Virtual Desktop as a Service Is Key to State and Local Agencies’ Hybrid Work Plans

In volatile and uncertain times, such as the coronavirus pandemic, public sector organizations need reliable productivity technology. Mission-critical workloads and sensitive enterprise data can’t be left vulnerable. Protecting them requires robust computing resources.

As public sector organizations continue to fortify and mature their desktop virtualization strategies for the new world of remote work, security and scalability are major concerns.

For government agencies at the state and local levels in particular, governments need to accelerate modernization efforts to support the new way of working.

The pandemic has driven home the need to accelerate application modernization, and solutions such as virtual desktops have emerged as a critical part of the equation. As state and local agencies seek to build new work policies, the consensus is that remote work and the technology to securely enable it are here to stay.

But how can state and local agencies implement increasingly complex systems to support virtual work for the long haul? Next-generation virtual Desktop as a Service (DaaS) environments are an essential part of the answer.

The Benefits of Virtual Desktop as a Service for Agencies

Virtual DaaS allows agency teams to partner with providers to design a work-from-anywhere strategy for an agency’s workforce. Agencies can deploy the specialized desktop solution at scale to design, build and create an overall strategy. Once deployed, agencies can streamline infrastructure, services, and solutions by continuing to use their partners to achieve success.

As public sector organizations continue to fortify and mature their desktop virtualization strategies for the new world of remote work, security, scalability, and management burden are major concerns.

Benefits to virtual DaaS solutions include a boost to productivity, an increase in flexibility, an elevation of IT teams’ efficiency, delivery of a superior user experience, and help solving workforce optimization challenges. Additionally, they promote overall productivity, as workers can access key applications anytime, anywhere, and from any device.

Another example of this offering is Work Anywhere Solutions, a virtual desktop environment built on industry-leading cloud technologies, powered by Azure infrastructure and available in the cloud anywhere. The offering provides an easy and quick transition into Microsoft 365 tools, combined with the security of the Microsoft Azure cloud and expertise from experienced partners.

Remote workers increase the threat surface for hackers looking to spread ransomware — or worse. Virtual DaaS has security baked in, providing transparency across the entire virtual landscape to monitor organizational resources and internal usage and to see — and stop — external threats.

The Future of Virtual Work in Government

The pandemic has revolutionized the way we work, and the future of work continues to evolve. While governments have undergone tremendous modernization within the past year and a half, there is still work to be done to reach premium digital service delivery.

State and local organizations are looking at how to sustain and modernize hybrid work strategies and environments for the long term, and virtual DaaS is a critical link that will allow public sector organizations to accelerate their virtual workforce strategies and journeys and securely enable remote and hybrid workforce and education capabilities.


Original article here

How State and Local Agencies Are Moving Forward on Agile

(For the purpose of understanding the following summary: The two basic, most popular methodologies are:

Waterfall: might be more properly called the “traditional” approach, and

Agile: a specific type of Rapid Application Development and newer than Waterfall, which is often implemented using Scrum (a framework that  helps teams work together).


State and local government agencies have been shedding the perception that they are not moving fast in creating new applications and services for citizens. Over the course of the pandemic, they have been using DevOps methodologies, low-code/no-code platforms, and agile development tools to create scalable and modern digital services.

A recent report from the IBM Center for the Business of Government notes that agencies are using agile methodologies for project and human resources management, policymaking, and contracting and procurement. Agile builds and tests iteratively to ensure that what is developed is what the organization wants.

The Evolution of Agile Processes in Government

There are three stages of agile adoption. The first is “infancy,” when agencies transition from waterfall to agile and have little capacity in agile methods. The report advises agencies to start with a pilot project and notes that agile teams need support with adequate training and resources

In the second, “adolescent” stage, agencies have some experience with agile, but most projects are still waterfall. The report encourages agencies to institutionalize agile acquisition procedures. It is important at this stage to cultivate an agile community of practice that extends the peer support system and fosters an ecology of agile environment in the organization.

The third, “adult” phase of adoption encourages state and local agencies to support structures put in place for agile management to “provide the institutional, technical, and contractual assistance for agile projects.” This helps make agile development routine and enables agencies to “work with vendors in iterative and incremental ways.”

An agile culture should be seen not as an end in itself, but as a way to achieve different outcomes. State and local agencies should consider agile for four main reasons:

  • The traditional waterfall management approach has had a high rate of failure
  • Agile is particularly relevant in the rapidly evolving digital era
  • Agile can be used for increasing efficiency in public management
  • Agile marks a cultural shift in management from a siloed bureaucracy to an entrepreneurial bureaucracy.


How State and Local Agencies Are Using Agile

State and local agencies have been making use of agile for a variety of government functions.

In Connecticut, the state’s Office of Policy and Management issued the “Policy for the Management of State Information Technology Projects,” which “explicitly included the scope for agile among the project management methods.” Additionally, the Governor made agile procurement a key area of focus using agile for Business One Stop, a single portal for business owners to register and manage their businesses online, and Real ID Wizard, which helps residents prepare documents for obtaining Real ID.

California established the state’s Project Management Office and designed a structure with a “focus on standardized frameworks, education, training, and tools and techniques” using agile as one of its frameworks for project management creating agile playbooks.

New York City set up the Service Design Studio with the goal of pushing the ball forward on “research, data and design to advance evidence-based programs, policies, and service delivery.” SDS has been involved in public-facing digital services, including ACCESS NYC, an “online screening tool to determine a person’s eligibility for health and human service programs.”

In Austin, the Office of Design and Delivery has worked with the city’s innovation office and has “undertaken several projects in partnership with other departments where they have employed user-centric design principles.” The ODD is guided by six principles, which are relevant to its adaptation of agile methods: Put residents first; prioritize equity; recognize that digital services require teams and competencies; cultivate a community of learning; champion iterative, data-informed methods; and support vendors that can prove value to residents.

“Agile is a mindset of organizational change,” the report concludes. “As a process of continuous improvement, agile methods themselves could evolve over time with doing, testing, and improvement.”

Original article here

How Governments Can Protect Themselves Against Fraud in Times of Crisis

As the COVID-19 pandemic unfolded, governments scrambled to provide small businesses with financial relief to weather the storm.

The U.S. federal government dispersed more than a trillion dollars in grants and loans to small businesses, most of whom had legitimate claims to qualify for aid. Some, however, were criminals committing fraud, taking advantage of a vulnerable time in the world.

There are some elements, however, that make governments vulnerable to these types of crime.

Why Emergency Programs Are So Susceptible to Fraud

Emergencies are unexpected with the pandemic upending the world at speed, putting lives in peril and economies on the brink. The world was taken by surprise, and governments were compelled to act to bolster the economy nearly overnight.

Fraudsters took advantage of the chaos, as well as the vulnerabilities that were already present across government systems—bulky, outdated infrastructure and technology that gives criminals ways into systems.

Government employees were overwhelmed with applications for Paycheck Protection Program (PPP) and Economic Injury Disaster Loans (EIDL), attempting to balance time and speed with security. Understandably, the combination of a crisis and inadequate IT infrastructure that makes sharing data more difficult created a landscape for fraud to slip through the cracks.

Preventing and Handling Fraud in Times of Crisis

During this particular crisis, fraudsters had a unique opportunity to carry out their crimes in two main ways. First, legitimate business owners who qualified for relief used their businesses to gain access to funds only to misuse them. Rather than paying their employees or addressing business damages, these recipients used the funds to enrich themselves.

Others used the cover of chaos to submit fraudulent documentation, claiming they had hundreds or even thousands of employees to pay, when in reality the business owner was the only one on the payroll.

Hindsight is 20/20, so it’s easy for government agencies to say they should have been more careful during their due diligence checks for frauds. However, they’re up against challenges that will arise again and again during the next disaster as they continue to use outdated technology.

Entity resolution and network analytics are crucial in preventing fraud. To stop fraud in its tracks, government agencies must have the ability to identify previously failed applications, to harness all the information held within all of the relevant systems, to discover the hidden links within the data. Entity resolution is an essential component to root out fraud in a digital world where high-quality data is not always readily available in times of crisis in order.

While trying to learn from their mistakes, government employees are often stuck using systems that are unable to handle massive amounts of data, leading to gaps that fraudsters leap at. In order to prevent fraud, these institutions will need to do a comprehensive analysis of what went right and what went wrong during the onset of the pandemic.

It’s impossible to predict the next crisis perfectly, but one thing is clear—outdated technology is creating problems for government agencies and leaving them susceptible to fraud, and new technology is an important element to help stop it.

Original article here

How Cities and Counties Are Prioritizing American Rescue Plan Funds

While many local governments continue to gather information and explore potential investments, some have taken steps to launch or advance initiatives made possible with fiscal recovery funds. Some examples the ICMA report includes are:

Household relief funds are helping improve low-income homes. Kenmore, Washington is a nonentitlement unit with a population of 23,000 anticipating $6 million in federal recovery funds. Officials plan to address the negative economic impacts of the pandemic and will also dedicate $1 million toward direct assistance to low-income households at 30% or below the area median income.

Varying approaches to regional broadband. In the Lake Cities region of Texas, four smaller municipalities (Corinth, population 22,000; Hickory Creek, population 4,600; Lake Dallas, population 8,000; and Shady Shores, population 2,800) have been working together to establish a middle mile/government service fiber ring, and have issued a request for a proposal for a public-private partnership, extending connections to their residents and businesses.

Investing in community resiliency. Davenport, Iowa, with a population of 102,000, received a $40 million direct allocation, and plans on utilizing public feedback and a city council prioritization process. The council approved a plan that included investments in flood migration, housing for vulnerable residents, youth-oriented programming, park and public space improvements and other infrastructure projects.

In some states, officials are using the money to help the travel and hospitality industries rebound from the economic downturn brought by the pandemic.

Other states and localities still are considering how to use their funds while some small towns are not accepting the cash because they say they either don’t need it or don’t want the burden of reporting to the federal government how they are using it.

Original article here

The pandemic taught some cities to help small businesses more

The City of Wichita, Kansas announced the launch of a new small-business portal, the latest such launch among local governments seeking to provide their residents with a level of heightened assistance that became more common during the pandemic.

Wichita’s new portal uses software from Qwally, a company that got an early boost from the Startup in Residence and CivStart business incubator programs. This new portal is designed to make it easier for businesses to do things like apply for licenses or become certified to work for the city. For the city, too, the platform offers a way to automate administrative work and more easily find small businesses that might qualify to sell their services to the local government.Now that things are getting back to normal, cities are embracing their role in small business support, realizing they need to do more and continue to deliver the services that they may have delivered under stress during the pandemic.

Wichita’s new portal uses “plain-language content” to streamline the application process for its Emerging Business Enterprise Certification program, which provides small businesses a shot at selling to the city.

In particular, some minority business-owners face an additional challenge in getting capital to bond their businesses, and that all businesses can use additional support to navigate cities’ “complex” certification programs. Modern digital services platforms like Qwally equip local governments with the means to aid small businesses.

In Mobile, Alabama, starting in 2018, the government doubled the number of women- and minority-owned businesses working with the city following an initiative to increase support for those groups. And in Kansas City, Missouri, a small-business office of just two staff members managed with the platform processed 4,000 requests within two months during the city’s peak renewal period this year.

Original article here

State and Local Governments: Time to Get Rid of Fax Machines

Faxes have mostly disappeared from the private sector, yet they have stubbornly remained a fixture for many government agencies. Given the apparent reluctance of many government agencies to fully relinquish their fax machines, state and localCIOs should set a firm date by which all agencies must stop using faxes.

It was in the 1980s that organizations widely adopted fax technology. Prior to that, in 1974, it took about six minutes to transmit a one-page document; a decade later, transmission time was cut down to less than 10 seconds. With relatively fast speeds, sending faxes became the go-to solution for transmitting documents.

Today, fax numbers are still featured prominently on many government websites, but in many cases, these digits do not serve any clear purpose — they are the vestigial limbs from an older, less-evolved form of the agency.

What is interesting about fax machines is that they are not hard to replace, so the excuses not to do so are extremely flimsy. The only real purpose of a fax machine is to send and receive paper documents. Switching from receiving documents by fax to receiving scanned documents by email presents almost no real change in workflow and certainly more people have access to email at home and work than fax machines.

While email is a logical stepping stone for eliminating fax machines, it is often possible to make significant improvements in workflow through other upgrades. Replacing faxes with web-based forms allows agencies to collect information more efficiently

It is past time for state and local governments to draw a line in the sand and commit to eliminating fax machines. Not only will this save money by eliminating printing expenses, telephone service fees, and maintenance costs, but it will also push agencies to further digitize their services and move toward web-based data collection, making it easier for individuals to submit information from their computers or mobile devices. Fax machines have served a valuable role over the past few decades, but the time has come to retire them to the dustbin of history.

Summarized by

The Time Is Right for Cities to Capitalize on IT Modernization

Government operations during the pandemic have demonstrated the power of digital services, and municipalities have a great opportunity to build.

In Newburgh, N.Y., officials modernized IT infrastructure to virtualize desktops and applications with VMware Horizon. As a result, Newburgh was prepared to work through the COVID-19 pandemic, and agencies looked at ways to adopt more digital solutions to facilitate remote work and boost citizen services.

Columbus, Ohio, also recently ­modernized its IT infrastructure, equipping its data centers with Dell EMC VxRail to virtualize compute and storage. Officials now think their city is poised for the future and capable of growing IT capacity as needed to deliver more for their residents.

Realizing its residents required more opportunities to get online at their convenience, Milwaukee established public Wi-Fi in 10 more city parks.

Each of these cities seized the moment to augment digital services for its citizens at a difficult time. The success they experienced underscores the power of this particular moment for IT modernization.

Cities Have an Unparalleled Opportunity to Modernize

With many citizens staying home in response to social distancing guidelines, recent months proved challenging for city governments that depend on tax revenue to operate. while city ­employees also had to maintain social distancing while scrambling to provide continuity of operations for citizen support.

Relief arrived in March with the passage of the American Rescue Plan Act, which allocated $65.1 billion in direct aid to U.S. municipalities

Other cities can follow these examples and strengthen government services — a prescribed expenditure of federal funds — through investments in IT infrastructure. The country has witnessed the power of expanded digital services in reaching local populations during the pandemic. With the recent boost in funding, municipalities have a rare opportunity to build upon the national modernization momentum.

Summarized from

The Downside to State and Local Privacy Regulations

As more state and local governments look to protect data privacy, a couple of industry experts point out some of the challenges associated with these types of policies.

To fight back against cyber threats, state and local governments have started to implement tighter privacy regulations. But is this trend a good thing? Or do stricter rules present more challenges than they do solutions?

According to Daniel Castro, vice president of the Information Technology and Innovation Foundation, one of the main issues with stricter privacy regulations is having no centralized rules for states to follow.

The biggest problem is states setting up a set of contradictory overlapping rules across the country, creating a serious cost on organizations and businesses that can abide by 50 state privacy laws, but different regulations across local jurisdictions.

Another concern relates to the distinction between government data collection and commercial data collection. Sometimes there is a notion that one law can apply to everything, but different data types involve different types of rights for individuals.

On the topic of governments collecting data, Castro emphasized the importance of knowing how data will be utilized in order to set appropriate privacy regulations.

For instance, a recently enacted Colorado bill has created personal data privacy rights in response to tech companies storing information about consumers. Colorado consumers will have the ability to opt out of having companies collect certain information — like which websites they’re visiting — and could decide whether to deny a company access to sensitive data like a health condition.

Another version of similar privacy legislation is Senate Bill 5062from Washington state. According to this bill, consumers will have the right to access, transfer, correct and delete data that companies hold on them.

Privacy efforts in Washington state highlighted the importance of seven privacy principles aimed at fostering trust between the public and state agencies: lawful, fair and responsible use; data minimization; purpose limitation; transparency and accountability; due diligence; individual participation; and security.

Summarized from

Wi-Fi Expansion by City and State Governments Boosts Citizen Access to the Internet.

Generally, residents with broadband can bank and shop online, post on social media, and work and learn remotely without a second thought. But for many low-income residents (according to, the percentage of low-income U.S. adults who do not have home broadband service is 43%), high-speed internet is a necessity they can’t afford — and when COVID-19 hit, their needs for fast, reliable access became even greater.

Equipping students and residents with mobile hotspots may be helpful but is enough.

In Milwaukee, pandemic relief funds were used to target 10 city parks in underserved neighborhoods ­– where up to 25 percent of households don’t have internet access at home — for wireless access points, providing internet service in the areas most in need.

Free community Wi-Fi is nothing new. Over the past two decades, local governments have increased the availability of free wireless internet at city facilities, such as public libraries and convention centers, airports, downtown areas, parks and other public spaces.

Some invest in the wireless ­infrastructure; others partner with ­companies and nonprofits with a goal of providing residents and visitors a public service while free outdoor Wi-Fi ­will also boost economic development.

The need for free broadband access became more acute during the ­pandemicwith many local governments using Coronavirus Aid, Relief, and Economic Security (CARES) Act funds to build free, public Wi-Fi hotspots.

The city of Milwaukee was among the first U.S. cities to offer free wireless internet in 2003 when it installed Wi-Fi at city libraries and two downtown parks. To expand access the city spent $100,000 on Cisco Aironet 1560 Series access points and two Cisco Catalyst 9800 Series wireless controllers to manage the APs, and another $100,000 for installation. The city deployed one AP per park and launched the Wi-Fi hotspots in eight parks.

To speed implementation, the city of Milwaukee strategically chose parks with city facilities nearby or across the street, allowing it to leverage existing network infrastructure and internet connections.

As part of its downtown revitalization effort, the rural town of Pulaski, Va., used CARES Act funds to install free Wi-Fi in its historic downtown in an effort to drive more customers to the small businesses located there.

Two months into the pandemic, Washington State’s Department of Commercelaunched a public-private initiative that now provides more than 600 free Wi-Fi “drive-in” hotspots to residents without broadband in their home. The state targeted rural areas with little or no broadband access, but also underserved and economically disadvantaged urban and suburban communities. Funding for the project came from private ­donations and government entities that offered to help, including libraries, school districts and the Washington State University system.

3 Tips for Managing Wi-Fi Networks

  1. Keep the networks separated: Milwaukee’s Information and Technology Management Division uses virtual LANs and firewalls to keep the public access Wi-Fi networks completely separate from the general internet and internal city systems, says Milwaukee CIO David Henke.
  2. Filter content: Milwaukee’s free public Wi-Fi is open and requires no password. To protect users, the city filters content and blocks residents from known malware and phishing sites, Henke says.
  3. Add redundancy: To improve reliability, the city of Milwaukee deployed two wireless controllers in ­high-availability mode, meaning if the main controller in the primary data center goes down, a backup controller in the secondary data center will keep public Wi-Fi up and running, Henke says.”


Summarized from

How State and Local Agencies Can Better Protect Mobile Devices from Hackers

Any organization could be the target of cybercriminals, but government entities are particularly attractive because citizen and operational data is deemed valuable on the open market, and critical infrastructure systems have become prime targets for ransomware threats given their community-sustaining stature. Cyberattacks against state and local agencies were up 50% in 2020. Between 2017-2020, the average U.S. municipality paid $125,697 per ransomware event. It’s critical to be proactive and disciplined with cybersecurity, even if it requires a greater upfront investment.

Regulating Access and Reducing Risk

Cybersecurity best practices can be applied in a standardized way to keep connected devices from becoming easy points of entry.

A quarter of state and local government employees are authorized to use their smartphones and tablets to conduct official business. Yet, mobile devices are among the easiest ways for bad actors to gain intel and access systems given their public exposure and traditionally more relaxed use.

That is why every employee should be issued an agency-owned, enterprise-grade mobile computer or tablet if access to government email, information or operations systems is required outside a secure office setting.

Be Deliberate and Consistent Management

Once employees are equipped with agency-owned devices, there are several best practices that can be adopted by IT teams and employees to further reduce device vulnerabilities and proactively mitigate attacks on connected networks:

  • Control the user experience. Remove apps and turn off technology services that are not needed to conduct official business. Load communications apps that have been vetted, configured, and secured for government use, such as Zoom Gov or Microsoft 365 Government.
  • Be stricter with password policies. Compromised credentials are one of the most common culprits of hacking-related breaches. So, activate user interface passwords for all government-connected technologies and require users to change them often.
  • Track devices and activity. Enable activity logs and conduct frequent audits to detect bad behavior.
  • Monitor for out-of-touch devices. Develop a method to continuously monitor for devices that have appeared offline or out of sight for a prolonged period.
  • Consider remote management. Leverage a secure remote management system to quickly update settings for all devices, especially when IT teams or workers are off site.
  • Keep the circle small. Limit the number of employees brought in the loop on your security strategy and tactics to reduce the risk of information leaks.

Plan for New Technology Solutions and Their Retirement 

Not every mobile computer or tablet has the same security capabilities, even if they run the same operating system (i.e., Android) or fall into the same device class (i.e., rugged enterprise). It’s important to understand what it will take to protect new technology solutions – and the other devices and networks to which they’ll connect – before a formal solicitation or requisition is issued.

Rugged enterprise-grade mobile devices tested and certified for government use will likely be in service for several years, and both wireless connectivity and security needs will evolve.

Multiple network connections will need to be maintained.

Frequent patches and OS updates will be required to keep devices’ defenses strong against external threats.

Permissions may need to be changed on occasion to prevent file tampering.

It’s also important to assess C.I.A. daily: confidentiality, integrity, and availability.

Enterprise system settings will need to be removed and device user accounts/ credentials deleted. Remember to disconnect everything.


Summarized from