The Cloud/Meeting Notes for 2016-07-11
< The Cloud
Jump to navigation
Jump to search
Revision as of 00:01, 14 February 2017 by BobJonkman (talk | contribs) (BobJonkman moved page NPSA Meeting Notes for 2016-07-11 to KWNPSA Meeting Notes for 2016-07-11: Better branding)
- (Go to NPSA Past Events)
- Event notice: http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/228739922/
- Meeting notes: http://www.meetup.com/NetSquared-Kitchener-Waterloo/messages/boards/thread/49977700
The Cloud
Future Topic: Succession strategies
Contents
Hosting
VPS hosting: servers in the cloud
- Linode: $20/month (TWC uses this)
- Digital Ocean
- Cloud at cost (don't use this for production)
You get a virtual machine in the sky which you have to administrate.
- peaceworks.ca
- CCj/Clearline : $20/month for a shared host
- http://www.ixwebhosting.com/hosting-plans : $8/month
Somebody else sets a server up and gives people accounts. They typically take care of disaster recovery.
Typically you don't get root. Sometimes you don't get a shell.
Colocation
Put a server in somebody's rack. You pay for the hardware and the hosting.
Computer in your basement (self-hosting)
You take of everything.
Your ISP has to be happy with you.
Server power is expensive.
Pros/cons
- Be careful what you make public
- Be careful of hopscotch attacks
Hosted Services
Types of Services
- Microsoft services (Office 365)
- Storage (SkyDrive, DropBox, Google Drive)
- Hosted Exchange, Sharepoint, OneDrive
- Hosting antivirus
Considerations
- There have to be ways for people to work offline on planes
- But even Google Docs can be used offline (via an installer?)
- When the Internet is down Brendan goes home. Why?
- VoIP phones
- File shares that are not local
- Can you do video editing in the cloud?
- There is an upper limit to the resolution
- Multiple location and home access is easier
- Who does the backups?
- There is versioning for documents in Office 365
- Sometimes services you depend upon go down. Then what?
- Can you transfer your services to other providers easily?
- LibreOffice is going into the cloud as well
- Mount as a filesystem and use rsync
- Google provides a way to do sync as well
- Can sysadmins see the documents of their users when they are on the cloud?
- What happens when people leave?
- People use their corporate accounts and access data via their browser
- Logging into multiple companies can be difficult
- Do these services all use cookies for sessions?
- Cookies
- Session tokens
- User data storage
- Persistent TCP sessions?
- Endlessly refreshing HTTP sessions? WebSockets
Pros/cons
- Self-hosting is complicated so companies are taking it away (also not as lucrative for the companies)
- What happens if you are offline?
- Adobe was offline in 2014 and people were locked out (how does this work?)
- What happens when your apps are just web frontends?
- Will all the IT people be unemployed? Not Brendan!
Antivirus?
- Web browsers check every page to make sure it is not malicious?
- You could put the management consoles in the cloud
- You could have clients send everything up to the cloud to be scanned
User Training/Adoptions
- Do corporations just do this to minimize training costs?
- You have to train people
- But what happens when there is a breach?
- How to we improve training and workplace culture?
- Go to management?
- Sheet of instructions that staff don't read
- Monthly staff meetings
- What about intentionally baiting users?
- Report to your users
- Go to your users individually and educate them?
- Reduce user rights?
- Publicize the people who have done bad things
- Use peer pressure?
- Passwords
- Shamir's Secret Sharing System : Multiple people each need to put a password in to unlock things. http://point-at-infinity.org/ssss/
- Brendan does not allow people to set their own passwords. He gives passwords to people.
- Is it worth running hashcat or john the ripper on passwords?
- Why do users keep sending attachments by email?
- People have inertia for new things
- It is harder to put files in shared storage than to email attachments
- Sharepoint puts links to files instead of attaching them (for internal emails) (and so does GroupWise document management)
- "Permissions" for cloud resources are hard for users to understand
- Things that are "public" can be public to the world, not just the organization
(Go to NPSA Past Events)