potential next-gen 911 upgrades.
6th Cumberland County, NC
Cumberland County’s sixth-place win in this year’s Digital Counties selection was based largely on the jurisdiction’s focus on mobile and its strategic technology rollout. Among the local government’s more innovative ideas was the layering in of artificial intelligence to supplement the jurisdiction’s cybersecurity stance. In addition, Cumberland County is also using eDiscovery to assist in meeting public records requests and is looking toward chatbots to reduce the call load on larger departments, like social services and animal control. Due to a reduction in state funding to counties and decreased property tax revenues, officials are having to look more carefully at the technology they implement for the future. Rather than investing in short-term projects, IT officials are leveraging cloud whenever feasible and investing in long-term solutions, like solid-state drives. The ever-increasing demands on the county’s technology services, both internally and externally, drove the creation of the county’s Business Intelligence Unit, which looks at enterprise solutions. Mobile accessibility has also been a key focus of IT officials in the county. The Freedom mobile application allows for easier viewing of 911 calls on smartphones and iPads, and better firefighter vehicle tracking. The county’s animal control department has also added mobile capability, allowing officers to work more efficiently from the field on a more user-friendly system. As for future tech-heavy initiatives, Cumberland County staff are looking at next-gen 911, and are preparing for a final state decision to allow them to move forward.
6th Dakota County, MN
Best practices, many of them with IT exposure, buoyed Minnesota’s third largest county in this year's survey. Maintaining a secure website; adopting a mobile-first philosophy; engaging residents via social media; and using an IT Infrastructure Library (ITIL) framework were all strategies that attracted notice for this county of 414,686 residents.
The county's IT agency received funding to provide SANS security training for all staffers; and with support and content from the countywide Information Management Steering Committee, employees also completed privacy and security training. County IT has also been updating its service catalog as part of an agencywide refresh of program measurements. Its service catalog uses the ITIL framework and is positioned to serve as the basis for a future renewal of SLAs with county agencies. They also joined the Multi-State Information Sharing and Analysis Center (MS-ISAC), which provides access to cyberthreat feeds and services from the Department of Homeland Security; and implemented a Cisco Intrusion Detection System and AristotleInsight to monitor log-on attempts and analytics data.
Dakota County IT adopted a mobile-first philosophy and trained staffers on the use of mobile tools and frameworks, including Visual Studio. The agency is also upgrading applications to mobile-ready technology as IT has available time, and updated its external-facing website to mobile-responsive design in October. Dakota County’s mobile iOS application, which aggregates locations, events and service information, is also now available in the Apple Store. Dakota also worked with the other six Twin Cities metro counties to remove licensing and fees for public GIS data and published data, services and apps on the Minnesota Geospatial Commons.
7th Loudoun County, VA
Loudoun County, the state's fastest-growing county two years ago, now serves 373,694 residents, which continues to motivate officials to modernize IT infrastructure and improve online services. This year, the county was recognized in particular for connecting IT initiatives to its strategic plan, after supervisors met in September 2016, identified increasing broadband and cellular access and being a connected community as key policies, and adopted the plan. To realize that vision, the Information Technology Department has released a Request for Information for broadband in western Loudoun, and the county is exploring a public-private partnership to improve Internet for schools, cut construction costs and dig once. The IT agency is also finishing an update of virtually every major information system, and when done will begin to use artificial intelligence to analyze financial, staff and citizen data. On the cybersecurity front, Loudoun rolled out two-factor authentication solutions to the appropriate employees and is undergoing a Proof of Value examination of Advanced Threat detection systems.
Chosen by Esri as its second U.S. site for a GeoHub project modeled after the example in Los Angeles, Loudoun County's IT department has spearheaded development of a GeoSpatial platform featuring transportation, public safety, community development and economic development information. Lauded for excellent use of social media, including active posting and commenting, the county includes a Facebook page, a Twitter feed, and a YouTube channel among its offerings. And recognized for good collaboration with other local entities, Loudoun County released an LC911 Situational Awareness Tool, a mobile Web app that offers public safety agencies enterprisewide incident awareness powered by software not commercially available.
8th Hamilton County, IN
Hamilton County, Ind., landed back on the list of top digital counties in the country in no small part due to its commitment to "do more with less." As municipal budgets are increasingly strained and commitments to transparency allow for public scrutiny of wasted taxpayer money, Hamilton County is looking at providing the most effective services by using resources as efficiently as possible. Part of that strategy entails making sure all programs and services offered by the county are well publicized through social media and citizen engagement. Control for county department sites has been given to the departments themselves, allowing for more rapid updates regarding programs and services. Additionally Hamilton County expanded its "Notify Me" subscription service, increasing subscription options from five to more than 40 choices, allowing users to be more selective in what they receive from various agencies. Residents are also given the option to receive updates via email or phone.
Understanding the rapid nature of technology advances, Hamilton County has also implemented innovative ways of reducing costs while offering an optimal level of service. One example is through regional cost-sharing. Hamilton and several neighboring counties have a cross-jurisdictional agreement to cover the cost of aerial photography for their GIS systems. Each municipality pays for the acreage within their jurisdiction, and the final photography is shared across all agencies. Hamilton has also outsourced several tasks rather than devoting scarce resources to an issue and has reaped significant cost savings. According to county officials, outsourcing tends to be less costly, faster to implement and more robust compared to a building custom application. Leveraging vendors for support and development allows Hamilton to provide specialized solutions with minimal effect on IT resources.
9th Ottawa County, MI
Ottawa County, Mich., has made slow and steady progress adhering to its strategic planning, and is realistic and honest in assessments of its progress and challenges. Such work does not leave much room for grand innovations, but it has allowed Ottawa to establish and pursue deliberate policies. This year the county added a cultural intelligence component to its efforts, moving to establish a related committee, employee training, a partnership with the Lakeshore Ethnic Diversity Alliance and a relevant community forum. Open data remains an ongoing concern, as it is nowadays for most jurisdictions, and Ottawa is considering mobile applications that are capable of mapping information about road closures, potholes, and which roads have been plowed clear of snow. Incident mapping from the sheriff’s department may also become available soon.
In terms of other new work, Ottawa has made strides in establishing more social media accounts for governmental agencies on sites like Twitter, Facebook and LinkedIn. Engaging the public with videos has been an area of emphasis and success through Ottawa’s YouTube channel. The county also created an online features service center to centralize its online services and double as the home screen for new self-service kiosks installed in several county offices.
10th Bell County, TX
Bell County, Texas, has been among the fastest-growing in the country, seeing growth of 30.4 percent over the past decade, which outpaced both the state (20.6 percent) and the nation (9.7 percent). Amid this expansion, many of the county’s initiatives continue to focus on efficiency. One notable ongoing project is the conversion of the courts’ more-than-20-year-old legacy systems to a newer Web-based one projected to reduce time and labor costs throughout 17 courts while simultaneously maximizing Bell’s ability to collect owed money. The sheriff’s department in Bell is working to centralize all warrants issued by jurisdictions in the county, creating a database for prosecutors and officers to access in the field. The county has also embraced cloud services internally, such as Office 365, plus OneDrive for document storage and retrieval and Skype for Business to enable chatting. Bell is focused on mobile, and within the next year it plans to replace about 20 percent of its desktop computers with mobile devices, while rewriting its website to make responsive design an organic feature. Bell also has a 72-mile fiber network that spans the entire county and connects to major cities, schools and other government agencies. It is now evaluating the feasibility of a central data storage concept to reduce costs for everyone.
Aside from efficiency, open government remains a focus for Bell, which added live video and audio streaming of weekly commissioner’s court meetings, plus footage archives. Bell has also had success with cybersecurity, to date preventing ransomware or any major intrusions with complex password rules, a next generation firewall, website filtering to guard against phishing, and mandatory security training for all employees.
10th Durham County, NC
Durham County’s focus on data-driven government and connecting its constituents to current and relevant data sets earned the local government a 10th place spot in this year’s Digital Counties selection. In addition to rolling out comprehensive and publicly available financial data dashboards, the county has partnered with Durham City to launch a cooperative portal. Internally, the county uses data to drive the daily decision-making process and measurably improve the services it offers to citizens. Though the region was hit hard by the effects of the 2008 recession, leaders have focused on efficiency through actionable data. Going mobile has also been a key action item for the county. The jurisdiction launched a social service mobile app that allows county employees to photograph documents and route materials to the right case manager, and reduces travel time to the office. Officials have also launched the Durham One Call 311 system and redesigned their website. And the county-city collaboration, under the name IdeaLab, serves as an idea-sharing hub for public servants to gather and exchange new and innovative ideas. Looking to the future, officials see real-world potential for artificial intelligence (AI) when it comes to social services and public health.
150,000 – 249,999 Population Category
1st Arlington County, VA
Arlington County ranked first in its category in 2017 (its second consecutive year with this distinction) on the strength of many forward-leaning programs aimed at realizing the vision of county leadership in the areas of transparency and open government. This past year, the county live-streamed all county board meetings and other public meetings, reporting growing engagement as a result. More than 100 data sets now populate its open data portal, which has given rise to a three-pronged data analytics program, consisting of strategies for data analysis, data governance and data management, all in the name of optimizing county decision-making. The county currently employs artificial intelligence technologies as a part of its cybersecurity program, but plans to greatly expand its use in the coming years. For example, Permit Arlington, a new permitting system, will use a virtual call center for those who want to do business with the county. The tier II system will offer online chat, video conferencing and intelligent routing in its first phase, adding voice recognition and machine learning capabilities in phase two. The county’s aggressive mobile strategy includes allowances for distinct kinds of mobile work — field workers, teleworkers and remote workers — and strives to support the productivity of all three with appropriate devices, policies and collaboration tools.
2nd Delaware County, OH
The fastest growing county in the state of Ohio, centrally located Delaware County earned second place in this year’s survey, up from a ninth place finish in 2016. A multi-faceted approach to cybersecurity demonstrates its importance for the organization: New employees are hit with cybertraining, and the workforce is continually phished and educated with best practices throughout their tenure. A full suite of solutions and monitoring tools protects the county’s data and networks from threats like malware, DDoS attacks and ransomware. Liability coverage for cyberthreats has grown considerably, the county reports, and a redundant backup system puts the county in an enviable position for disaster recovery.
Delaware County has also made significant strides in citizen engagement in the past year, with multiple agencies on Nextdoor, active Facebook communities where citizen surveys are administered, and effective use of Twitter for leaders like County Sheriff Russell L. Martin. The 911 Center’s incident feed posts automatically to both Twitter and Facebook, and the agency website lets residents opt in to a special needs registry to equip responders with details on any developmental, medical or physical needs present in the household in the event of an emergency. Shared service endeavors include Internet-bandwidth sharing, server hosting and comprehensive IT services, representing considerable cost savings. The county is currently pursuing similar agreements with several additional agencies within the jurisdiction’s limits.
3rd Charles County, MD
Charles County, Md., continues to stand out in its population category with a third-place finish in 2017. Central IT supports many efforts to maximize organizational performance with close tracking of data, using key performance indicators as well as broad use of business intelligence tools throughout the organization. Technology initiatives stay on track with annual updates of the IT strategic plan and biannual reviews of all tech-related internal policies.
The county offers an impressive array of mobile-friendly online services and mobile apps for a jurisdiction of its size (population of just over 150,000), including a jobs app, an app offering commissioner vote tracking, bus tracking and many others. A recycling app offers schedules, guidelines, reminders and an interactive waste sorting game. A group of staff convene regularly to strategize on county social media use. One product of the workgroup is a social media playbook to help guide effective engagement strategies. Also underway is planning for a 311-like resident request system to help residents submit and track service requests online.
Charles County has a wide variety of tools in place in the name of cybersecurity, including an insurance policy to further guard against breaches. Current cybersecurity training will soon be upgraded to training solutions from Security Mentor, which will include monthly lessons and the ability to track progress by individual employees. Also on the staffing front, the county employs a unique approach to keeping IT jobs filled by bringing most staff on as part-time, allowing them to pursue their education simultaneously. The county reports that the strategy is an effective way for the county and part-time staff to evaluate each other before they commit to a full-time hire. Further, they cite the added benefits of low turnover, recruitment savings, retention of institutional knowledge and additional expertise gained through the education part-timers are able to pursue.
4th Onslow County, NC
As a coastal county in North Carolina, Onslow was in the direct path of 2016’s Hurricane Matthew. Luckily, the state’s information technology team was well prepared and well coordinated with neighbors, constantly communicating updates. The interjurisdictional collaboration and communication made managing an event of that magnitude possible. Onslow’s Information Technology Service has made significant steps in the last year toward increasing their Disaster Recovery toolset, including enabling a microwave network backup connection between its three main locations, diversifying ISP connections through a partnership with a local municipality and configuring the county firewall to load balance the Internet connection. Onslow is working with regional partners to issue an RFP to replace Reverse 911 and citizen engagement software. By adding a joint mass notification system, Onslow anticipates cost savings of approximately 50 percent and gains the ability to provide the service to local governments that found it cost prohibitive to do so prior.
Another aspect of resiliency preparedness is Onslow’s commitment to social media and citizen engagement to provide residents with updated and timely information about emergencies. Publishing as much information as possible also falls in line with their commitment to transparency. The finance office received a Certificate of Achievement for Excellence in Financial Reporting Program for the county’s transparency and data accessibility. In the past year, Onslow began training real estate agents and contractors to use online open data tools more efficiently, released an updated GIS Web portal, unveiled online access to permits for Planning and Environmental Services and relaunched the county website with enhanced functionality and ready access to information.
5th Cabarrus County, NC
In order for the Information Technology Services department of Cabarrus County, N.C., to fulfill the county’s strategic goals of connecting the government to its residents through purposeful and strategic communication, enhancing education and improving active community participation, ITS has revamped its homepage and the accessibility of official documents. Finding out more about how residents use the county’s site helped provide insight on which areas needed improvement. Taking a page from 18F’s Digital Analytics Program, Cabarrus built a public analytics dashboard for all Web traffic, and made it freely available for the public to explore. The data comes from a unified Cabarrus County Google Analytics account and helps county employees understand how people find, access and use county services online.
Cabarrus has also started implementing SeamlessDocs Government Relationship Manager, a CRM system designed to help strengthen the relationship between the county and its citizens, employees and vendors. The system includes a citizen portal that allows the county to correspond and communicate with citizens and provides them with the ability to save forms and log in to check the status of their requests. The county is also using SeamlessDocs on their intranet site for internal communications. The new system will feature performance dashboard displays of each department’s budget measurements and provide users with a simple visual scorecard of how well departments are meeting their goals and objectives.
6th Oneida County, NY
A perennial member of the top digital counties, Oneida County, N.Y., shows no signs of slowing. One focus on the minds of many has been to upgrade cyberdefenses through remote backups and constant attack monitoring. Oneida has designed and installed a Continuity of Operations/Disaster Recovery data center specifically designed with data segregation that will allow other municipal governments to securely store their data in a physical location where that municipality could work from in the event of a server room disaster at their primary data center. In 2016, the county decided to conduct a Cybersecurity Risk Assessment. Recommendations were then established into the framework for a cybersecurity program in March 2017.
In addition to improving digital cyberinfrastructure, Oneida also focused on physical infrastructure. Oneida, in collaboration with neighboring counties, began working with the Mohawk Valley Transportation Management Center to enable a seamless management of the transportation network within Oneida County for the traveling public. The project is looking to build consensus with local elected officials on the importance of smart transportation infrastructure to increase awareness and generate project support in the form of a project working group. Additionally, the project is working to identify key corridors to be upgraded, develop a GIS database of smart infrastructure, and create a road map for implementing applicable, cost-effective solutions and strategies with tangible benefits.
7th Doña Ana County, NM
Doña Ana County, N.M. has the distinction of being the only New Mexico county to place in recent years. In 2017, the county earned a seventh-place finish, driven by a commitment to transparency, its use of tech to promote regional transportation and its work to increase efficiency with shared services.
For years, Doña Ana has embraced robust open government practices, including online streaming video of meetings, real-time election results, public records, building inspection statuses and more. In the past 12 months, it built a mobile app for getting notifications from the sheriff’s department and for accessing detention center inmate info. Citizens can also provide anonymous crime tips using the app. Doña Ana is also working on a public-facing site for tracking and viewing public info requests, similar to RecordTrac in Oakland. Doña Ana has also undertaken a number of shared services projects: one of the most notable is No Throw, an app that allows citizens to easily report illegal dump sites. That app has been such a success that the county is now expanding it throughout the state.
8th Davidson County, NC
This marks Davidson’s fifth consecutive appearance on the Digital Counties survey, a feat driven by a strong tradition of putting tech at the forefront of its agenda. In recent years, Davidson has often been lauded for using predictive analytics in its performance-based budgeting system, which helps the county maximize taxpayer money. This system evaluates programs and measures the relationship between resources and results, helping to ensure that funds are allocated in the most effective ways. The tool even projects capital needs, revenue and expenditures for the next five years in order to predict proposed tax rates. To date, it has saved the county more than $26 million, and continues to be a bedrock of the county’s tech accomplishments. Davidson has also used tech to enhance access to services. Its inspections department, for example, is now accepting online permits, providing results in real time and taking online payments.
Another major focus for Davidson as of late has been social media, as a number of its departments have become active on Facebook, Twitter, Instagram and Pinterest within the past year. Davidson County also has a shared fiber network with the city of Lexington that benefits both agencies, and the sheriff’s department in Davidson is collaborating with a local mental health agency and a community college to build a new app aimed at helping officers in the field who encounter citizens with mental health challenges.
9th Jackson County, MI
Facing down an anticipated $2 million budget shortfall, Jackson County has nonetheless managed to move forward on mobile engagement, cybersecurity, resiliency, connectivity speed and procurement projects in the past year. The county’s cybersecurity officer and IT staff have deployed a new firewall and are in the process of adopting international security standards. They’ve also created a task force to examine backup and recovery systems.
IT staff have also boosted the speed of the county’s internal connectivity infrastructure, including a security upgrade that will allow for encryption of data in motion. Meanwhile, they are in the early stages of procuring a next-generation 911 system and are considering options for a predictive policing system. On the citizen engagement front, the county has begun launching mobile apps and is crowdsourcing images from the community to provide content for its new website.
9th Pitt County, NC
North Carolina's Pitt County has a number of plans underway for enhancing services and ensuring digital success going forward. In the past year Pitt County IT workers set up a next-generation 911 system and beefed up the functionality of the jurisdiction's food inspection tool; in the coming year it plans on deploying a new citizen relationship management system for economic development. The county also put up a new mobile-first hosted website with CivicPlus that offers form completion and submission, as well as a public data portal. Though the data portal is download-focused and fragmented, county IT staff have plans to put up a new, GIS-heavy data portal in the next year. To make the most of the mobile-first website, the county has given mobile devices to several of its departments so they can perform more work in the field.
Among the data the county offers online is detailed budget documentation and presentations, which have won it the Distinguished Budget Presentation Award from the Government Finance Officers Association for 30 years running. Pitt County has also made strides in cybersecurity recently, hiring a vendor to perform an assessment, which led to security awareness training and a managed security services contract. IT officials plan to take advantage of the contract as a means to put more proactive security safeguards in place. In terms of personnel, the county has made a concerted effort to rethink how it hires, emphasizing problem-solving and analytical skills over system-specific knowledge. For example, one new employee has a master’s degree in analytics and is using her skills to dig for correlations among food safety-related data sets.
10th Boone County, MO
Home to the University of Missouri and not far from the state’s capital city, Boone County is taking a forward-looking approach to new technologies for a jurisdiction its size. The county’s IT officials keep a dedicated GIS office, and there they are tinkering with new approaches to their work, such as data fusion and artificial intelligence-powered prediction. The GIS office also functions as a self-service data portal for citizens to use. Boone County has also made a concerted effort to respond to the boom in mobile device use, issuing smartphones and tablets to employees and election poll workers. IT workers are designing a new website with mobile in mind from the beginning. Recently the county extended its Smart911 program to include a notification system capable of sending alerts for emergencies and other events to users’ phones and emails.
Having taken on responsibility for the county’s 911 center in 2015, IT staff are looking for ways to help hook agencies that need public safety data into the systems they need and are planning for a new computer aided dispatch system toward that end. One big project the county will take on soon is the procurement of a new enterprise resource planning software package. IT officials hope to set up a new system that will make their work more efficient, offer a larger suite of features and operate with a more user-friendly interface.
10th St. Tammany Parish, LA
St. Tammany Parish, La., ranks No. 10 in this year’s survey, and it's targeting the end of 2017 to go live with the third phase of the parish ERP project. Fully funded and supported by parish leadership, the upgrade better positions the organization to serve its constituency by eliminating the need to fund and support increasingly outdated technology. It also helps provide more transparency into county operations, allowing for easier tracking of performance metrics. A newly redesigned home page better connects residents to available services, such as permit inspection requests, utility bill payments, litter reporting and live council meetings. A full-time security analyst is now on the payroll, helping to secure IT infrastructure for the county. In the past year, a number of cybersecurity tools have been upgraded or added, including firewalls, malware protections and Web filtering appliances. Strides have been made in employee training as well. Staff is now required to attend a minimum of one cybersecurity training session each year.
Up to 150,000 Population Category
1st Albemarle County, VA
During the past three years, a focus on technological infrastructure has helped Virginia’s Albemarle County rise from seventh place in 2015 to second place last year to the No. 1 spot among its peers. The agency, which serves 105,000 residents, continues advancing on earlier initiatives. Its Emergency Communications Center is the latest department to publish key performance indicators; the county website will update to a mobile-first design by the end of the calendar year; and Albemarle recently won a $118,000 construction grant to expand broadband services in rural areas.
This year, judges noted its advocacy of open data and transparency, which includes video-streaming meetings; providing public access to county records through LaserFiche; taking citizen input on Albemarle’s first community telecommunications plan; and creating a public portal that integrates GIS data with community development records to offer information on real estate and construction. Strong public engagement programs are also in evidence, as county officials published details of Board of Supervisors’ budget work sessions, as well as community meetings and county executive presentations; and sought input from residents on potential urban area projects. The agency continues to strengthen systems countywide, deploying a new records management system and computer-aided dispatch for public safety; and using data analytics to inform law enforcement. A partnership between the county school division and the police department lets officers use the county's secure Wi-Fi to file reports from their vehicles.
The county conducted an extensive security audit, introduced a new Microsoft identity and access management system and SANS Institute security training for all employees. Its police department's IT systems also passed a federal Criminal Justice Information Services review. And over the next 18 to 36 months, officials plan to explore deployment of artificial intelligence and related devices beyond their current use in GPS and mapping, to chatbots, cybersecurity, machine learning and general pattern behavior.
2nd Nevada County, CA
Home to more than 98,000 citizens, Nevada County dropped slightly in ranking to second place this year but continues to impress with its commitment to serve citizens, employees, even other cities — in the face of a decline in overall resources brought on by the Great Recession. Its board-adopted, three-year Enterprise Information and Communication Technology Strategic Plan aims to boost productivity, self-service offerings to residents and overall efficiencies.
Cybersecurity continues to be a key focus, which acknowledges that its citizens expect government service to be comparable to private-sector service. To that end, the county added an Accela land management and permitting suite, offering upgraded online and mobile services including permit and plan processing, payments, inspections and status tracking. Later this year, the county’s Citizen Request System (CRM) will be replaced by an Accela CRM featuring a fully mobile interface. Officials rewrote the popular, public-facing GIS MyNeighborhood map app on an Esri framework and added new aerial photographs. Elsewhere, its cloud-hosted open data portal filters and previews its GIS data.
The county’s new website, planned for launch in August, will feature responsive design and more social media, video and citizen participation; while another crowdsourcing site, Participate Nevada County, offers residents an easy way to suggest, vet and comment on new ideas. A new Secure Employee Portal lets staffers reach the Employee Access Center during an emergency, while a mobile worker initiative and a BYOD policy enhance solutions available to employees.
Having established a data center Disaster Recovery site to provide offsite backup and recovery for county data , Nevada County offers rack space and fiber to local state court buildings and the town of Truckee. The county has also partnered with a second local city to assist with its overall IT needs.
3rd Allegan County, MI
Again taking one of the top spots in this year's survey, Allegan County, Mich., has big plans going forward. Over the next several months, IT officials we will be working closely with the Parks and Tourism department to deploy free Wi-Fi in several county parks. And this past spring, it began taking part in a statewide multi-agency collaborative program to develop cybersecurity-as-a-service — a program that will ultimately create a shared chief information security officer (CISO) position for agencies across the state to utilize. Allegan County is quite familiar with collaboration: The Allegan County Governmental Network (ACGnet), which formed in 2010, hosts eight governmental agencies on a reduced server inventory, and its Reverse Auction Consortium is a three-county partnership that the entities use for procurement — and both programs serve as models for other municipalities across the state. The county also has expanded its mobility efforts by partnering with Kent County for collaboration on shared equalization services. Now staff from both counties can utilize mobile technology solutions in the field and collaborate across county lines as if they’re in the same office. Allegan also is consistently evaluating the ease and effectiveness of its public-facing website, using analytics and trending from various tech tools to orient the look and feel toward its customers’ interests and popular subject matter. One thing officials gleaned from the data was the frequency with which constituents were requesting GIS layers and shapefiles, and after releasing the county’s entire GIS Data Library free to the public, officials went further and created a fully interactive online GIS Portal where users can create their own maps using the data.
4th Montgomery County, VA
When it comes to taking care of its IT responsibilities, Montgomery County, Va., population 97,244, is on top of it — and has held strong in fourth place for the second year in a row. A server virtualization and data storage project that was three years in the making has now been completed, and includes full disaster recovery capabilities that will soon take cyberdisruptions into account. All in all, cybersecurity is a high priority for the county; officials have begun a substantial initiative that includes implementing several artificial intelligence-capable tools, such as vulnerability and threat assessment, and intrusion detection and prevention. Also impressive is the county’s expansion of its OpenGov platform that will provide interactive budgeting capabilities in the future, as well as its dedication to social media; more than 30 social media sites are managed by individual departments, and the IT Department used LinkedIn Recruiter to hire a systems architect from Florida and a systems engineer from North Carolina. Perhaps most noteworthy, however, is the implementation of the Sheriff’s Office’s Automatic Injury Detection (AID) system, which relies on plastic panels slipped inside bulletproof vests that notify department command and dispatchers of the exact location of a deputy who’s been involved in a shooting or knife attack, or has been hit by shrapnel, so they can get medical assistance in a timely manner.
5th Napa County, CA
In a county known for its vineyards and world-class wines, government IT is doing some serious behind-the-scenes upgrades. All in all, the IT prowess in Napa County, population 142,456, has earned it fifth place in this year’s survey — after having placed sixth in 2013 and not at all since. The ultimate goal for the county’s Information Technology Services (ITS) division is to ensure that county businesses can rely solely on technology for their commercial processes by building business continuity into their operations — and county departments and constituents can utilize tech to enhance practices and gain efficiencies. And with increased reliance on technology, leaders in ITS have expanded work around information security, including researching new tech to secure both the county’s network infrastructure and its information stored in the cloud. To reduce risk and improve user password management practices, ITS also implemented single sign-on for multiple user groups. This year’s judges were impressed by the county’s commitment to openness, as evidenced by the GIS data it opened to the public in 2002 and then released into the public domain under Open Data Commons licensing in the last year. Of particular note is the county’s creation of an animated video that simplified and gave character to an otherwise bland topic: the county budget process. Once the video was posted to Facebook the visual “civics lesson” generated buzz. ITS also is conducting its Innovation Days pilot program, where employees set their normal duties aside for two days to work on developing a solution for a business process issue they’ve identified. The six‐month pilot began April 1, 2017.
5th Roanoke County, VA
A largely rural county in Southwest Virginia, Roanoke made fifth place in the Digital Counties survey for solid accomplishments in four key areas of IT. First, Roanoke has built up its transparency initiatives that include an open budget planning process and outreach to interact with citizens regarding government issues. Second, the county’s open data projects have borne fruit, especially in regards to GIS. Open data layers provide valuable location information for economic development. Roanoke is also in the process of developing a “GeoHub” that will allow the public to explore and visualize location data. Third, the county has a robust mobile program that includes a number of apps for everything from parks and recreation and general government information to the specialized, such as a mobile incident command app. Lastly, Roanoke has embedded citizen engagement and social media into many of its practices. The county’s employee handbook now includes instructions on best practices and governance; all GIS-related apps have a social media component; the police use social media as well, and the county has successfully used social media to recruit citizens to interact and engage with county officials on civic matters.
6th York County, VA
Located in Virginia’s Tidewater region and with a population just over 66,000, York County is small but ambitious when it comes to technology. The county has opened up its budget process by putting it online and available to the public. It has implemented a body cam initiative for its police department, and it continues to make enhancements to a variety of shared services, including CMS and finance. York receives high marks for its cybersecurity policies and practices. The county has upgraded its firewall, which includes better intrusion detection and intrusion protection systems. Staff undergo security awareness training regularly, and the county has even begun building an isolated IoT network that will mitigate risk for devices such as smart vending machines. Infrastructure upgrades include more robust Wi-Fi across the county, the consolidation of the county’s two data centers into a single operation and a redesigned file storage security system that won an award from the Virginia Association of Counties in 2016.
7th Skagit County, WA
Skagit County, located north of Seattle, and home to about 120,000 residents and three tribal nations, has invested significantly in IT to support key county initiatives. These include an online health records system for the county’s jail system and a fiber initiative to bring high-speed bandwidth to the cities and towns in Skagit. Enhancements to the county’s GIS allow it to include new tax parcel data, especially useful due to recent property annexations by the county’s tribal nations. In terms of services, the county has invested resources in making government more transparent. Everything from the county code to video of council meetings is now available through the county’s portal. GIS data is also available to support county functions and for economic and land development. The county also has a mature shared services program in place. For example, law enforcement agencies from different jurisdictions have access to data, including e-discovery files on the county’s document management system. Skagit also has a partnership to provide shared IT services for the tribal nations.
8th Summit County, UT
Despite its small, rural stature, Summit County isn’t neglecting the IT duties that help overall government function. With improving transportation being one of its primary concerns, Summit County IT has taken an active role in using technology to meet the challenge by spinning up an online website to offer resources to daily commuters. Continued growth in the building industry has further complicated the transportation issue. The county has also been working with the state’s open data project to make data more accessible to the public. In line with efforts to curb transportation woes, the county has also investigated the use of virtual desktop interfaces, which also helped to reduce management costs. The VoIP phones the government installed in 2014 have aided in the ability to work more remotely. For the near term, the county is working to build out an Esri restaurant inspection application, as well as a septic tank inspection application. Through a partnership with the Park City Fire District, officials are working to improve communications and response times.
9th Rowan County, NC
What Rowan County lacks in population size it makes up for in its commitment to IT services. The county took a ninth-place win in its population category for its effort to better the jurisdiction through technology and the partnerships it has built with neighboring governments. One of the key example of Rowan’s rubber-meets-road undertakings the IT department’s work to streamline the 911 system, not just for itself, but also for its neighboring local and regional government counterparts. Rowan has worked with neighboring Cabarrus County to more seamlessly transfer 911 calls and is currently working to establish a state-mandated backup 911 system inside the Cabarrus County facility. Rowan County's IT and 911 Telecommunications have also partnered with Salisbury and Rockwell Police Departments in a shared services solution. The jurisdiction has also developed a number of useful apps for internal and public use. Apps like the polling place finder and ADA transit apps are available to the public, while the EMS location app allows for first responders to quickly and easily look up location data.
When it comes to transparency, the county is working to build its MUNIS citizens portal that will offer access to budgetary and expenditure data based on real-time, in-house data. The county has also turned its attention to making its online resources more mobile accessible. According to Google Analytics, the county reports roughly 43 percent of traffic for county services come from mobile devices. The IT shop has also reworked itself, with the cooperation of the county’s Human Resources Department, by implementing a four-person management team that has resulted in better definition of the roles and responsibilities and better guidance for department staff. On the innovation front, the public library is home to a 3-D maker space, which offers public access to a wealth of tech resources, including 3-D printing equipment. The county has also been working with drones to capture county branding footage.
10th Coconino County, AZ
Nestled in northern Arizona, Coconino County may be small, but it’s making steady progress on the IT front. In 2016, the county formed a Website Redesign Committee to work on updating its public-facing website, including engaging citizens with a public survey to report on how functional they feel the current site is and what they want to see on the site going forward.
The county has also made strides toward open data, particularly through its GIS applications. For example, due to budget constraints in 2014, Coconino County was having trouble maintaining its roads. One way it dealt with the maintenance was the creation of a dedicated Web portal to give citizens updated information about what was being done, as well as an interactive GIS application that showed where projects were located and what traffic that might impact. The county also launched an open GIS data portal as a public resource where citizens can view mapping information like voting precincts and municipal boundaries.
10th Tompkins County, NY
Shared services is the name of the game in Upstate New York’s Tompkins County, with a population of just under 104,000. They point out that unlike larger governments, small jurisdictions often do not have the resources to implement and support big technology initiatives, and often the best solution is to pool resources with neighboring counties. One major shared project is the Tompkins Shared Services Electronic Records Repository (TSSERR), a public shared records management portal from Laserfiche for which Tompkins County is the “data custodian.” Projected cost savings from the project through 2018 is $2.9 million. Tompkins County’s next big initiative will be to use a $650,000 New York State Government Efficiency Grant to expand the enterprise content management system to neighboring Cortland County, and in turn will store their backup records in Cortland’s data center.
Wed, 19 Jul 2017 04:30:00 PDT
Tips for Guarding Against Untraceable, 'Fileless' Cyberattacks
A cybercrime trend with alarming implications for public agencies remains popular as the year wears on; called "living off the land," the technique is drawing increased interest from attackers looking to further reduce their profiles, a new white paper has found.
“Living off the land” techniques use tools already installed on users’ systems to access sensitive data — and are a “clear trend in targeted cyber attacks,” according to Living Off the Land and Fileless Attack Techniques, a special Internet Security Threat Report released July 12 by cybersecurity company Symantec.
Accompanying that trend, authors wrote, is a “growing interest” in four types of “fileless infection techniques:"
Memory-only threats run in a computer’s memory, with nothing written onto a file or disk; machines disinfect themselves when they reboot or restart, leaving no trace.
Fileless persistence ensures attacks begin anew even after a restart and disinfect, with the most popular strategy imbedding malicious script data inside a computer’s registry.
Dual-use tools are clean tools used legitimately by a computer’s owner, but can be co-opted by hackers to their own benefit or downloaded afterward.
Candid Wueest, a principal threat researcher and main author of the report, told Government Technology that hackers continue to evolve their strategies to avoid being found out because vulnerabilities in public software are getting harder to find.
Two recent exceptions, he noted, are the WannaCry and Petya ransomware attacks, which exploited a flaw in Server Message Block, used in instances including file sharing to remote Microsoft Windows services. But simplistic, hard-to-spot strategies are becoming more common.
“The attackers are falling back to proven methods, which are usually simple, but with a little bit of social engineering and clever wording, they are nevertheless still successful," Wueest told Government Technology. "Why would they spend a lot of money or resources to find exploits if they can simply do an invoice attached to an email and have someone deliberately infect themselves?”
In Missouri, state CISO Michael Roling told Government Technology that officials have “seen an uptick” in these types of activity and watched hackers’ tactics change in recent years, demonstrating that mere signature-based malware detection is just not good enough anymore.
“We see a mix of various attack methods, and oftentimes there may be more than one technique used. The art of deception — these attackers, they’ve crafted that,” Roling said, indicating that officials have seen malware over the years that capitalizes on “vulnerable plug-ins and extensions.”
This isn’t the first time fileless infection techniques have risen in popularity, Symantec authors wrote. The Code Red worm, which emerged in 2001, existed in memory and wrote no files to disk. In 2014, these types of attacks spiked again, driven by fileless persistence methods from threats like Trojan.Poweliks, which lives in a computer’s registry.
Wueest said Symantec expects the popularity of fileless techniques to continue through this year and likely 2018 as well, potentially tapering off as new security mitigation tools, services and software are created.
A lessening should take “at least two years” for public government agencies, he said, because their adaptation cycles tend to be “not too quick” and funding is often tight.
On average, Wueest said, state and local government agencies tend to be “less prepared” for these types of attacks because they may not have their own Internet security operations centers with teams available around the clock.
Attacks involving dual-use tools may hit a particularly sensitive nerve by flipping agencies’ tools to a hacker’s benefit — but the most popular incursions center on non-PE files, Wueest said, noting that some groups spam out hundreds of thousands such emails daily.
Efforts to block them are improving, he said, but both are likely to be commonplace for some time.
“These two will be the main thing where we see a drastic rise in usage from all kinds of groups of cybercriminals, but also targeted attack groups. For all of them it makes sense, because they are so versatile and also so powerful to use,” Wueest said.
Attacks often begin through spear phishing, an email spoof targeting a company or individual, the threat researcher said. Public agencies are particularly at risk here because in many cases they regularly deal, and are accustomed to interacting, with new customers via email.
Best practices, however, can go a long way toward reducing that risk. Wueest recommended agencies review privileges carefully to ensure staffers have administrator rights only if it’s absolutely essential. Similarly, he said networks and servers should also be segregated to restrict access.
Jerry Driessen, CIO of Hennepin County, Minn., echoed those recommendations; he emphasized that firewalls need to be strong, and network architecture and design need to be configured to keep agencies secure as Internet of Things (IoT) devices increasingly expand their reach.
“These types of intrusions need to be dealt with through active monitoring and your architectural design, especially in the context of IoT,” Driessen told Government Technology, noting that agencies need to be vigilant because devices ranging from soda vending machines to stovetops at incarceration facilities are now capable of being part of IoT — and may themselves be easily breached.
“I would also say that contracting plays a role because of how you buy some of this stuff. Ensuring that it’s not predisposed to malware coming across is critical,” Driessen added.
Missouri’s CISO said his state has invested in other technology and processes over the past five years to identify newer forms of attacks. Fundamental protections, Roling said, include good patch and access management, and improving end-user awareness.
More generally, Roling added, an investment in one or more of three areas is crucial if agencies hope to fight these more invisible threats.
“There is an investment to be made in either people, technology or getting the word out,” Roling said. “Helping them understand the criticality of what we’re faced against is absolutely vital.”
Mon, 24 Jul 2017 02:30:00 PDT
GT on the Street: Do Millennials Want to Work for Government?
Millennials make up about one-third of the current American workforce, but those numbers don't quite hold up in government. That fact, coupled with the public sector's well-documented retirement wave problem, explains why recruitment and retention always rank near the top of priority lists of state and local chief information officers.
We took to the streets to ask young people oriented toward technology if a government job appeals to them. Then we asked state CIOs whether their perceptions are in line with reality. Here's what both groups had to say.
Mon, 24 Jul 2017 09:50:00 PDT
Book Review: Borderless Behavior Analytics
As we head towards 2020, our cyber defenses must evolve rapidly to keep up with growing breadth and depth of online threats. Even as exciting digital advances are announced daily in virtually every global industry from travel to finance to health care to government, new data breaches often undermine our technical progress and business efficiencies.
How did we get here? What security buzzwords, architectures, technologies, processes and frameworks were widely used over the past decade – and why are they failing now?
Most important, what are leading enterprises doing in 2017 to counter these trends and prepare for the future? What trends are security trends, architectures and new buzzwords are emerging? Where are we going and how can data analytics help solve our pressing security concerns?
These are just some of the topics covered in this outstanding 2017 book entitled: Borderless Behavior Analytics.
Ms. Saryu Nayyar, the CEO of Gurucul Predictive Security Analytics, is the primary author. However, the list of contributing experts who write a chapter is truly a “who’s who” of leading technology and cybersecurity industry names.
Contributing authors include:
Jerry Archer – CEO of a major financial services company, with 30 years of security experience at leading companies and government agencies including Intuit, Visa and the CIA.
Gary Eppinger – Global VP, CISO, for Carnival Corporation, ranked 24th in the ExecRank’s “Top Security Executives.”
Gary Harbison – CISO at Monsanto, has over 19years of experience in information security, including multiple Fortune 500 companies and US Dept of Defense.
Leslie K. Lambert – Former CISO for Juniper Networks and Sun Microsystems, has 30 years experience in IS, intrusion detection, threat assessments and mitigation.
Robert Rodriguez – Chairmen, Founder of the Security Innovation Network (SINET) – advancing public and private innovations in cybersecurity.
Joe Sullivan – Chief Security Officer (CSO), Uber; Past CISO of Facebook, a member of President Obama’s Commission on Enhancing National Cybersecurity.
Teri Takai – CIO at large, she has served as the CIO and EVP of Meridian Health Plan, CIO for the Department of Defense (DoD), as well as CIO for the states of California and Michigan.
Jim Routh, CSO of Aetna, offers a compelling foreword that strongly endorses the book’s content. He closes with these words, “This book is a collection of thought-provoking content from industry luminaries presenting practical guidance based on expertise essential to the impact of models on identity and risk-based security maturity, for enterprises large and small moving at customer speed. Welcome to the future of cyber security soon to an enterprise near you.”
Book Overview & Key Topics Covered
This book covers a lot of ground in a short amount of time. I really like the flow, examples, case studies, and diversity of backgrounds and viewpoints offered by the executive writers. At the same time, Ms. Saryu Nayyar brings the writing together in a cohesive manner that flows together well.
Here are the chapter titles:
Impact of Cloud and Mobility for Identity
The Compromise and Misuse of Identity
Insider Threats, Account Compromise and Data Exfiltration
Identity, Access Risks and Access Outliers
We Need a New Approach – Key Drivers
Discovering the Unknown: Big Data and Machine Learning
Cloud and Mobility: Unknowns for Identity Risks and Misuse
Requirements for Borderless Behavior Analytics
Predictive Security Analytics Use Cases
Afterward – The Borderless Road Ahead
After first glance at this table of contents, one might think that this book offers a solid reference for your bookshelf on the topics listed, which is somewhat true. However, I found great benefit in reading the book from cover to cover – mainly to gain the unique perspectives and case studies from the diverse set of luminary experts.
Stated in another way, all of the chapters cover the need for better use of big data to find the data needles in the haystack, and the examples and words used by different experts vary to some extent. For example, Teri Takai brings an amazing amount of government expertise from the Department of Defense (DoD), two very different state government enterprises (California and Michigan) as well as Ford Motor Company. Her insights are very different than Joe Sullivan and Leslie Lambert, who come from different professional backgrounds.
Regardless of your current industry, I found the depth and breadth of the examples offered to be refreshing and thought-provoking for CIOs, CISOs and other technical leaders. Other books and white papers on these similar topics are either too high-level or too vendor-specific to provide the needed guidance for security and technology executives moving forward.
A Deeper Look at the First Two Chapters
Chapter one of the book explores the impact of cloud and mobility for identity. The history of various industry drivers, technologies, job titles, and approaches are examined, with trends described that led to data being dispersed outside organization firewalls – with no single security control point for data anymore.
Enterprise risk terminology, like the term “dwell time,” are explained, which is the average time between infection and detection. Also, Saryu Nayyar explains the importance of new approaches, “The era of user and entity behavior analytics (UEBA) and identity analytics (IdA) security solutions had arrived, and none too soon.”
As in each of the following chapters, an expert perspective is offered by a leading CISO or CIO. Gary Eppinger explains how data access is changing with examples from Carnival Corporation. He describes symptoms that reveal security defenses are a problem today, discusses business vulnerabilities in today’s changing environments, describes security driving business value, shows how insider threats lead to data breaches, describes growing concerns about privilege misuse and compromise and gives examples of how systems around the world affect hybrid environment security.
As with other experts, Mr. Eppinger focuses on key identity solutions needed in our constantly changing security environments. “If you don’t know who your users, your employees and your customers are, then you have no chance of ensuring you’re giving the right access at the right time.”
The answer: Utilize new UEBA and IdA solutions to analyze the staggering scale of big data. He describes how we cannot have identity management is silos anymore to be effective, and machine learning adoption can lower false positives. “We’re improving on filtering the false positives as we get deeper context from our peer group baselines and mining the big data more effectively.”
To address a balance between people, process and technology risks in the enterprise, Carnival has adopted a holistic approach to centralized identity that uses machine learning to examine big data trends and minimize alerts.
Chapter two looks at the compromise and misuse of identity. The chapter describes terms in detail, such as identity consisting of users, their accounts, access entitlements, and activity on-premises and in the cloud. Some quotes that I really like include: “Identity is the easiest doorway into your network… the quickest pathway to the enterprise’s kingdom of value assets.”
Jerry Archer describes why some current security approaches are failing and vulnerabilities in the status quo security. “A number of organizations are moving to a solution which is not searching for predefined specifics, but looking for actors doing something nefarious.” Also, “There will be seismic shifts in security, away from the perimeter-based models.”
Jerry describes security measures against insider threats and factors influencing UEBA adoption as a security supplement. He describes the need to focus on outbound traffic as much as inbound data in motion. He also observes that 60% of cyberthreats are at the endpoint, and manual solutions will no longer be effective moving forward. The problems with excess access, access outliers, and orphan or dormant accounts must be addressed for enterprises to have any hope of cyberdefense success.
My Favorite Quotes from the Book
Besides the quotes already offered from the first two chapters, here are my favorite quotes from the book:
Joe Sullivan (from chapter 3):
“Most of the existing security defenses have been built for a model of an enterprise technology architecture that no longer exists.”
“The more of this qualified anomaly identification that can be performed with technology, and the less the security analysts have to surface for manual review, the better.”
“If you have a technology that sees what all twenty analysts would have seen, and it’s ingesting data from many more different angles and perspectives, then everyone on the team is working at a much higher level of performance.”
Teri Takai (from chapter 4):
“It’s quickly reaching the point… where it’s impossible for organizations to keep up with the threat vector.”
“The only realistic approach now is to move into a machine learning environment where the comprehensive visibility, monitoring and analytics can be set up based on the behaviors observed and reliable effective alerts can be provided.”
“Security leaders must now assume that external actors are in their infrastructure. This urgently reinforces their prime mandate: protect your data.”
“Before, they had to identify, and manage the red and the green – the bad and the good activities. Now they must also manage and monitor the massive amount of gray – the unknown unknowns – in their environments.”
Robert D. Rodriguez (from chapter 5):
“We’ve moved from finding the needle in the haystack, to finding the needle in the haystack of needles….”
“People are jumping the perimeter all the time. Most are good people, with legitimate behavior – but not all – and that’s where the danger lies.”
“Sometimes, just to establish identity becomes tricky because there are so many handoffs, so many proxies, so much masking, and all the required procedures to make sure you are able to have the right attribution.”
Leslie K. Lambert (from chapter 6):
“Because this data was underutilized, the victim company left itself wide open to several types of compromises.”
“What makes it difficult to detect insider threats like this one is context, or more accurately, the lack of it.”
‘Without machine learning, normal patterns of discovery and response cycles for this type of attack would be in the range between months and years.”
Gary Harbison (from chapter 7):
“Security teams often find themselves duplicating and rebuilding controls several times based upon what IaaS/ PaaS environment they’re migrating to.”
“Context and scale are other critical factors in assessing BYOD security policy. It’s not one size fits all.” [Note: Meaning that the sales team is different from product development or research team….]
“UEBA provides analysts with the deep data insights they’re not getting today, yet which allows them to drive additional value from their existing data sources.”
I highly recommend that CxOs, security architects and other technology and security professionals read this book. I am going so far as to say this is a MUST READ for understanding the next generation of security solutions – especially related to the area of identity.
Why? The definitions, perspectives and unique industry experience poured into this book provide a great resource. I also think undergraduate and graduate cybersecurity programs around the country should consider this book as a text book and/or reference for a variety of topics related to security, technology and business leadership academic disciplines.
I thoroughly enjoyed reading this book. I also learned quite a bit, but it does take concentration and focus. It is not a quick or "light" read, although you can break it up and read the chapters one at a time over several weeks, which is what I did.
Finally, there are many one-page data breach examples with lessons learned. All of these positive aspects make Borderless Behavior Analytics an outstanding book for technology and security professionals, and a resource that I recommend without hesitation.
Sat, 22 Jul 2017 05:00:56 PDT
Seattle Appoints Smart City Coordinator
In March of this year, things were different. Bruno Mars topped the charts, the latest installment of the Fast and the Furious franchise had yet to be released and Sean Spicer was still U.S. press secretary. It was also the time when Seattle put out a notice that it was searching for a new Smart City Coordinator.
On July 20, the city officially announced that it has appointed Kate Garman to the position, where she will help implement and manage smart city projects, partnerships, systems and platforms. According to a city blog post, Garman will help coordinate smart city efforts across multiple departments and agencies.
The city’s departments of transportation, fire and public utilities all have plans underway to implement Smart City projects in the coming years — projects that will streamline traffic flow, foster economic development, and enhance aspects of the city’s livability, workability and sustainability.
“Seattle strives to become a smarter city, responsibly use new technologies and data to improve our community’s quality of life. This means bringing together stakeholders from across the city to understand when these technologies can provide value, and to facilitate deployment in a manner trusted by our community,” said Chief Technology Officer Michael Mattmiller in the blog post. “We are excited to have a proven leader like Kate help us advance our efforts in this space.”
Garman moves to Seattle after working for Kansas City, Mo’s., Office of Innovation for the last two years. As an innovation policy analyst, she served as the legal and policy analyst, and drafted ordinances and policy recommendations to foster a culture of innovation in the city.
“Kansas City is a model for how cities can use technology to operate more efficiently, provide better service, and improve people’s quality of life,” said Seattle Digital Engagement Director Jim Loter. “I’m very excited that Kate is joining us in Seattle to help accelerate our smart city work.”
Earlier this year, Kansas City installed smart kiosks along a connected corridor, implanted sensors to help monitor available parking and just launched a pilot mean to predict potholes.
“I’m really excited to bring my experience and knowledge from my work in Kansas City to the Smart City Coordinator position in Seattle,” said Garman. “This work will be important in the future innovation of Seattle, and I look forward to working together with city departments and connecting with the community as we move forward.”
Fri, 21 Jul 2017 04:30:00 PDT