Category Archives: Disaster Recovery

Are You Considering Colocation? Ask Prospective Data Centers These 9 Questions to Make the Right Decision

datacenter humor colocation

When you look into colocation, what you need to know to find the right data center is a more limited list than with web hosting because you are providing all the equipment yourself. However, a number of crucial questions beyond price remain. Top concerns are provided below, boiled down into ten questions, in two categories:

  • General data center questions
  • Questions related to hardware handling.

5 general questions for your colocation datacenter

Here are five key questions you should ask your datacenter, according to PC World:

What physical security checks are in place?

A datacenter, whether it is maintained in-house or used for colocation, should always fit the following parameters:

  • The building should be standalone so that security protocols can be applied building-wide.
  • The perimeter of the building should be at least 20 feet wide and should be surrounded by a fence.
  • It should not be immediately adjacent to the office of the business to which it belongs.
  • It should be outfitted with security cameras and staffed by guards who check photo IDs at two different positions.

How virtual are you?

This question applies less directly to colocation situations, but the answer is a good indicator that a datacenter is cutting costs in the right way. One of the easiest and safest ways for a web hosting and colocation facility to become more cost-effective is through virtualization. Find out what the ratio is between physical servers and virtual servers. PC World advises that you choose a datacenter with at least four times as many VPS servers (virtual private servers) as physical servers, preferably three times that figure.

How green are you?

Going green isn’t just about environmental sustainability. It’s about cost savings. A data center should always be striving for greater efficiency, and energy is an obvious place for continual improvements.

A strong and professional colocation center will be interested in any information that you or other third parties might have to provide on the subject. Facebook and other large organizations have made cogent suggestions to their utility companies, allowing greater efficiency for their data center climate systems. Your company may not be as large as Facebook, but your voice should still be heard.

How do you accomplish cooling?

If cooling is important to Facebook, it should probably be important to your business as well. All servers in a datacenter should reside in rooms that remain at 68-75°F (20-24°C) at all times. Servers and other hardware generate a massive amount of heat, so cooling typically represents 50% of a datacenter’s overhead.

In the past, many colocation facilities cooled excessively, thinking they were erring on the side of caution, but low temperatures are not healthy for equipment either. You want the datacenter you choose to have climate control integrated with the server infrastructure. Sensors throughout the building should be monitored remotely, 24/7, by a well-trained staff of IT engineers.

What are your plans for disaster recovery?

Mitigating your risk of disaster is all about preparation. Data centers, like any businesses, don’t like to overspend on any aspect of business (parts or labor), so DR (disaster recovery) does not always get the attention it deserves.

A great example of disaster recovery gone wrong is an incident that occurred at 365 Main, a highly respected Silicon Valley outfit, in 2007. Although the company claims to this day it is “the world’s finest datacenter experience,” when the lights of its San Francisco datacenter went out seven years ago, 40% of its client were negatively impacted. The company stated that it needed eight working diesel generators for disaster situations, and although it had ten in place, three didn’t start due to a failure in an electronic controller. However, equipment failures also represent failures in routine maintenance.

5 datacenter questions regarding equipment handling

A specific concern related to colocation arises if and when the datacenter needs to move your equipment, such as when it is first installed. Data Center Knowledge provides five questions related specifically to safe handling of servers:

  • Does the colocation facility foresee any issues related to the weight of your servers or the height of your racks?
  • How wide are the aisles in the datacenter?
  • How many people will help to move the equipment?
  • What guidelines will be used to make sure that the equipment is properly aligned?
  • Will a server lifting system be used?

That last question is particularly crucial. Server racks can weigh as much as 500 pounds or more. You need to know exactly what’s going to happen, because mistakes are sometimes made and become less likely with proper checks and balances. In one high-profile incident, IBM was sued for over $1 million when a server fell from a forklift it was using to transfer equipment within one of its data centers.

1 question for you

Are you in need of a redundant and robust colocation solution? Choose a colocation partner that has 20 years of experience and a datacenter that is certified to meet the standards of SSAE 16 (SOC 1) TYPE II: Atlantic.Net.

By Brett Haines; comic words by Kent Roberts and art by Leena Cruz.

What is a WAF (Web Application Firewall)?

firewall-lolcat

Firewalls come in essentially three varieties: hardware firewalls, software firewalls, and web application firewalls (WAFs). Typically a hosting company or datacenter infrastructure will take advantage of both of the first two types of firewalls for general use. The third type – the focus of this article – started gaining prominence about a half-decade ago (though there is overlap of these categories, as discussed below).

According to the nonprofit Open Web Application Security Project (OWASP), web application firewalls became more prevalent as hackers started focusing their efforts on apps (e-commerce stores, sales systems, etc.). Essentially, the apps provide different points of entry for intruders, so hackers started zoning in on them. That point of focus has many times allowed them to enter without being noticed (because standard firewalls have been centered on general network activity rather than the range of issues specific to web apps).

Why is a web application firewall necessary?

The basic need for firewalls specific to web apps is that Hypertext Transfer Protocol (HTTP) is relatively simplistic. Obviously, that protocol defines the back and forth of Internet interaction. Web applications, meanwhile, have become more and more sophisticated as time has gone on. The apps have outgrown the language used to communicate them in a sense, security-wise. Specialized protective software – the web application firewall – bridges the divide so that apps aren’t as vulnerable.

There is an additional disconnect between HTTP and web app security related to state. HTTP is stateless, and web apps are typically stateful. In other words, the latter utilizes previous processing information whereas the former does not. This disparity means an additional incompatibility between the two, beyond general complexity: essentially, a web app is “on its own” to establish its parameters and protect itself (enter the WAF).

What exactly is a web application firewall?

By definition (per OWASP), a WAF is a piece of software intended to protect a web app that is on the level of the application. Nonetheless, a WAF is not defined by the web app: it’s not a customized solution specific to that application but – similarly to a general software firewall – one that contains parameters to protect against intrusion into a wide variety of frameworks and scripts.

To be clear, there is overlap between the different types of firewalls. Software and hardwall firewalls are used in their own right to protect networks. However, WAFs – with their specialized function for web applications – can take the form of either of those two main types. They can be implemented either as hardware devices, installed as an actual physical piece of an infrastructure; or they can be used as software, installed on servers or integrated into other devices (e.g., they can be loaded onto hardware firewalls to enhance their protection with WAF capabilities).

Overall function of web application firewalls in an enterprise

Often a company is running dozens of web apps at the same time. Although an enterprise will typically consider the strength of some WAFs more important than others (based on the role played by the app it is protecting), it’s wise to remember that a system may only be as strong as its weakest link. Hackers could be able to access the network, potentially, through any of the firewalls. For that reason, apps that may generally be less vital to business operations should still be reasonably secure.

That said, because of budgetary concerns, systems administration often must place greater or lesser weight on the firewalls protecting certain apps. Here are a few questions that can be asked to strike the proper balance and understand which apps must have the highest degrees of protection:

  • Does the app grant availability to sensitive details of any users of the system, whether internal or external parties?
  • Does it allow access to proprietary documents or data?
  • Does the app play a crucial function within the enterprise? How bad would it be if it went down?
  • Is the app itself involved in network or any system protection?

App development & function of individual web application firewalls

Clearly the strength of each firewall should be as strong as possible, as discussed above. However, ideally a firewall is not crucial at the outset. Security should be a major factor for custom apps during their development. Loopholes in applications are patched as weaknesses become known, but problems discovered when an app has been used for a lengthy period can often mean more time and money for a fix.

A web application firewall comes in handy when it impossible or difficult to make changes to the application, or when the necessary revisions are extensive. The firewall is used when the app itself cannot be changed. Standardly a firewall uses a blacklist, protecting against individual, previously logged attacks. Additionally, it can also use a white list, providing allowable users and instances of interaction for the application.

Conclusion

Web application firewalls play an important role for companies worldwide. We believe strongly in our own firewalls and security at Atlantic.net. In fact, we believe so much in our reliability that we guarantee a complete absence of downtime. Click here to learn more about what makes us different.

By Kent Roberts

Release the Google Internet Balloons!

Type in the word “Internet” in Google Plus Search and you’ll be in for a surprise. The topic going viral at the moment is Google’s balloon project called Loon. In fact, Trey Ratcliff did a long post in Google Plus that just blew me away with over 1400 votes and reshares!

Trey Ratcliff – Google+



From plus.google.com

Release the Google Internet Balloons! Photos and video!

See the Full article with all the pretty pictures on blog:…

Juliana Payson‘s insight:

Try to imagine a network, drifting balloons that swarm in the stratosphere, communicating internet from one balloon to the next. Just like the way phone towers come into reception as you drive through the states. Read more about Trey’s stunning behind the scenes story as the project was unveiled to him. You can read more about Project Loon here:

Loon for All – Project Loon – Google


From www.google.comToday, 2:14 AM

Project Loon looks to use a global network of high-altitude balloons to connect people in rural and remote areas who have no Internet access at all, help fill coverage gaps for areas that can’t be served profitably by existing providers,

If you go deep in the desert or climb a mountain or find yourself in the South Pole or a remote farm or any place that can be considered ‘the middle of nowhere’, guess what? You have no internet. Well, Wired is reporting that Google wants to change all that by sending high-altitude balloons into the stratosphere to give the world Wi-Fi.

These balloons are autonomous, save for the obvious ground control, and self powered with solar energy. You’d need a telescope to spot one. And the only interference they present is a notification to Air Traffic Control that a balloon is either ascending or descending. Even the parts have become reusable while in their testing phase.
Has Google found a way to be the new totally green ISP?
by – Juliana

A Few Questions to Ask Your Cloud Hosting Provider

Whether you are in charge of the IT department for a large enterprise or running a small business, any change in technology requires research and planning in order to ensure you are making the right decision for your business. Below are a few key questions to ask your cloud hosting provider before making any decisions regarding your move to the cloud.

How reliable is your cloud hosting service?

Availability and reliability are critical components to operating in the cloud.  Some cheap web hosts may not see the need to maintain a redundant network because they do not think of it as essential to daily operations.  However, without a redundant, secure, and well-connected network infrastructure, your website may experience downtime, lags, and even stop functioning correctly.  Therefore, review the hosting company’s reliability and availability track record, along with their protocols for restoring service in the event of downtime.

At Atlantic.Net, our industry-leading SLAs are backed by a 100% Uptime Guarantee.  This means that we guarantee all critical infrastructure components will be available 100% of the time in a given month, excluding scheduled maintenance.  No one can guarantee that nothing will ever go wrong, but with a 100% uptime SLA, we set the expectation to do the very best possible.

How secure is my sensitive data?

A lot of people fear that moving their data to be stored offsite will expose them to a variety of risks and security breaches.  This is not necessarily true.  Actually, compared to other data storage options (including using in-house infrastructure), cloud hosting offers the best security, reliability, and ease of use, provided you choose a cloud provider that values security as well.

Different cloud providers offer varying levels of security and you can also “beef up” your security with something like encryption key management.  Take a look at how your cloud hosting provider protects data, whether through encryption, secure building entry, guaranteed power, or a combination of several security features.

Are there any disaster recovery services included?

Do not hesitate to investigate your service provider’s disaster recovery process, as well as its fail-over capabilities before signing any contracts.  While there is a wide selection of disaster recovery solutions, cloud hosting provides the most flexibility and ease of use, while remaining cost-effective.  As opposed to purchasing two physical servers (one as your day-to-day server and the other as your backup), cloud servers provide the benefit of being able to easily create multiple servers in the cloud without needing to lease/own physical servers.

With cloud hosting from a premier hosting provider like Atlantic.Net, principal IT infrastructure is also essentially a dynamic backup system, as your data and applications reside in an offsite, secure data center facility with a backup, uninterrupted power supply, and dedicated support staff, just in case.

As a leading cloud provider, Atlantic.Net offers a full line of cloud hosting solutions backed by almost two decades of experience in connectivity, advanced computing, hosting, and web technologies.  Contact an Atlantic.Net advisor today at 800-521-5881 for a free cloud server trial!

Atlantic.Net offers Free Cloud Services to Those Affected by Data Center Issues in Northeastern US

Atlantic.Net offers relief to businesses affected by data center outages due to Hurricane Sandy.

Atlantic.Net (http://www.atlantic.net/), a privately-held leading hosting solutions provider announced today that they will be offering relief to those affected by the Northeastern US data center outages caused by Hurricane Sandy. Atlantic.Net is offering free cloud server hosting services to businesses that rely on data centers currently experiencing issues due to the storm.

“Atlantic.Net is offering free cloud server hosting to allow businesses to get back on their feet until they can establish a more permanent solution for their business hosting needs, “ said Marty Puranik, President and CEO of Atlantic.Net. “With the free service, businesses can use our cloud service for a couple of days or a couple of months with no strings attached. We’re trying to be helpful during this catastrophic event,” said Mr. Puranik.

While the aftermath of the storm continues to affect many businesses in and around the Northeastern US, Atlantic.Net’s world-class infrastructure allows for cloud servers to be provisioned in a matter of minutes, enabling businesses to get back online in no time.

With Atlantic.Net’s offer, there is no required contract and no payment. In order to expedite recovery because each business has different needs, Atlantic.Net is requesting that those affected send an e-mail outlining the services they need to the email address, sandyrescue@atlantic.net, which has been set up specifically for this offer.

About Atlantic.Net

Atlantic.Net is a market-leading Cloud Hosting Solutions Provider recognized for providing exceptional business hosting service, simplifying complex technologies, and building a brand that businesses trust since 1994. Atlantic.Net specializes in providing Cloud Servers, Colocation, Dedicated Servers and Virtualization Hosting Services. Atlantic.Net owns and operates a SSAE 16 (SOC 1) TYPE II (Formerly SAS 70) audited and certified data center infrastructure and is dedicated to implementing tailored hosting solutions that enable clients to enjoy the benefits of cost savings.

Atlantic.Net Media Contact:

M. Adnan Raja, Media Relations
pr@atlantic.net (321) 206-1371

Hurricane Sandy and its Effect on New York Data Centers

As Hurricane Sandy hit the Northeast coast on Monday, several major websites including the Huffington Post, Gawker, and Buzzfeed struggled to stay online due to the flooding of a major data center in lower Manhattan.

Datagram, an Internet Service Provider based in New York City, kicked on its emergency systems to maintain power to its Manhattan data center on Monday when hurricane Sandy made landfall.  However, within a few hours after the hurricane hit, the building’s entire basement, which houses the building’s fuel tank pumps and sump pumps, was completely flooded.  Therefore, the data center was forced to shut down to avoid fire and permanent damage, taking several major websites down with it.

Luckily, Datagram experienced no permanent infrastructure damage from the storm and none of their customers lost data.  However, many of their current clients are left questioning why the company chose to locate their data center in such a low-lying area prone to flooding.  Unfortunately in this case, the data center location was chosen based on real estate and power costs, instead of natural disaster tolerance.

Hurricanes have a history of knocking out the technology that keeps us going.  However, businesses must be able to rely on their data center so that their customers can rely on them.  This means choosing a data center with adequate physical security in a location that is tolerant to these types of natural disasters.

At Atlantic.Net, we own and operate our own data center in Orlando, Florida and our facility offers state-of-the-art redundant systems, guaranteed power, temperature/humidity control, and security.  Protect your investments within our World-Class Data Center.  Call 1-800-422-2936 today to get a quote and a free consultation!

Aligning Your Security Goals for MySQL with a Cloud Encryption Solution

Before integrating a security solution for your MySQL database, it is essential to understand what your goals are for information security and how they relate to it.  The underlying goals of any information security solution are most likely:

  • Confidentiality – Your data cannot be read by anyone unauthorized to do so.
  • Integrity - Your data cannot be changed or falsified without your knowledge.
  • Availability – Your data is available when and where you need it, without compromising the confidentiality or integrity of the data.

Keeping these three underlying goals in mind, there are several ways to encrypt MySQL databases in the cloud.  Below are a few options for cloud encryption for MySQL.  The first two focus on the storage “underneath” the MySQL database, while the third focuses on the capabilities of the MySQL database itself.

  1. Full Disk Encryption: This means that the entire disk used by MySQL for storing the database is encrypted.  This approach is simple, transparent, and less error prone.  It will work with your application, without needing changes to the application code.  However, full disk encryption may be less configurable with multiple users because it is essentially all or nothing.
  2. Encrypting specific files (which represent tables): This approach takes advantage of the fact that MySQL can be configured so that each database table gets saved into a separate file.  The idea is to encrypt only the files that are considered the most sensitive.
  3. Encrypting specific rows, fields or columns in MySQL: The SQL language, as implemented in MySQL, allows developers to code encryption for specific rows or specific fields.  This is obviously the most challenging approach because it requires application-level code to be written.

Ideally, your business will need a solution that works well in the cloud and gives you the level of security and control that you require.  At Atlantic.Net, our shared web hosting services come with a high level of security and a wide array of features.  Clients may choose either MySQL or MSSQL 2000.  Clients may also purchase additional SQL databases on the Gold Plan or higher.  Contact an advisor at 800-521-5881 to learn more about our cloud hosting solutions.

Importance of Security in a Data Center

Data Center SecurityUnsurprisingly, data security is the key concern for the vast majority of businesses, and for good reason.  A business choosing a data center is likely doing so because their information is vital and needs to be secure.  The company may hold valuable information and want to protect it from being lost, stolen, or compromised by unauthorized users.  Businesses must be able to rely on their data center so that their customers can rely on them.

Things to consider regarding the security of your data at the data center:

  • Does my data have protection from hackers through software security? Software based security solutions encrypt the data to discourage people from stealing it.
  • Is the physical security of the facility adequate? Physical security denies unauthorized access into the data facility.
  • Does the data center have disaster prevention systems in place? These can include data backup systems in order to lessen or avoid damage when disaster strikes.
  • Is the data center certified? If a data center is certified, this means that they are committed to maintaining high service standards and growing with the industry.

You need to be able to trust that your data is secure in order to effectively provide service to your own customers.  At Atlantic.Net, our facility in Orlando has biometric palm scanners, in conjunction with proximity card readers, for controlled access to the facility and data center floor.  In addition, we have successfully completed the SSAE 16 (SOC 1) TYPE II Certification, which confirms the reliability, security, availability, and processing integrity of the Managed Server Hosting, Dedicated Servers and Server Colocation provided through our world-class data center operations.

Trust the experts at Atlantic.Net to keep your valuable data secure with our advanced security systems.  Give us a call today at 1-800-422-2936 or internationally at 1-321-206-3730.

Cloud Hosting Flexibility: A Key Advantage for Disaster Recovery Solutions

We all know that cloud-based computing solutions offer tremendous flexibility – not only can you set up, change or decommission servers in a matter of minutes, but additional managed hosting features are readily available, and the costs are much more affordable than those for in-house IT, with a fraction of the up-front outlay. These features are of great use in normal operations, but they are crucial for the realm of disaster recovery as well.

It’s often overlooked, but the simple reason is this: the resources available for your disaster recovery solution have to mirror those used in your actual day-to-day operations as closely as possible, because otherwise when a disaster occurs, you won’t be able to recover the most recent operational state. In order to maintain this closeness using in-house hardware, you essentially need to purchase two of everything each time you upgrade or change your infrastructure. And of course, keeping data mirrored properly between those two sites is a challenge, particularly if one site is merely a backup and not fully staffed. Changing hardware and networks inevitably takes time and money. This leaves you vulnerable to mishaps that can occur during the upgrade; to put it another way, during upgrades, the disaster recovery solution is not doing its job.

With a cloud implementation via a quality service provider like Atlantic.Net, your primary working IT infrastructure is also essentially a robust backup system – your data and applications reside in an offsite, secured data center facility with backup, uninterruptible power supply, and dedicated support staff.

So if your primary system is offsite, secure, and well-managed, then you get a double benefit: it simultaneously reduces the likelihood of ever needing to use your disaster recovery solution, while also ensuring that the disaster recovery solution (hosted elsewhere in the cloud) is more effective and affordable than an in-house version.

As a result, the flexibility inherent to cloud-based infrastructure as a service (IaaS) solutions essentially means much closer integration between your “normal operation” systems and your “disaster recovery” systems.  Consider a cloud-based disaster recovery solution to gain increased flexibility and increased responsiveness along with best-in-class hardware and software support. Any computing system carries risks, but a cloud hosting-based disaster recovery plan is your best option for understanding, confronting and minimizing those risks, while simultaneously ensuring that your disaster recovery resources are always as close a match as possible to those used in your day to day operations.

Hot site protection on the cheap

In years gone by, fully redundant “hot site” colocation was seen as the gold standard for robust disaster recovery protection.  Having a geographically distinct site with redundant data storage and functionality was certainly good insurance against nearly any imaginable disaster, but of course the cost and complexity of establishing and maintaining distinct functional hot sites were impossible for most businesses to absorb. An array of other options (data-only backup, cold sites that require startup time) came into use as cost-effective alternatives, but each offered significant drawbacks and made it difficult for companies to implement a disaster recovery plan that was both comprehensive and affordable.

However, modern cloud hosting solutions can offer almost all of the advantages of an offsite colocation facility, including their disaster recovery benefits, at a tiny fraction of the setup and running costs.

Since the lifeblood of most modern businesses is their data, data security and accessibility is paramount for any disaster recovery plan. But companies that use a cloud-based solution for day to day operations are already far ahead of the game: this arrangement means that the primary, current data is already secured in a service provider’s data center. As a result, adding measures like additional colocation mirroring, application hosting, web presence and e-mail continuity is extremely easy and affordable.

In addition, world-class cloud computing providers like Atlantic.Net offer robust physical infrastructure benefits that may well have been beyond the reach of even an advanced hot site implementation. Data centers include features like:

  • Carrier neutrality - Multiple redundant internet backbone connections, to ensure connectivity even if an uplink fails.
  • Robust power supply - N+1 UPS supply, plus backup generation
  • Dedicated fulltime security and staffing - Unlike a hotsite, the cloud computing service provider is always staffed and ready to respond to a crisis.
  • Robust physical security - Full-time security staff, reinforced walls and doors, biometric scanners, etc.

Thanks to cloud computing options, you no longer have to make so severe a compromise between disaster recovery functionality and cost.  A quality cloud computing service provider can give you great peace of mind with minimal hassle and expense. Talk to a provider like Atlantic.Net today to see what kind of service package would be right for you.