The Cloud/Meeting Notes for 2016-07-11

From SOBAC Wiki
< The Cloud
Revision as of 21:53, 15 August 2016 by BobJonkman (talk | contribs) (Added link to NPSA Past Events)
Jump to navigation Jump to search

The Cloud

(Go to NPSA Past Events)

Future Topic: Succession strategies


Hosting

VPS hosting: servers in the cloud

  • Linode: $20/month (TWC uses this)
  • Digital Ocean
  • Cloud at cost (don't use this for production)

You get a virtual machine in the sky which you have to administrate.


Shared hosting

Somebody else sets a server up and gives people accounts. They typically take care of disaster recovery.

Typically you don't get root. Sometimes you don't get a shell.

Colocation

Put a server in somebody's rack. You pay for the hardware and the hosting.

Computer in your basement (self-hosting)

You take of everything.

Your ISP has to be happy with you.

Server power is expensive.

Pros/cons

  • Be careful what you make public
  • Be careful of hopscotch attacks


Hosted Services

Types of Services

  • Microsoft services (Office 365)
  • Storage (SkyDrive, DropBox, Google Drive)
  • Hosted Exchange, Sharepoint, OneDrive
  • Hosting antivirus

Considerations

  • There have to be ways for people to work offline on planes
    • But even Google Docs can be used offline (via an installer?)
  • When the Internet is down Brendan goes home. Why?
    • Email
    • VoIP phones
    • File shares that are not local
  • Can you do video editing in the cloud?
    • There is an upper limit to the resolution
  • Multiple location and home access is easier
  • Who does the backups?
    • There is versioning for documents in Office 365
  • Sometimes services you depend upon go down. Then what?
    • Can you transfer your services to other providers easily?
    • LibreOffice is going into the cloud as well
    • Mount as a filesystem and use rsync
    • Google provides a way to do sync as well
  • Can sysadmins see the documents of their users when they are on the cloud? + What happens when people leave?
    • People use their corporate accounts and access data via their browser
  • Logging into multiple companies can be difficult
  • Do these services all use cookies for sessions?
    • Cookies
    • Session tokens
    • User data storage
    • Persistent TCP sessions?
    • Endlessly refreshing HTTP sessions? WebSockets



Pros/cons

  • Self-hosting is complicated so companies are taking it away (also not as lucrative for the companies)
  • What happens if you are offline?
    • Adobe was offline in 2014 and people were locked out (how does this work?)
    • What happens when your apps are just web frontends?
  • Will all the IT people be unemployed? Not Brendan!

Antivirus?

  • Web browsers check every page to make sure it is not malicious?
  • You could put the management consoles in the cloud
  • You could have clients send everything up to the cloud to be scanned


User Training/Adoptions

  • Do corporations just do this to minimize training costs?
    • You have to train people
    • But what happens when there is a breach?
  • How to we improve training and workplace culture?
    • Go to management?
    • Sheet of instructions that staff don't read
    • Monthly staff meetings
  • What about intentionally baiting users?
    • Report to your users
    • Go to your users individually and educate them?
    • Reduce user rights?
    • Publicize the people who have done bad things
    • Use peer pressure?
  • Passwords
    • Shamir's Secret Sharing System : Multiple people each need to put a password in to unlock things. http://point-at-infin...
    • Brendan does not allow people to set their own passwords. He gives passwords to people.
    • Is it worth running hashcat or john the ripper on passwords?
  • Why do users keep sending attachments by email?
    • People have inertia for new things
    • It is harder to put files in shared storage than to email attachments
    • Sharepoint puts links to files instead of attaching them (for internal emails) (and so does GroupWise document management)
  • "Permissions" for cloud resources are hard for users to understand
    • Things that are "public" can be public to the world, not just the organization

(Go to NPSA Past Events)