While most city dwellers enjoy the benefits and conveniences that come along with living in a metropolis, they’re also well-accustomed to the perils and annoyances that city life brings. Even the most picturesque communities can come with dangers, risks, and nuisances lurking just around the corner. The sudden jolt of hitting an unexpected pothole can turn even the most mundane morning commute into an experience that’s literally bone-jarring. That abandoned car across the street can quickly go from being a neighborhood eyesore to becoming a public safety issue. Graffiti is yet another problem that creates quality-of-life and policing concerns.
A couple years ago in Omaha, Nebraska, the mayor brought constituent service to the next level when she established a Mayor’s Hotline to take incoming calls from residents about road hazards, abandoned vehicles, and other civic annoyances. It proved so popular, calling the Hotline often returned a busy signal. To alleviate phone congestion, the Hotline was moved online to be serviced by city employees working in a Google Groups Collaborative Inbox to create a queue of public works requests. City workers then assign the requests for abatement and inform the requester of the resolution.
That’s just one powerful example of how organizations, including many cities, counties, and other local governments, have jump-started their digital transformation. In Nebraska, the City of Omaha and Douglas County have been at the digital forefront by moving many services, like the Hotline, to a cloud-based delivery model. They’ve been honored for their efforts by consistently ranking in the Center for Digital Government’s top 10 leaders in government digital transformation. To accelerate digital transformation across their governmental agencies, the city and county combined their IT departments to create the Douglas Omaha Technology Commission (DOTComm), the joint public agency that serves their total IT needs.
DOTComm provides technical support and consulting to more than 70 governmental entities in Omaha and Douglas County for 7,100 dedicated public servants to better meet the needs of local residents.
Originally a Microsoft Office shop, DOTComm and the government users they serve got to a point where the capacity limits of their email inboxes made it impossible to do their jobs. The workaround of moving old emails to an archive folder, or PST file, didn’t alleviate the problem. With a capacity of only 50 GB, PST files can easily become corrupted by large email attachments like slide decks, text documents, and videos.
Even when users didn’t exceed the capacity limits of their PST files, they found the value of their old emails diminished because search functionality isn’t supported by Microsoft within archive folders.
“Microsoft Office offers no capability to search through the multiple archive histories our users have inside of Outlook,” said Vijay Badal, Director, Applications & Analytics at DOTComm. “If I ran out of space in Outlook, I’d need to make room by moving emails into a PST file. But I’d lose the ability to do keyword searches in the PST file.”
Lack of collaboration
In addition, when a file is emailed in Outlook, it creates multiple versions. Then when the recipients reply, all their file edits must be correlated with those of the document owner. DOTComm users needed a way to collaborate on documents where different authors and editors could work together in real time on the same document.
Unauthorized Chrome extensions
On a different front, DOTComm suspected that a number of Chrome extensions were in use that didn’t serve their public service mission and could pose an unnecessary risk of information leakage. For example, an online pinboard extension, which didn’t serve any DOTComm business purpose, asked for an excessive number of data permissions.
“We mandate Google Chrome as the default browser for all our employees,” said Badal. “Some of their Chrome extensions were quite questionable, but we didn’t know how many extensions were in use or how to manage them.”
Another issue DOTComm had with their Microsoft environment pertained to security. Many users created network shares. However, DOTComm couldn’t track them and they didn’t have visibility into individual folder and file access privileges.
“Network sharing is incredibly easy within a Microsoft environment,” said Badal. “And DOTComm users were taking chances by assuming that only the correct people had access.”
To solve the problem of limited email capacity, DOTComm looked to Google Workspace. After consultation with Google Cloud, DOTComm selected Google Cloud Premier Partner SADA as their implementation partner.
In preparation for the go live, SADA migrated all of DOTComm’s users’ PST files and Calendars from Microsoft Exchange to Google Workspace so they would have them on day one.
Anticipating questions from users after going live, DOTComm set up a call center for incoming queries. When calls came in, call center agents would enter the questions into a spreadsheet, and the SADA personnel would type a response in real time.
“We felt so excited for go-live week and very supported knowing we had SADA folks on site for escalation questions. Every hour, people in the call center were logging questions into a Google Sheet. SADA staff would answer inside of the Google Sheet, telling them, ‘OK, this is how you approach this question,’ or ‘This is where you find the necessary information.’ It was really a wonderful handhold.”
Vijay Badal | Director, Applications & Analytics at DOTComm
Whitelisting Chrome extensions
SADA also performed professional services for DOTComm to restrict the extensions available in the Chrome browser to only those that serve a business purpose. The solution was to make users log into Chrome to enforce a whitelist of extensions. But how can you force users to log in and how do you create a whitelist?
Acting on SADA’s recommendation, DOTComm defined a Chrome management Context-Aware Access policy for all user computers through the Google Admin console. Unless users log into Chrome, they cannot access their Workspace apps. After users log in, DOTComm would now have visibility into what extensions existed and how many were in use.
Once Chrome logging was enforced with the Context-Aware Access policy, SADA showed DOTComm how to create whitelists for permitted extensions and blocklists for restricted extensions. Users could also make requests to have restricted extensions moved to the whitelist. “DOTComm created a workflow for employees to request an extension through a Google Form,” said Badal. “The security team would then investigate the extension and either add it to the whitelist or block it.”
As a result of the migration from Microsoft Office to Google Workspace, DOTComm users have as much email capacity as they need. Storage is no longer a problem, and searching within Gmail is fully supported.
“In Gmail, users have unlimited archiving and search capabilities,” said Badal. “In comparison, Outlook capacity for inboxes is limited and PST files for archiving emails don’t allow searches.”
DOTComm users also no longer have to email documents to collect edits from everyone working on the same project. They now create documents, slides, spreadsheets and other files in Google Drive where they can all collaborate in real time.
“We really needed Google Drive to serve as our centralized storage repository to enable holistic collaboration on our team. Now you can see file changes immediately, complete with version history. This form of collaboration is really vital for us and allows us to implement a number of new workflows.”
Vijay Badal | Director, Applications & Analytics at DOTComm
Also, when Google Workspace with Google Drive went live, untrackable network shares and folder and file sharing became passé for DOTComm. “Using Google Drive, with one click we can see who has what level of access to a particular file,” said Badal. “If access privileges changes are necessary, we can make those changes immediately.”
For whitelisting and blocklisting of Chrome extensions, results became clear almost immediately. “Once everyone was required to sign into Chrome, we started getting reports,” said Badal. “We could actually see what extensions people had installed on their browsers.”
DOTComm users had installed more than 4,000 different Chrome extensions, counting out-of-date versions. DOTComm cut the number of extensions by over 50%, significantly reducing the attack surface.
“DOTComm wholeheartedly recommends Google Workspace as the best large-scale solution for collaborative and secure file sharing,” said Badal. “SADA has helped us tremendously with Workspace and Chrome security and by consistently educating us on changes as they come out. We continually reach out to SADA for Google Cloud roadmap updates to ensure that we stay abreast of new innovations. We know SADA has the information and the support that we need.”