City IT staff told the committee Thursday that a cluster of aging hardware and software creates an immediate capital need for 2026, and they asked the committee to rank an IT resiliency and optimization package.
Jerry (IT director) said the request combines three priorities: relicensing Microsoft SQL Server instances that are at end of support, replacing an aging UPS battery stack and improving cooling and fire suppression in the city’s main server room, and replacing a legacy VPN product (Cisco AnyConnect) that will reach end of vendor support in early 2027. “We still have almost 300 servers on-site,” Jerry said, and “all of those are almost all of those are at end of support.” He asked that the city’s portion of licensing and infrastructure costs be included in the 2026 CIP request; he said portions of these costs will be split with the county and North Central Health Care where systems are shared.
Jerry also outlined related IT items he called high priorities: a planned wireless access-point refresh (the city’s share is 27 access points out of roughly 360 countywide) and a data‑loss prevention / file‑tagging capability to reduce the risk of inadvertent disclosure of personally identifiable information. He said the city currently uses Microsoft mail protection but that its outbound data‑loss detection was inadequate for tagging and secure transmission and that a separate product suite would perform better and allow policy-driven blocking or encryption.
On third‑party risk management, Jerry said many cloud vendors use multiple subcontractors and that the city needs better tools to assess vendor security posture when responding to audits. He described the third‑party risk tools as valuable but a lower priority compared with patching end‑of‑life systems, securing the primary server room, and migrating the VPN to the new firewall platform the city recently installed.
The committee did not vote on funding; the presentation was informational and intended to help members rank capital requests.