147 posts • joined 25 Oct 2007
If there's one thing the Mounties should know, it's no use shutting the stable door after the horse has bolted.
Re: Security? Licenses?
It all boils down to trust. The biggest issue of trust for a company is the level of trust it puts in its employees. Far and away the greatest cause of data security breaches is accidental or deliberate action by an employee.
One example is the use of unencrypted emails as the file sharing mechanism of choice both within a company and with the company's customers, suppliers and partners. It doesn't really matter where your email service is or how tightly its security is locked down. Sensitve data is routinely launched in the clear, into the wild.
Now add BYOD smartphones and tablets and things get even more interesting.
A company with substantial in house systems puts a particularly high level trust in its IT administrators, who can, and regularly do, make mistakes, or worse, deliberately sabbotage systems or discolse sensitive data. Hell hath no fury like a sysadmin sacked.
Where a company's systems physically reside, other than the obvious data protection constraints on geophraphic location, is in many ways the least of its data security worries. In this respect, the use of an enterprise class cloud service is at least as good as using your own data centre.
Re: The dinosaurs live
I too have worked through (most) of those phases and qualify as a dinosaur myself. We've still got mainframes, UNIX systems, Windows servers and very probably DEC VAXs (although I haven't seen one in a while) and will have for a long time to come. What experience has taught me is that a great many new things have a lot of value as an additional tool, not a replacement one. I see farms of virtual machines, both in their private and public forms (Infrastructure, Platform and Software as a service) as pretty awesome things to add to my armoury.
Risk assessment, DR planning, performance management and the rest of it are perennial problems whatever mix of platforms you choose, and it is in these areas that experience counts most of all. You have known the heart stopping bowel moving panic and you have learned from it!
The dinosaurs live
Move my in house applications from a mainframe to a VAX ... never!
Move my in house applications from a VAX to a UNIX box ... never!
Move from terminals to PCs ... never!
Move my in house applications from a UNIX box to a Windows server ... never!
Move my in house applications from my network to the cloud ... never!
Worried about a 2e2 (who were more of a traditional outsourcer than a cloud provider) then use two providers and replicate your stuff.
Worried about trust? Well, as a sysadmin someone is trusting you. Why are you trustworthy? What SLA do you personally give to your company? Are you close to a breakdown? If you don't perform, how many years salary do you have to pay back to your business?
There is nothing new in the cloud. It's all simply about realising the economies and flexibility of working at scale.
Re: Science is amazing
I take it you didn't pull.
Jonathan Porritt once gave a lecture at my school which he opened with something along the lines of "I expect you think that we greens are all a bunch of woolly hatted lentil stirrers". In the intervening years (of which there are far too many), apart from not actually wearing a woolly hat or publicly stirring lentils, he has done little to convince me that he is not.
"in the event the doomsday box system goes titsup"
If the BRASTRAP can go titsup, then there must also be a system component called JOCKSTRAP to allow for the inevitable cockups.
In a nutshell, a Docker container contains an application *and* all of its dependencies. So say the application depends on a LAMP stack with specific versions of Apache, MySQL and PHP, you wrap those versions into the container. You can then move that container to any VM or physical server without worrying what the AMP versions are on the base install of the VM.
This is a huge step. Currently if you want to move an application from one VM to another, or you want to run mirror servers, you first have to build a second VM to the same specification as the original in terms of application dependencies. Even with things like chef and puppet this can be a time consuming task. Linux containers abstract away that problem without (so it is claimed) a significant performance overhead.
Re: Wan side access to the router
I think "in this day and age" sums up the problem, which is that most of these routers were purchased in another day and age, and haven't been touched since.
Re: Oh the security....
Excellent post and all good points.
The resources required to do what you say in house are significant and are realistic only for the size of business that has always been able to run complex systems in house.
The promise of cloud based services is to bring some of the benefits of complex business systems to companies that have no prospect whatsoever of being able to afford to deliver them in house, namely SMEs and startups. For those businesses the choice is either to use the cloud or to become progressively less competitive, and eventually die. The risks you describe are, for this class of company, unavoidable risks of doing business. What they probably need is a bit of consultancy from someone like you who understands the risks of the cloud and can help to mitigate them.
"All state information security systems were unprepared for such a brazen violation of the law."
Aha I see .... their security systems were only prepared for the more friendly kind of aggressor who does not brazenly violate the law but asks politely whether he can invade your country, and certainly wouldn't tamper with your phone systems unless he had your explicit permission.
Re: Wot no SLA
Given that six nines amounts to 2.6 seconds of allowable downtime worked on a monthly basis, you may aswell guarantee 100 percent. If you miss 100 you're almost certain to miss six nines, so as a supplier you are not in reality exposing yourself to higher risk.
Re: Test subject
Firstly a rather crass remark that you've made. Secondly, it's just under 80 for males, and only for males that are born today. For males born 80 years ago the life expectancy was considerably lower, so I think in this case, he is well ahead of average.
My old man smoked like a chimney, drank like a fish, ate like a king and died at the age of 69 - a very happy man!
Timing is everything
Just when Samsung are ramping up their efforts to break free from the chocolate factory. Tizen (tizen.org) it seems is the new Android. If they can do it, this would surely be a very good thing given the average consumer's current choice of being locked in to one of Apple, Google or Microsoft.
A tip if you want your blog comments to be read. Keep it brief, essays belong elsewhere. I skipped your comment.
"According to EMC, the staff cuts are down to its internal rejigging to decrease the effects of back-end loading of customers orders in each quarter."
Eh? What? There is a fine line between english and gibberish, and I think that in this case the line has been reached, crossed and left a few miles behind.
This is a clear case of a 42GB memory stick being illegally converted into a 42DD mammary stick with optional encraption (altough I'd go for plane text if I were you).
One million lines of code
That's an interesting defence. "Look mate, this system is huge. It cost loads and loads of money. It's so complicated that my head spins just thinking about it. So, when it fails I want it to fail big! No trivial little glitches that nobody even notices for me - oh no. Ask the banks, they understand. If you've paid for serious software then you want to see serious failures. I want my money's worth."
Talks eh ...?
Harrison Ford : For a million bucks a minute I might consider it.
Mark Hamill : Please, please, please give me a part! Even as en extra. I'll do it for free. No actually, I'll pay you. I am BEGGING you. click. Hello? Hello?
Re: Twitter ticker = TWIT?
Never knew that about Google's offer to sell to Excite. Amazing! Nevertheless my point holds. I agree that Google's superiority as a search engine attracted the people. However, it was the advertising and marketing tools they built that allowed them to turn those people into a world beating business model.
Re: Twitter ticker = TWIT?
It was Excite founder Joe Kraus who for me explained this best. He always said that what Excite had missed, and why Google won, was that search was actually about marketing. A good search engine provided an awesome vehicle for reaching potential customers. Google transformed the world from a dozen markets of millions of people, to a million markets of dozens of people.
Facebook and Twitter have created highly popular platforms that can be used for hyper targeted marketing campaigns. Therein lies their value. Whether we like them or not is irrelevant. I don't like TV advertising myself, but in the end, reaching your target market is where the money is, and the routes to market that prove most successful are going to be enormously valuable.
But how do you know that your tests cover all possible scenarios? Eh? Answer me that!
Talk to the people at Fukushima, I'm sure they'd war gamed a scenario or two.
"Some research I have seen in the last year or so has started to show some evidence of that ..."
Now there's an investment winning business case if I ever heard one.
Re: Please speak English (or Scots)...
An episode is defined in the dictionary as "a single event or group of related events". In the NHS the word is routinely used to describe everything that goes into your period of treatment. This may start with an operation but also include a drugs regime, a stay on a ward for recovery, and follow up visits as an outpatient. It's actually a very appropriate word to use in this context.
Every time there's an issue in the cloud, there are plenty of people taking the "told you so" line. This appears to be an example of the reverse. Running your own data centre is all very nice and you can certainly touch everything, but it's very expensive indeed to provide the sort of N+1 or 1+1 redundancy that is standard fare in colo or managed data centres. I'm not taking sides here, just trying to balance the argument a bit.
Re: Simplicity Works
You beat me to that comment.
This is not particularly sophisticated, just a good old fashioned con trick!
Re: Requisat en pace
and breath ..... I think you may need a holiday.
I do agree though, they just don't make them like they used to.
Another Happy Camper
Service, peformance, and reliability for Rackspace in the UK has always been outstanding both for dedictated servers and VMs. Over the last six years they've always lived up to their Fanatical Support mantra.
In Google we trust! God bless Amazonica!
Re: What he said
Aha! So you've just become single and you're looking to spend four years at university. I can certainly see where you're coming from there.
The real king of networking
No mention of Banyan Vines and its legendary StreetTalk directory services. Light years ahead of its time although a bit overkill for very small businesses. Multi-site, native WAN connections via dedicated routing cards, and host of other features made it scale with ease which is why any large business building a serious enterprise wide network was using it.
Banyan's supreme achievement however was the utter crapness of their sales and marketing which managed to snatch defeat from the jaws of victory. Truly a triumph of dreadful business strategy over brilliant technology.
Yes indeed. Oracle could prove useful for servicing SalesForce's back oraforce ...
Deliverable : IT Cloudiness
Methodology : Advanced Nebulosity
KPIs : Successful implementation of foginess, opacity, smoke and possibly mirrors
Billable : £90 million (incl VAT payable in advance)
Clegg ... a tough nut to crack
Re: big deal
Careful, too many trillians and you might dent the shelf.
Re: Death to the cloud
The so called cloud involves many things. Not least the data communications infrastructure that's in place. Not long ago people were still running private wide area networks over astronomically priced leased lines (we're talking many tens of thousands of pounds per annum) at speeds of 64kbps. They did this because the nascent non-academic Internet with its encrypted IP tunnels were simply too unknown, unreliable and slow. It was slow even over relatively expensive leased Internet lines, but even worse over ISDN, modem or eventually DSL.
Move on just a few years, and only a handful of companies would now dream of leasing their own point to point connections accross the Atlantic. We tunnel through the Internet. It's a fraction of the cost and because of this it has revolutionised the world.
Your view on these really quite new third party storage services should not be based on their current reliability or security. It should be based on whether they are an early stepping stone to a revolution, as the early commercial comms infrastructure was.
I believe that cheap online storage that's acceptably reliable, acceptably secure and where the price is right is already revolutionising the way many people work and play, and will do so more and more as the technologies mature.
Stephen needs professional help
"Indeed, Stephen sent us no fewer than 75 images of his lab"
That goes way beyond straight forward nerdiness.
Re: Damn it!
That's nothing. They also have my list of favourite menus and several notes saying Testing 123. They may not know where I live, but they know what I eat!
Fetch me Bruce and his Black & Decker right now!
And who the f**k made the decision to decommission the shuttle fleet?
The old ones are the good ones!
Re: I love it!
Once again I have to say that this really just isn't the case. Why should a data centre be any less trust worthy than a company employee. There are countless examples of pissed off sysadmins destroying data and backups held on internal company machines.
If you want stuff in house recruit your sysadmins very very carefully. If you're going to outsource, pick you outsourcing suppliers very very carefully. It's as simple as that. There is nothing inherently more risk about outsourcing.
Re: 'The UK attitude is it is inherently less safe with a third party'
The UK attitude is that your money is inherently less safe in a bank than under your bed. It probably is these days, but we still use banks.
It simply is not the case that using a top notch third party to run infrastructure on your behalf is inherently less secure. I would argue that for the majority of businesses, their local physical and digital security is substantially weaker than the best service providers.
Businesses who embrace the cloud and manage it properly stand to gain a huge competitive edge. This is what will drive the transition in the end, and the job of the IT Director will be to make sure it is delivered securely and reliably.
The alarm bells really started ringing when I got to the bit about PricewaterhouseCoopers having published a report. The big consultancies are short of public sector work at the moment. What better time to lobby ministers into launching another round of NHS madness.
If the consultancies are involved you can bet your a*se that any solutions will be even more complex, more centralised and more prone to juicy and lucrative cost overruns than the last attempt at this.
There are some (relatively) simple decentralised solutions to solving this problem, but there is little money to be made from them by the management and IT consultancies, hence they never see the light of day.
The fathers of the internet did not set up a single, central DNS server and require everyone to subscribe to it. Instead, they defined a standard for the operation and interaction of domain name servers. Anyone could set up a server as long as it complied with the standard, resulting in a gloriously simple and scalable distributed database. OK, it's time for some updates now, but it has served us with distinction and performed way beyond its original design goals.
The NHS needs to define a standard by which any two patient administration systems (PAS) can share records. After that, we can have many competing PAS systems which will increase choice and quality and drive down costs. Trouble is, you can't charge 12 billion quid for setting a standard.
I think AC has been the victim of a XAP exploit (aka cross article posting). Clearly the comment was made on a completely different article. I suggest El Reg check their servers for evidence of this dreadful XAP attack. The root cause no doubt is Bill Gates himself if AC is to be believed.
The stove is the answer and gives you much better popcorn BUT you must never do them in butter. Smoking hot oil is the way to go. Butter will burn at the required temperature. After you've popped the corn is the time to pour melted butter all over it.
That's great, I'll have to remember that one!
This is an unbelievably poor article. At every level.
What's a Lamp stack? A big pile of lights? Now a LAMP stack on the other hand is something quite different.
The author strains to distinguish between two types of MSP namely those who manage the email service and those who get others to manage the service and merely resell it. When is an MSP not an MSP? When he's a reseller. All that this article does is to describe the difference between a service provider and a reseller.
There was absolutely no point in writing or publishing the article. It's awful.
And yes I did get out of bed the wrong side this morning and have indeed been looking for a good target for spleen venting.
We could all have a discussion about how fat is too fat when it comes to client software.
Or we could all have a discussion about whether Nicollette Sheridan is too fat, too thin, or just about right in the Martini ad :
Dear Scan Computers
You have three options :
A) Give me a fifty quid royalty on each sale.
B) The Earth gets it. I've had enough of saving the poxy thing anyway.
C) I'll take one free unit in full and final settlement. Email email@example.com for delivery details. It's not much to ask and it'll save you a lot of trouble. You know it makes sense.
- Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
- Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
- Feast your PUNY eyes on highest resolution phone display EVER
- Analysis Oh no, Joe: WinPhone users already griping over 8.1 mega-update
- AMD demos 'Berlin' Opteron, world's first heterogeneous system architecture server chip