If you’ve done any looking into hosting services, you’ve likely realized how many options there are out there. Prices and features range drastically from one service to the next. But what does it all mean? How can some hosting services cost so much more than others?
Continue reading
If you work anywhere in the healthcare space, you’re probably very familiar with HIPAA compliance. Passed in 1996, the Health Insurance Portability and Accountability Act provides rules and guidelines for healthcare access, health information storage, health insurance, and more.
HIPAA consists of five primary parts or titles:
While HIPAA provides an important function of protecting the health coverage and personal information of individuals, along with reducing fraud across the industry, it can get a little confusing.
Arguably the most complex section of HIPAA is Title II, which among other things, covers how information is stored and accessed. Since almost everything is digital these days, that means Title II covers your hosting, server, and network setup.
Failure to follow the proper requirements of HIPAA Title II can put your customers personal data at risk, not to mention result in some serious penalties. It’s very important that all of your information is stored securely within a HIPAA compliant system.
Of course, HIPAA extends beyond hosting, covering IT areas such as account access, password management, and more. You also need to be mindful of working with external vendors and third parties, as they bring additional risks and requirements regarding your data.
By itself, the world of hosting and IT support is very technical. When you add in HIPAA compliance, the complexity multiplies. That’s why it’s best to utilize an experienced IT team that’s well versed in HIPAA compliance.
At DataYard, we offer a wide range of services for companies and organizations that operate under HIPAA. This includes private cloud hosting at our data center in Dayton, Ohio that meets HIPAA and HITECH requirements. Additionally, we can provide you with consultation, on-going support, and threat protection so that all of your technological and digital fronts are covered.
You don’t need to understand all of the complexities of HIPAA Title II. You just need an IT team that does. Contact us today!
Now available by popular demand, DataYard has created a brand new offering under a brand new division, At Your Service. AYS will help regional companies with all aspects of business IT – whether it is managing existing workstations and servers, migrating to a VoIP phone service, upgrading network equipment, or guiding your transition to the cloud – DataYard has you covered.
For over two decades, DataYard has helped thousands of local businesses use technology to improve business efficiency and reliability. But we noticed that we were getting more and more requests from clients to assist with projects beyond just Internet services or hosting projects – they needed help with technology inside of their businesses, and turned to us for advice. AYS is an answer to those questions and needs, and DataYard can now bridge the gap between on-premise IT work and cloud-based hosting services.
We’ve built some great partnerships over the last twenty years – with Microsoft, VMware, and Cisco, to name a few – and these relationships make it possible for DataYard to be your full-service, end-to-end IT partner. If you have a problem, project, or just want to talk through an issue, give us a call – DataYard is here to help you make IT better.
On June 1st DataYard officially brought on two new summer interns for a specific and pretty cool project – to explore the Internet of Things (IoT)!
The chosen ones – Owen Devine and James Kinion – will be working with us through August to design, build, and deploy mobile units which report not only their own geographic location, but a slew of environmental variables as well. While we have a vague idea of how we at DataYard might accomplish this task, the interns have been set free in a sea of low-cost devices which when used together can accomplish almost anything.
We’re makers here at DataYard, and are super excited about the future of the IoT space. We got a 3D Printer for the office last Christmas, and Eric Wright has probably burned through twenty pounds of PLA over seventeen generations of a custom-fit phone Heads Up Display for his road bike. We built our own big-screen network status and reporting display, have daily DJ battles on a Raspberry Pi3 via Airplay to the MusicBox interface, and a Retrobox Pi3 for SNES emulation is coming soon – not even mentioning the custom solutions we put in place for clients every day.
We’re hoping to support the future of the IoT movement by getting some sharp young minds playing the field – and we plan to do that while deploying additional (and mobile) environmental monitoring to our data center – stay tuned for updates on DataYard’s continuing quest to innovate and create ways to Make IT Better!
DataYard is proud to announce our latest partnership with the Mikesell’s Snack Food Company – the oldest potato chip company in the United States! Since 1910, Mikesell’s has been manufacturing and shipping delicious treats from right here in Dayton to the surrounding tri-state. DataYard and Mikesell’s were introduced via mutual partners and Technology First relationships, and we began discussing a full-scale technology redesign and refresh in May of this year.
Mikesell’s had an interesting predicament, albeit not out of the ordinary – recent restructuring of the internal technical team had brought with it a change in long-term vision and strategy. Mikesell’s new CIO, Steve Hangen, wanted to shift the focus of the internal technical resources away from supporting local servers and towards supporting internal processes. However that didn’t remove the reality that there were multiple (and fairly critical) line of business applications running internally on antiquated hardware. Pair that with an Internet bandwidth bottleneck and an outdated DR strategy, and the risk to business continuity was enough to make anyone sweat.
After months of planning and fine-tuning, DataYard and Mikesell’s finalized our strategy and partnership at the end of August. In a few separate installments, I’ll be describing the individual goals of the overall redesign – the how, what, and why.
I’m looking forward to sharing the details of these projects as DataYard knocks them out, one by one – starting with a description of the network topology redesign and deployment, coming soon.
Mikesell’s is a historic brand with deep roots in Dayton, and we are very excited to begin a long and successful partnership – stay tuned!
Recent headlines on a new Linux exploit have been spectacular:
The vulnerability lies within the Grub2 bootloader, a password management system used by some Linux systems upon startup. Unpatched, the exploit would cause the system to reboot or bring up a Grub rescue shell granting the user a full set of admin privileges — within the rescue function only.
What is the real danger? Ryan Chewning, DataYard Linux Systems Administrator, sees these as largely sensational pieces. “The exploit requires physical access to the Linux system, first and foremost,” he says. “Additionally, it is my experience that the feature being attacked is not widely used in the first place.”
Our bottom line? If you’re hosting in DataYard’s managed Linux environments, you need not worry. Physical access is controlled and systems are constantly updated with all necessary security patches.
As always, if you have any questions or concerns, please let us know!
Once A Month Meals (OAMM) is the premier site for all things freezer cooking. From their patent pending MenuBuilder product to the bustling community of members who love to cook and have fresh food on their table without the hassle of cooking from scratch every night.
In early March, OAMM launched a five month long project that was focused on bringing a streamlined experience to visitors and their current members. All facets of their technology were improved. The site design upgrade was the most notable, and it now focuses users on their lists of carefully curated menus and recipes. This change makes it much easier to search menus, recipes, and become a new member if the visitor chooses.
Joel Taylor (Technical Director for OAMM) said that the project was a huge undertaking as there are many different technical facets to how OAMM operates.
“OAMM runs on two custom Ruby on Rails apps, a WordPress install for its frontend and an Ember.js frontend for MenuBuilder. We built a new API from MenuBuilder to enable dynamic content to flow through WordPress to our visitors and members. Previously menus and recipes had to be published in both systems, and human error had twice the chance to introduce itself – not to mention double the workload. Now, we publish in one system, and it automatically populates throughout all our apps.”
Joel mentioned that DataYard was critical to their success in providing dedicated support throughout the redesign process for their server infrastructure needs.
“We had a couple meetings with DY in person discussing the new goals of our site and what technology we’d need in place to make our page load times sub three seconds. We have five web nodes all communicating to each other and three caching systems. If anyone knows WordPress well, they know how critical it is to cache well. We couldn’t just flip on page caching due to dynamic content for our logged in members, therefore caching our API responses and other pieces of communicated data was vital for page speed. Being able to talk through our infrastructure options with DY was one of the best hosting provider experiences I’ve had.”
The OAMM team worked very closely with their long-term partner, Sparkbox. Sparkbox provided OAMM with content strategy, their new design and a lot of the heavy lifting on the API.
“OAMM came to Sparkbox several years ago with a belief that families should eat together. With this vision, we helped them turn their previously cumbersome, manual process into a robust, customized piece of software that allowed users to create their own freezer menus—thanks to the years of experience the OAMM team already had in perfecting menu plans. We were excited to work with OAMM during the redesign to turn this robust backend system for managing menus and recipes into an API that now drives the entire site. The redesign also included updates to the brand to further evolve it into the smart and approachable product it had become. It has been a lot of fun to help grow and adapt the site with the OAMM team.” – Rob Harr, Vice President, Sparkbox
Tricia Callahan (President and Owner of OAMM) says that the redesign project had been long overdue.
“The greatest goal for our recent redesign was to create a cohesive experience for our users between our community and our product. As we worked to achieve this goal, it was important that we also increase site performance and functioning. This was no easy task as we have several appliances feeding into our WordPress site so we knew we needed some unique solutions. Throughout the process we received tailored support and recommendations from the DataYard team that made the cumbersome and delicate process of this redesign easier to manage. Most notably, they took their time to carefully consider how these changes could be made without disrupting the experience of our current users, giving me the peace of mind as a business owner.”
DataYard was thrilled to be a part of the project, and is proud to continually deliver the service, uptime, and performance that any high volume and subscription driven site demands. From both the technical and business perspectives, the match is one made in heaven.
“Working with Joel at OAMM on their environment is always enjoyable and collaborative. Continuing to improve the site performance – from an infrastructure and server application perspective – is always the primary goal, and something I’m happy to be a part of.” – Ryan Chewning, Systems Administrator, DataYard
“The intersection of creative firms and DataYard as an infrastructure partner is one which seems incredibly natural. Every project I’m involved in with folks like Tricia, Joel, and the team at Sparkbox is awesome. When design, development, and infrastructure work together towards a common and communicated purpose, it’s a beautiful thing.” – Alek Mezera, Account Manager, DataYard
Visit Once A Month Meals’ site for delicious inspiration and membership information!
“By failing to prepare, you are preparing to fail.” –Benjamin Franklin
WordPress vulnerabilities and exploits have filled the press lately, with 3 urgent security releases in the past month alone. The popular content management service (CMS) powers nearly one quarter of the web, making WordPress a ripe target for exploitation and a big concern for website owners and visitors to those sites.
A recent study from W3Techs shares that 47% of WordPress users only back up their sites “every few months,” with 25% saying they’re not trained in using WordPress at all. If exploited, however, nearly 25% say they would pay “almost anything” to get the lost data back. Add that to another 20% who would pay “several thousand dollars” to recover, and we’ve got almost half of WordPress users who recognize the price of inaction.
Why are these sites so vulnerable? In failing to prepare. Nearly half of the respondents reported having no IT or Website Manager. They are using WordPress because the CMS makes editing and adding site content easy for an everyday user. Sales and marketing teams are often left minding the shop with little to no technical training on the backend of the website.
WordPress itself is very responsive when it comes to releasing updates to patch holes as they come up, but they have to be implemented.
If you’re using the fully hosted WordPress.com solution, then the updates are part of the package. If you’re using the self-hosted WordPress.org solution, then it’s up to you to be prepared. (Not sure? More here.)
On self-hosted websites, the key is in how rapidly the security updates and patches are adopted. Security updates and patches are boring maintenance items, often not included in the overall website plan.
Walking through the door to Customer Service, you see they’re really hopping already with email, chats, phones… Wow! Then, you catch the conversation in the room, and you realize there’s something wrong. Really wrong.
The site is not doing what it’s supposed to be doing. Content has changed. Customers are being redirected to odd places. They report suspicious pop-ups and installation requests. Some even, trusting you, have allowed these things to run.
Your website is doing a lot…of all the wrong things. You’ve been hacked.
Websites drive revenue, provide information, collect donations, and communicate on your behalf. When the site stops working, your mission and reputation are in jeopardy. If you collect information on your users, breach of privacy may open you up to additional cost and liability.
Designers and developers build content, behavior, graphics, features, shopping carts, etc. It’s tested and then deployed to a hosting provider. After a final check, the keys are turned over to the company. If it’s up to you, what do you do?
First, WordPress is not alone. Open-source (WordPress, Drupal, Joomla) and proprietary CMS platforms are all susceptible to exploit.
As a hosting provider for many self-hosted websites built on a variety of CMS platforms, what do we see? How do successful sites not only launch, but also remain secure and successful?
Communication is the key. When you’re building your website, get everyone together, and keep them talking on a regular basis. Ask a lot of questions along the way.
Remember that survey. Nearly half of site owners would spend thousands, if not “almost anything” to recover lost data. That’s a lot of Benjamins.
It is like a good insurance policy, and a better use of resources, to plan for maintenance instead of praying and paying for miracles after you experience a loss.
IT resources are needed to manage and maintain the live website. You don’t have to be that expert yourself, but don’t forget to budget for routine maintenance and updates when you’re allocating IT resources.
If you don’t have in-house expertise, consider a management agreement with your developer. Like oil changes for car, it’s part of the price of ownership.
Know your hosting provider.
Not all hosting providers are created equal. Your hosting provider should be an active partner: at a minimum, keeping the Windows- or Linux-based infrastructure stable, secure, and updated in its own right.
As a provider ourselves, we’re a bit biased here at DataYard. We think that a hosting provider should be so much more!
Customer service and support expertise are vital. At DataYard, we love being included in a website’s overall design and development from Day One. We’re experts on our hosting platform, the options available, and maximizing the architecture’s performance for your site.
We talk to you about the site architecture itself, and making sure it’s backed up on a regular schedule. Regular backups mean no mad scramble to see if anything can be recovered.
“When we work with the developers as a site is under construction, we look for bottlenecks to performance,” shares Ryan Chewning, DataYard Systems Administrator. “Most security plugins in WordPress, for example, are incompatible with one another even when they’re fine separately. Some of the security plug-ins help drop malicious connections rapidly, keeping system resources readily available.”
For those building a new website to replace an existing site with active customers, we have extra considerations. Ryan explains, “The user experience during any change is important, from incorporating plug-ins that seamlessly bridge site versions to minimizing any downtime needed to complete the transition.”
The relationship with your hosting provider should not stop when the site goes live. Active management is a valuable element to keeping your website healthy. A DataYard managed account is monitored for performance. With success and more traffic, needs change over time. Ryan concludes, “We watch for performance degradation and make proactive recommendations to keep the site growing along with you.”
What next?
Since your website ties to your bottom line, the bottom line is that you don’t want to trust it to just anyone. If you’re not sure what you have, now’s the time to ask. If you need some help looking at where you are and where you want to be, remember to ask your trusted partners here at DataYard.
This week the “Venom” vulnerability was announced, affecting a number of virtualization systems, like Xen, KVM, and VirtualBox (http://www.zdnet.com/article/venom-security-flaw-millions-of-virtual-machines-datacenters/). Hackers can use the defect to exploit flaws in code written more than 10 years ago, a virtual floppy disk controller, to shut down the hypervisor. With the hypervisor disabled, a hacker would then able to access the virtual machines of other people or companies running on the same server.
Prior to Wednesday’s announcement software makers developed patches to close the door to the exploit, but not all hosting providers have been able to roll the patch out to their affected systems. As a result, a number of virtualization platforms running these distributions remain vulnerable to possible exploits.
Since our systems are built on VMware, DataYard’s cloud infrastructure is not vulnerable to this exploit. Microsoft’s Hyper-V and Bochs are also not affected by this bug.