The last few weeks have been full of exciting announcements for Dayton’s downtown revitalization and we just want to thank a few of the people we see investing their time and passion into our home.Continue reading
Earlier this month was Safer Internet Day, which is a day dedicated to creating awareness around safe internet usage mainly geared towards children and teens. I realized this topic didn’t exist when I was growing up. Think about it for a second. I am in my mid-late twenties and I have had more years with dial-up internet or no Internet at all, than I have with anything close to the high speeds we have today. I’ve grown up with the Internet quite literally. When I was a kid, teachers and parents were just trying to grasp the concept of the Internet and how it was used, let alone talk about how to safely address it. For this reason, I’ve taken it upon myself to catch all of us up on some quick Internet Safety Tips.
Creating complex passwords and changing your passwords regularly can go a long way. That means moving past the passwords like ‘Password123’ and ‘Jacob19’, onto more creative phrases and symbols. It is also beneficial to use different passwords for your different accounts and websites, rather than using the same one across the board. For this reason, I would recommend using tools like LastPass, KeePass or 1Password to help keep track of all of your different passwords. These tools can also be set up to remind you to reset your password every couple of months.
Public Network Security
Free public Wi-Fi has essentially become a basic utility, making the internet easily accessible virtually anywhere. This is also making users increasingly vulnerable. The challenge with public Wi-Fi is that it’s often unsecured, making it easy for hackers to access your device. If you want to utilize public Wi-Fi in a secure manner, you can purchase a Virtual Private Network (VPN). A VPN is a software that will provide you with a secure connection to the Internet.
At Home Network Security
Taking a comprehensive look at your home network will allow you to have peace of mind when you are connecting to the Internet at home on your various devices. Changing administrative passwords and implementing a few precautions can make your connection much safer. For a checklist on securing your home network check out our Securing Your Home Network blog.
Many times, Internet browsers themselves provide Safe Browsing functions (see Google). However, you can go an extra step and retrain yourself on not giving away personal information, avoiding questionable websites, only downloading software from sites you trust, and increasing your browsers security settings.
- Click Smart – don’t click on sketchy links or ads
- Share Selectively – don’t just share your personal information with anyone
- Shop Safe – when shopping online always make sure to look for https
Keep an eye on the addresses of the sites you are visiting. In the address bar for your website, you will see either HTTP or HTTPS (more about the difference) which represents how data is transferred between a web server and a web browser. With an HTTPS site, the data is encrypted, which keeps your information safe. This is extremely important for any online shopping or banking, and any site taking your personal information. You need to make sure that it has encryption.
Stay Up to Date
Staying up to date on the latest operating systems (OS) and software/application versions will ensure that you have the most up-to-date security measures in place. We recommend turning on auto-update when applicable.
If you have more questions about making your home a safe place please feel free to reach out to us on social media or at firstname.lastname@example.org
- Safer Internet Day – http://saferinternetday.us/
- Google’s Commitment to a Safer Internet – https://privacy.google.com/safer-internet.html
- Department of Defense (NSA) Recommendations http://dodcio.defense.gov/Portals/0/Documents/Cyber/Slicksheet_BestPracticesForKeepingYourHomeNetworkSecure_Web_update.pdf
On April 3rd, President Trump signed legislation repealing the FCC’s privacy regulations. As a result, Internet Service Providers (like DataYard, AT&T, Spectrum, etc.) can now quietly gather, store, and sell the Internet histories, communications, and usage patterns of everyone they provide Internet access to. The legislation goes further, by placing restrictions on the types of privacy guidelines the FCC can attempt to institute in the future. If you’re reading this on a screen, this action covers you at this very moment.
I’ve worked at DataYard (and previously DONet) for 11 years, four of those as a Systems Administrator and Data Center Engineer. I know first-hand the level of access that ISPs have to customer data, and the gravity of that access. We have a mantra at DataYard, “with great power comes great responsibility”, attributed to either Voltaire or Ben Parker, depending on who you ask. It is incredibly true in this and many other industries and vocations, but as more and more of our daily lives are driven online…well, ours is a unique business. We at DataYard make it our practice to log only the data we need to maintain our systems and provide the best customer service to our clients. We’ve got a database with your address in it, but so does Trader Joe’s.
If you are a business owner, work with Intellectual Property (IP) or Personally Identifiable Information (PII), are a HIPAA covered entity, or simply don’t want your personal preferences and business browsing data tracked and categorized – this new reality is an uncomfortable one. When ISPs begin to track, store, and replicate this personal data, it exponentially increases the potential attack footprint for malicious access. We’ve all heard about the Target / Yahoo / Verizon / [insert name here] hacks. Can you imagine the fallout if those companies had the last four years of your Internet usage stored and indexed for the taking?
We at DataYard want to publicly voice our disapproval of these legislative actions, undertaken with the sole purpose of opening new profit centers in an exploding industry. We know better than most the implications this decision has. It’s our business to know. Every customer we work with can rest assured that DataYard is not, and will not be, interested in the collection or sale of your communications and activities.
In a time when every move is tracked, every bit is stored forever, and everything is for sale, promising to forgo those profits is a radical move. But it’s a promise we make proudly.
See more: Dayton Daily News story here.
Beer and Pizza to Celebrate Sysadmins!
Here we are again! The last Friday in July is annual Sysadmin Day – a chance to recognize those individuals toiling in the shadowy boiler-rooms of the Internet who keep the world at large running smoothly.
We’ll meet at the Dayton Beer Company around 4PM, have some local craft beers and Pizza Factory ‘za, and later dump a cooler of Mountain Dew on the crew (or at least one of them). Please join the DataYard team in raising a toast in a celebration to these IT heros!
Planning to Attend? Seating is limited, so if you’re planning on coming to our Sysadmin Day celebration this year head over to our Eventbrite page and reserve your free ticket now. Bring a couple of tech friends with you and have a great evening, on us.
Pick up a copy of our Sysadmin Day poster, too.
This week the “Venom” vulnerability was announced, affecting a number of virtualization systems, like Xen, KVM, and VirtualBox (http://www.zdnet.com/article/venom-security-flaw-millions-of-virtual-machines-datacenters/). Hackers can use the defect to exploit flaws in code written more than 10 years ago, a virtual floppy disk controller, to shut down the hypervisor. With the hypervisor disabled, a hacker would then able to access the virtual machines of other people or companies running on the same server.
Prior to Wednesday’s announcement software makers developed patches to close the door to the exploit, but not all hosting providers have been able to roll the patch out to their affected systems. As a result, a number of virtualization platforms running these distributions remain vulnerable to possible exploits.
Since our systems are built on VMware, DataYard’s cloud infrastructure is not vulnerable to this exploit. Microsoft’s Hyper-V and Bochs are also not affected by this bug.
3 months. No reprieve.
Microsoft executives and media spokespeople are out in force, emphasizing that Windows Server 2003 is headed out to pasture, with end of life (EOL) slated for July 14, 2015 (Yes, THIS July 14). With EOL, Microsoft ceases providing updates, service patches, and support for between an estimated 1 and 12 million servers worldwide.
So, if you’re still facing this challenge, you are clearly not alone. This one’s not just a simple update, as infrastructure that supported Windows Server 2003 (WS2003) can’t handle what’s now needed: Windows Server 2012 R2 (WS2012 R2).
“If it ain’t broke, don’t fix it.”
Aside from appalling grammarians everywhere, this feeling is easy to understand. Most users don’t have visibility to the full brokenness of older operating systems. After all:
- The applications that the old systems have been running for over a decade (!) now still run.
- The systems have been that solid for that long, so support or updates shouldn’t be needed because you know they work and are used to their quirks.
- Besides, upgrading can break things and will surely make them different.
- With expensive hardware required, this is a messy and costly proposition.
Assuming that most of us haven’t been using the same toothbrush for a decade, and that we don’t expect the same showroom performance out of a 10 year old car, it’s time to face this one head on.
Why change then?
Servers don’t exist in a vacuum. They provide essential services that need to stay up and running. Failing to stay current opens businesses up to serious vulnerabilities:
- Productivity. Crashes, system downtime, and wasted personnel resources all drain energy from business tasks as you waste time fixing IT issues and patching workarounds. This costs in time and in money. It costs nearly double to fix systems that are over 4 years old.
- Security. Starting July 15, no new updates or patches means no fixes to newly found security threats. No change means risking the availability of services, the confidentiality of data, and the privacy of customers’ data.
- Compliance. Most industries have legal compliance requirements in meeting current technical standards, and customers themselves have compliance and regulatory demands included in contractual service level agreements (SLAs). Being out of compliance breaks the SLAs, resulting in fines or loss of business. Accepting credit card payments? Without updates, Visa and MasterCard are on the record that they’ll have to refuse business due to lack of PCI (Payment Cards Industry) compliance.
- Support. Most hosting companies and technology professionals will be unable to continue to support WS2003 systems. No updates means that they won’t be able to meet their own SLA requirements.
- Competition. Competitors using new technology are at an advantage. What is out of date? If your operating system is over 5 years old, 61% of your customers say you’re outdated! Moving on to the newest platform will let you more quickly add new systems, set up new users, allow for remote operation, faster response times, etc., bringing a better service to internal users and to customers. The newer platform (WS2012 R2) offers a streamlined and efficient approach for remote accessibility, more options for storage and automation, and greater security.
IT professionals know the problem and don’t really need convincing. Time being short, it’s time now to push through organizational inertia to get moving.
Since it’s not advisable to cross your fingers and hope for the best with WS2003, migration is the answer with two choices of destination:
- New assets. Invest in new replacement hardware and software for your infrastructure.
- Take it to the cloud. Take this time where migration is required anyway and move your infrastructure to a hosted solution. Divest yourself from taking on the cost of owning the assets or the headaches of managing them.
Why are we here?
DataYard’s Infrastructure as a Service (IaaS) provides a cloud solution that’s still close to home and managed by those you’ve come to trust. We understand that the ultimate connection for the technology we maintain are the people relying upon it. We give you people you can rely on to get the job done. Take it to the cloud without sacrificing control.
Our mission at DataYard is simple. We want our customers to focus on their businesses while we serve as trusted technology partners, keeping essential technology infrastructure stable, reliable, secure and redundant. Mission critical applications and data need to be available and error-free so that, like electricity, you forget about it and just run your business.
If you’re facing the migration from Windows Server 2003, you want experts on your side. 90 days is not too late to start. A review of migration stories across the web shows many successful and fairly complex migrations were actually achieved in 60-90 days. In fact, most migrations took two to three times as long to go through the approval process (“Do we have to?”) than through the actual planning and execution of the migration.
DataYard has scalable cloud options that get you out of the hardware business, while keeping your operations secure and local with people you know and trust. No solution is canned and out of the box. We’ll sit down with you to see where you are and where you need to be. Then we find you the best path to get there.
Get current now, and then stay current as technology continues to evolve. Staying with our hosted solutions will keep you current moving forward. As updates and newer platforms are released, we’ll be with you on that path together.
Each DataYard solution is tailored to fit your needs exactly, including making sure you have the level of management control over your own system that you need. Give us a call and let us help you make the best decisions you can for your business.
Your Business Demands More.
You’ve suffered under the limitations of basic email service for long enough. DataYard’s newest offering, Connect Exchange, lets you take advantage of the full suite of Microsoft Exchange and Outlook features, without the cost and hassle of buying a server of your own.
It’s time to work differently. It’s time to work smarter. Let DataYard help – talk to us today.
Ready to learn more? Contact us for a consultation.