The Cloud/Meeting Notes for 2016-07-11

From SOBAC Wiki
< The Cloud
Revision as of 02:49, 19 July 2018 by BobJonkman (talk | contribs) (BobJonkman moved page KWNPSA Meeting Notes for 2016-07-11 to The Cloud/Meeting Notes for 2016-07-11: Standardize title and page hierarchy)
Jump to navigation Jump to search

The Cloud

Event notice
http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/228739922/
Meeting notes
http://www.meetup.com/NetSquared-Kitchener-Waterloo/messages/boards/thread/49977700


Future Topic

Meeting Notes

Hosting
VPS hosting: servers in the cloud
  • Linode: $20/month (TWC uses this)
  • Digital Ocean
  • Cloud at cost (don't use this for production)

You get a virtual machine in the sky which you have to administrate.


Shared hosting

Somebody else sets a server up and gives people accounts. They typically take care of disaster recovery.

Typically you don't get root. Sometimes you don't get a shell.

Colocation

Put a server in somebody's rack. You pay for the hardware and the hosting.

Computer in your basement (self-hosting)

You take of everything.

Your ISP has to be happy with you.

Server power is expensive.

Pros/cons
  • Be careful what you make public
  • Be careful of hopscotch attacks


Hosted Services
Types of Services
  • Microsoft services (Office 365)
  • Storage (SkyDrive, DropBox, Google Drive)
  • Hosted Exchange, Sharepoint, OneDrive
  • Hosting antivirus
Considerations
  • There have to be ways for people to work offline on planes
    • But even Google Docs can be used offline (via an installer?)
  • When the Internet is down Brendan goes home. Why?
    • Email
    • VoIP phones
    • File shares that are not local
  • Can you do video editing in the cloud?
    • There is an upper limit to the resolution
  • Multiple location and home access is easier
  • Who does the backups?
    • There is versioning for documents in Office 365
  • Sometimes services you depend upon go down. Then what?
    • Can you transfer your services to other providers easily?
    • LibreOffice is going into the cloud as well
    • Mount as a filesystem and use rsync
    • Google provides a way to do sync as well
  • Can sysadmins see the documents of their users when they are on the cloud?
    • What happens when people leave?
    • People use their corporate accounts and access data via their browser
  • Logging into multiple companies can be difficult
  • Do these services all use cookies for sessions?
    • Cookies
    • Session tokens
    • User data storage
    • Persistent TCP sessions?
    • Endlessly refreshing HTTP sessions? WebSockets
Pros/cons
  • Self-hosting is complicated so companies are taking it away (also not as lucrative for the companies)
  • What happens if you are offline?
    • Adobe was offline in 2014 and people were locked out (how does this work?)
    • What happens when your apps are just web frontends?
  • Will all the IT people be unemployed? Not Brendan!
Antivirus?
  • Web browsers check every page to make sure it is not malicious?
  • You could put the management consoles in the cloud
  • You could have clients send everything up to the cloud to be scanned


User Training/Adoptions
  • Do corporations just do this to minimize training costs?
    • You have to train people
    • But what happens when there is a breach?
  • How to we improve training and workplace culture?
    • Go to management?
    • Sheet of instructions that staff don't read
    • Monthly staff meetings
  • What about intentionally baiting users?
    • Report to your users
    • Go to your users individually and educate them?
    • Reduce user rights?
    • Publicize the people who have done bad things
    • Use peer pressure?
  • Passwords
    • Shamir's Secret Sharing System : Multiple people each need to put a password in to unlock things. http://point-at-infinity.org/ssss/
    • Brendan does not allow people to set their own passwords. He gives passwords to people.
    • Is it worth running hashcat or john the ripper on passwords?
  • Why do users keep sending attachments by email?
    • People have inertia for new things
    • It is harder to put files in shared storage than to email attachments
    • Sharepoint puts links to files instead of attaching them (for internal emails) (and so does GroupWise document management)
  • "Permissions" for cloud resources are hard for users to understand
    • Things that are "public" can be public to the world, not just the organization

(Go to NPSA Past Events)

Retrieved from "https://sobac.com/mediawiki/index.php?title=The_Cloud/Meeting_Notes_for_2016-07-11&oldid=1999"