Economics of the Cloud

Cloud Economics

For most companies, maintaining a large IT presence implies large capital expenditures and a non-trivial amount of accounting and record-keeping to track depreciation, tax considerations, and so forth. When you purchase the hardware and the software, they become yours (in every sense of the word) and your long-term responsibility.  The traditional model of enterprise computing is a capital-intensive function that requires expensive data centers (electricity, air conditioning, servers, networks, storage, etc.) and operations staff (hardware swaps, networks, backups, OS updates, upgrades, etc.) to keep it all running effectively. With an on-premises data center, you must plan and provision for maximum utilization, which is financially inefficient.

Data Center

The appeal of cloud computing includes the ability of enterprises to pay for only what they use. If demand decreases and you no longer need the assigned capacity, you can turn off systems and you are no longer charged for those systems. Since the cloud is a subscription-based model, it is an “operating expense” model. Computing becomes a service for which businesses are billed a monthly charge that is metered by actual usage. The more (compute, network, and storage resources) that you use the more expensive your monthly bill. The less you use, the less you will be charged.

Another way to save money is cloud operations frees your enterprises of the costly tasks of system backups, routine network maintenance, software patches, etc. because you cloud provider can handle these tasks.

Azure Spend

Most IT organizations find wide variations in system utilization. Some applications are seasonal and other applications run for a short period of time before being shut down. You might have other applications that are simply unpredictable and you can’t apply a cost saving model.

Building your server infrastructure in a cloud environment can save your business money and allow for greater innovations for less money.

 

Advertisements

Secrets of Hackers

b59e8-6a00d8341c534853ef0134866f5ab1970c-pi

There are a few things you can do to make your internet experience a little safer. This isn’t everything you can or should do, but these two things will enhance your everyday security without it taking a lot of effort to complete.

Disable your wireless router’s remote administration feature

This can be a very effective measure to prevent a hacker from taking over your wireless network. Many wireless routers have a setting that allows you to administer the router via a wireless connection or over the internet. This means that you can access all of the routers security settings and other features without having to be on a computer that is plugged into the router using an Ethernet cable. While this seems very convenient for being able to administer the router remotely, it provides another point of entry for the hacker to get to your security settings and change them to something a little more hacker friendly. While many people never change the factory default admin passwords to their wireless router, which makes things even easier for the hacker, you should also change the default admin password.

Beware of “Free” Wi-Fi

If you use public hotspots you are an easy target for man-in-the-middle and session hijacking attacks. Hackers can use simple tools to perform “man-in-the-middle” attacks where they can insert themselves into the wireless connection between you and the host of the free connection. Once they have successfully inserted themselves into the connection, they can harvest your transmissions, picking up the network packets that contain account passwords, e-mail, back account information, etc.  It is recommended that you use a commercial VPN service provider to protect all of your traffic when you are using free Wi-Fi networks. Costs for these commercial services start at a few dollars a month, but you can always try a free service to see how you like it. A secure VPN provides an additional layer of security that is extremely difficult to defeat unless the hacker is extremely determined.

A determined hacked can probably defeat your basic efforts to secure a wireless signal, but 99% of the time you just have to be a difficult target. When you are attacked by a bear, you don’t have to be the fastest runner, just fast than the friends around you. A similar thing can be said for Wi-Fi security. You don’t have to be the most secure user on the network, you just have to be more secure than those people around you at the time.

Threats to Corporate Security

passwords

There are things that employees do that can present serious treats to corporate security, and you might not even realize that these simple things can undermine your security efforts. If you are responsible for security at your company, you need to start investigating these issues as simple ways to improve the corporate security at your place of business by educating your team about these risks.

  1. BYOD – Bring Your Own Device is something that almost everyone does today, even at places that specifically ban this process. With smart watches, personal cell phones, cheap tablets, etc. it is almost impossible to keep employees from brings their own devices into the workplace. Many companies don’t even have format policies around what devices are allowed or what systems these devices are banded from being connected to in their environment. The risk is an employee brings an infected device into the office and connects that device to one of your corporate assets like a laptop or server. The infected device is then able to bypass the typical network security and attack that device, potentially stealing corporate secrets or customer data. Education and formal policies are the best security against this type of dangerous behavior, as well as updating your security profile to detect rogue devices.
  2. Social Media – A post on social media may seem harmless to most people, but if the post includes information about a new business project, issues with a new business system, how many servers recently we re infected with a virus, etc. these posts can be used by your business completion to gain an advantage or even used as a source of technical information for international hackers to target your business for a cyber attack. Education is your best weapon against this type of issue.
  3. Poor Technical Security – Your technical team has to always be thinking of system security. This includes assuming responsibility for securing the business systems from both internal and external attacks. The obvious security measures include strong perimeter security through firewalls and intrusion detection, but not so obvious steps around keeping systems updated with security patches, education around recent security threats,  and monitoring vendor sites for announcements about newly discovered vulnerabilities. Make sure the technical team has formal policies and procedures around periodic security checks, and that there is some oversight into the process to it stays important to the entire team.
  4. Social Hacking – Hackers and scammers don’t always attack your assets through remotely hacking your computers, sometimes they just hack your employees. It can start as a simple telephone call asking someone in your office to download a vendor update because their system is outdated and causing a data issue. That seemingly harmless update is really a program that installs an backdoor into your system that allows the hacker access into the secure network. A scammer can also call someone in accounting acting as the CEO, requesting an emergency wire transfer to an off-shore account of $50,000. You need to make sure there are policies and procedures in place that will capture these types of unusual events and route them to someone who can ask the correct questions to uncover a scam and block silly mistakes like these.
  5. Anti-Virus Software – Just because your computer is behind a firewall doesn’t mean it can’t be infected with a virus. Computer viruses can do harmless and annoying things, but they can also do some really serious damage to your corporate computer systems and even shut down your business. While anti-virus software isn’t the most important part of your network security, it is just one part of an overall security infrastructure that will help keep your network secure.
  6. Weak Passwords – Any secure computer system starts with good passwords. A weak password is useless and puts your entire network at risk. Verify the business systems your company uses require strong passwords, and make sure you educate our team to always avoid weak passwords. This education should extend past internal corporate assets to include personal email accounts, social media sites, and their personal banking accounts.

 

Why You Should Use VPN

passwords

In the beginning of the internet, you could say and do anything. You were free to search for any topic, view any content you could find, and share just about anything you wanted. You can now see that this extreme freedom is getting more and more compromised as governments look to control more of the information that citizens have access to and what they can share online. Even hackers use the internet to gain knowledge of your physical or virtual location for their own nefarious and harmful purposes. Sometime content available in one part of the world is restricted by your current geographical location.

Virtual Private Networks (VPN) extend your private network across a public network, giving you an opportunity to send and receive information across the public network as if it were a part of your own private network, with appropriate security and a degree of anonymous access.

Each VPN service can perform differently,  and not all of them provide the same level of access or security. There are other ways to achieve some or all of these goals besides VPN, but all of them have their downsides. You should consider a VPN solution if you are interested in web anonymity, but they could result in the noticeable loss of browsing or download speed.

Perform Firmware Upgrades

sql server

One of the most important components to maintaining a reliable and efficient network is keeping the firmware on your network devices updated. You know you need the latest firmware to get the latest security patches, and compliance monitors look for evidence you are performing the updates. These devices usually include managed switches, routers, wireless access points, and intrusion detection systems among other network devices. Just follow the device’s documentation to perform the update, unless the device manufacturer doesn’t provide the proper procedures for upgrading the firmware. An unsuccessful upgrade can not only result in connectivity issues, but might also render the device entirely inoperable. To perform safe upgrades, you should follow patching best practices:

  1. Back up the device’s current configuration.
  2. Reset the device to its factory default settings.
  3. Apply the firmware update per the manufacturers instructions.
  4. Reset the device to its factory default settings again.
  5. Restore the device’s configuration settings from the backup you created in Step 1.
  6. Reboot or restart the device.
  7. Test everything to make sure the device is configured properly and working correctly.

Tip: While most devices provide a soft reset and a hard reset facility, always perform a hard reset when given the opportunity.

If compliance evidence, you will need to provide screen shots of output logs from the device showing dates, times, and before/after settings. You should also log evidence of testing, which will help prove you tested everything and it was working after the upgrade.

Improving Web Page Performance

datachart

Providing a fast internet site is important for several reasons. Understanding why your site loads slowly can be difficult if you don’t understand what to look for and why some symptoms point to one solution or another. In this article from David Berry, we learn some great information on what to look for, troubleshooting techniques, and tools available to help you resolve web page loading issues.

You can divide web performance into two main areas; backend performance and frontend performance.

Backend Performance

When you navigate to a web page, the browser sends a request to a web server for that page. When the web server receives that request, it most often times needs to dynamically construct at least some of the content on that page. The time within which the server can create this content and return it to the browser is a measure of the backend performance of the page. The efficiency of your database queries, the time it takes to complete any web service calls and the performance of your C# or VB.NET code (if you are using ASP.NET) all contribute to this backend performance.

Frontend Performance

The second area of performance deals with what must happen within the browser in order to render a web page for the user. Not only must the HTML of the page be downloaded, but the browser must also download all of the other assets needed by the page, including CSS, JavaScript and images used on the page. Finally, the browser must then take all of this information and layout the page for the user. This is the front-end performance of the page.

We will use the example of loading the homepage for simple-talk.com to demonstrate the difference between the frontend and backend performance of a web page.

We see that it took a total of 495 milliseconds to download the HTML for the homepage of simple-talk.com. If we click on the first row in the table (the one labeled http://www.simple-talk.com) and move over to the timing tab, we can see a breakdown of the timing for this resource.

We want to pay particular attention to the value labeled “Waiting (TTFB)”. This figure includes the amount of time it took to process the request on the web server as well as the amount of time it took for the HTTP request to travel over the network. In this instance, this value is 296 ms, so we know that our web server was relatively fast in handling our request.

By capturing a video of the website as it loaded, I was able to measure the time it took from when I entered the URL into my browser until the point in time where the browser started rendering the page to the screen and also until the page was visually complete for “above the fold” content. After 1.97 seconds, the browser started rendering the page to the screen and at the 2.4 second mark, I had a visually complete page on my screen.

We need to understand the difference between the two metrics, one that told us how long it took for the initial HTML page to load (495 ms) and the other that told us how long before the page was visually complete and ready for the user to interact with it (2.4 seconds), as it is this difference that represents the frontend performance of the web page. Many articles on Simple Talk over the years have focused on the backend (server and database) components of performance. We can see from this example that the frontend aspects are also important, and can often account for a much larger portion of the time that the user spends waiting for the web page to be rendered. So let’s understand what is happening during this time interval between the point when the HTML for our page has been downloaded and when the page has been rendered to the user.

The majority of this time is needed for the browser to download all of the other assets needed for our page. This includes all of the CSS, JavaScript, fonts and images that are used by the page. With the advent of highly interactive web applications, we are downloading more of these types of files than ever, especially JavaScript files. And it simply takes time for the browser to download these additional assets needed by a web page.

The browser also spends time laying out and rendering the page to the user. Web layout is a dynamic process that depends on other factors such as the screen resolution of the user viewing the page. Upon downloading and parsing all of the HTML and CSS for your page, the browser has to go through this layout process and calculate the size and position of all of the elements within the page so that the page can be rendered. As such, the order in which we load certain resources turns out to be very important so these calculations can start as soon as possible.

As I will soon explain, the homepage for Simple-Talk.com can be improved. However, a web page that renders to the user in 2.4 seconds is actually fairly reasonable. It is quite typical to find web pages that take several seconds for the browser to download the required assets and layout the page, with the result that the user sees an empty or incomplete page for an extended period of time. The data from Kiss Metrics should be enough to convince you that we can, and must, minimize the amount of time that the user has to wait to view our pages. To do this effectively, we need to understand the factors that contribute to the frontend performance of our web pages and learn how to identify and correct frontend performance issues when they appear.

You should read the entire article for some really great information on this important subject.

Writing A Custom Search Engine

thoughtful

Creating a custom search engine an be very difficult. The concept of writing the next Google or Bing can be attractive, but it is probably more difficult that you think. If you are thinking about writing your own search engine, you need to read this article by Anna Patterson.

There must be 4,000 programmers typing away in their basements trying to build the next “world’s most scalable” search engine. It has been done only a few times. It has never been done by a big group; always one to four people did the core work, and the big team came on to build the elaborations and the production infrastructure. Why is it so hard? We are going to delve a bit into the various issues to consider when writing a search engine. This article is aimed at those individuals or small groups that are considering this endeavor for their Web site or intranet. It is fun, but a word of caution: not only is it difficult, but you need two commodities in short supply—time and patience.

SUPER-SHORT SEARCH ENGINE OVERVIEW 

OK, let’s do it. Let’s write a search engine. 

A crawler gets the Web pages off of that pesky Web and onto your beautiful disks. You’ll need lots of disks. 

Then you need to index these pages—say which page has which words. This will tell you that Janet Jackson was found on the http://www.superbowl.com page. Usually, indexing happens locally on the disks where your crawler dumped these Web pages. Hey, why move them? 

In most architectures, now you need to merge these indices so that you have one place to go to in order to find all the pages mentioning Janet Jackson’s Super Bowl performance. When you merge all these small indices, the final index will be so big that it won’t fit on one machine. This means that you’ll have to merge these small indices in such a way as to split the final big index across many machines. 

Now you are ready to serve queries? Wrong. Now you build the runtime system that gets users’ queries, retrieves the results out of the index from the right machine(s), and re-ranks them according to the query. All this, while people are drumming their fingers on their desks waiting—hopefully, lots of people and, hopefully, not enough time for much drumming.