Tag Archives: server

The Effect Of The PRISM Revelations On Cloud Based Providers

One the 6th of June this year, we woke up to the revelation of PRISM. PRISM was a program from the National Security Agency that was designed to collect the search history, email, file transfers and live chats from any online user in our country. They did this by logging in to our local servers. The revelations even showed how long various companies had been involve in PRISM, with Microsoft being the very first. They started to join in 2007, despite always advertising with “your security is our priority”. Apple was the last to join in 2012.

The revelations told us more. The Verizon network, which is the biggest telecommunication network in our country, received an order from the government to allow full access to the call records of their customers. This took place for three months between April and July of 2013. This information has been confirmed, and it turns out that it was actually a recurring request. The first time it took place was in 2005. And to top it off, Facebook had leaked the details of some six million of its users.

A Storm of Controversy

It will come as no surprise that these leaks caused a huge amount of controversy. The Obama administration was clearly involved in significant covert surveillance operations on its own people. Various technology companies denied that they had complied with requests, trying to save face (as well as money and customers). Google immediately said that they really care about their customers’ security. They stated that if they ever gave information to the government, they did so because the law told them to, and only after careful examination of the request. The vehemently denied that the government has “back door access” to Google.

The Consequences

These types of revelations were never going to go unnoticed, of course. As a result, people no longer trust their online providers, least of all those in our own country. Public providers have come under tremendous scrutiny and there is a demand for providers who will always protect their intellectual properties and digital assets. Solutions that are offered here are no longer protected by anything, and people simply do not want to put any kind of information online, and particularly not on the cloud, because they fear the government will immediately access it and read it.

The result is that cloud firms are already starting to lose out on loads of dollars, because people are moving away towards servers that are based in other countries with better privacy laws. Both Google and Amazon have noticed a drop in customers already and private clouds have seen an influx in customers. Private clouds are able to give that security that the data customers leave is completely safe and private. With a private cloud, the server is actually on site, or it is leased from a data center, where the provider has actual, physical access. The result is that if a company states they will not sell their data to the government, or even allow it access, then a customer is as certain as they will ever be that this will not happen. Unsurprisingly, cloud servers in Switzerland, a country known to have the strictest secrecy laws in place, are becoming more and more popular.

People all over the globe are becoming increasingly concerned, because customers no longer trust their government to allow them privacy. In fact, they feel we now live in an Orwellian society where Big Brother is watching our every move. However, because the internet has no borders as such, people are able to look for private, managed and hybrid solutions instead. Businesses and private individuals alike want to have control over how their data is governed and they are able to do this by simply going to companies that offer cloud storage abroad, or through privately owner companies.

The PRISM saga is long from over. Edward Snowden, who revealed all, is still stuck in Russia waiting to be given asylum somewhere. In fact, various countries have agreed to grant him asylum, but the government continues to use their PRISM program to find out which plane Snowden is likely to be in, forcing the plane if it flies through airspace of a country with an allegiance to our country. It is interesting to see that damage control for the government is not about placating its citizens, but rather about locking up the guy who told the truth. At the same time, this makes all of us even more uneasy about the security of our data locally and we are moving our data away faster than the speed of light.

Creating a Cloud Shared Drive

Virtual Server is offered free via HyperV from MS Servers, while VMware will cost.  Using a virtual server is identical to the setup of a physical server, with the exception the you first create the virtual server 2008 64bit etc., and allocate sufficient memory.  We recommend 8 or more GIG ram. You will need a Static IP for the virtual server.  This Virtual server becomes the dedicated computer or server to stay on and be the “Main” server for virtual connections.  By creating the static IP for the device (192.168.xx.xx) you can then connect via the end user application or IOS app into the virtual server.   Firewall settings can be made to forward certain ports that contain the encrypted usage packets to the correct machine via a PORT FORWARD rule.  If you don’t want to enable outside connections, simply do not create a firewall rule (one to one NAT or forward), and enjoy the connect from anywhere within a LAN convenience from any device via a direct 192.168.xx.xx path.

Network setup is simple once you have found a powerful computer or server with Tons of RAM.  A software designed for windows (best on 64 bit) will be sufficient.  The software will always listen for connections, then respond, ask for authentication, and begin the process the user requests for applications, data and more.

For Networking, there are some general practices that you will need.

  1.  Load the software on your virtual server by visiting _____________ if you do not already have it.
  2.  Determine what applications are needed (office, word, etc), find file shares required across company (shared drives) and where they reside.
  3.  In the setup options configure to allow users to copy / paste, remote print and timeouts for disconnected sessions.
  4.  Load end user applications on MAC and Windows machines, or IOS apps.

To Purchase software, you will need to visit ___________  and select the appropriate amount of concurrent user licenses.

Determining which applications that can be used is one of the most important but commonly overlooked decisions in virtualization.  Only about 5 programs are generally needed or used.  By Virtualizing, you can actually increase your security by allowing through the virtual only the applications you want the organization to use.

Shared files and enforcement of AD or other folder / file security is then offered once purchased, allowing some users access to certain shares while others cannot.  Making a quick list of who can access what prior to installing the software can help speed up the installation and ensure compliance with your policies.

Computer / Server sizing is important and a virtual host uses tremendous amounts of memory to be capable of real-time service to multiple users. It’s a good rule of thumb to allocate 2Gig per user if you want fast performance.  One computer (non – server) can usually host 5 virtual workstations, while beefing up the ram and processer or switching to an 8Gig server 2008 can probably service 12-15 without an issue.

Creation of the users is simple as you can simply create a profile on the Gateway for each user, load their email, files and more.  Some organizations can even have shared drive access elsewhere that is usable by the virtual workstation.  Best practice is to create a “LOCAL” profile on the Gateway PC or Server, and then logon and make sure everything works.  The virtualization will come when someone connects via remote client software, IOS, or other method and be provided with the applications and data you pre-loaded.  A user switching from one device to another is a non-issue as the gateway has all the information and nothing is saved on the connecting device.

Printing can become a burden if users are offsite so make sure to know if you want to allow home printers to be used before you install and configure the software.