customer-service

May 15, 2013

Secure Quorum: Tech Partner Spotlight

We invite each of our featured SoftLayer Tech Marketplace Partners to contribute a guest post to the SoftLayer Blog, and this week, we’re happy to welcome Gerard Ibarra from Secure Quorum. Secure Quorum is an easy-to-use emergency notification system and crisis management system that resides in the cloud.

Are You Prepared for an Emergency?

Every company's management team faces the challenge of having too many things going on with not enough time in the day. It's difficult to get everything done, so when push comes to shove, particular projects and issues need to be prioritized to be completed. What do we have to do today that can't be put off to tomorrow? Often, a businesses fall into a reactionary rut where they are constantly "putting out the fires" first, and while it's vital for a business to put out those fires (literal or metaphorical), that approach makes it difficult to proactively prepare for those kinds of issues to streamline the process of resolving them. Secure Quorum was created to provide a simple, secure medium to deal with emergencies and incidents.

What we noticed was that businesses didn't often consider planning for emergencies as part of their operations. The emergencies I'm talking about thankfully don't happen often, but fires, accidents, power outages, workplace violence and denial of service attacks can severely impact the bottom line if they aren't addressed quickly ... They can make or break you. Are you prepared?

Every second that we fail to make informed and logical decisions during an emergency is time lost in taking action. Take these facts for a little perspective:

  • "Property destruction and business disruption due to disasters now rival warfare in terms of loss." (University Corporation for Atmospheric Research)
  • More than 10,000 severe thunderstorms, 2,500 floods, 1,000 tornadoes and 10 hurricanes affect the United States each year. On average, 500 people die yearly because of severe weather and floods. (National Weather News 2005)
  • The cost of natural disasters is rising. During the past two decades, natural disaster damage costs have exceeded the $500 billion mark. Only 17 percent of that figure was covered by insurance. (Dennis S. Mileti, Disasters by Design)
  • Losses as a result of global disasters continue to increase on average every year, with an estimated $360 billion USD lost in 2011. (Centre for Research in the Epidemiology of Disasters)
  • Natural disasters, power outages, IT failures and human error are common causes of disruptions to internal and external communications. They "can cause downtime and have a significant negative impact on employee productivity, customer retention, and the confidence of vendors, partners, and customers." (Debra Chin, Palmer Research, May 2011)

These kinds of "emergencies" are not going away, but because specific emergencies are difficult (if not impossible) to predict, it's not obvious how to deal with them. How do we reduce risk for our employees, vendors, customers and our business? The two best answers to that question are to have a business continuity plan (BCP) and to have a way to communicate and collaborate in the midst of an emergency.

Start with a BCP. A BCP is a strategic plan to help identify and mitigate risk. Investopedia gives a great explanation:

The creation of a strategy through the recognition of threats and risks facing a company, with an eye to ensure that personnel and assets are protected and able to function in the event of a disaster. Business continuity planning (BCP) involves defining potential risks, determining how those risks will affect operations, implementing safeguards and procedures designed to mitigate those risks, testing those procedures to ensure that they work, and periodically reviewing the process to make sure that it is up to date.

Make sure you understand the basics of a BCP, and look for cues from organizations like FEMA for examples of how to approach emergency situations: http://www.ready.gov/business-continuity-planning-suite.

Once you have a basic BCP in place, it's important to be able to execute it when necessary ... That's where an emergency communication and collaboration solution comes into play. You need to streamline how you communicate when an emergency occurs, and if you're relying on a manual process like a phone tree to spread the word and contact key stakeholders in the midst of an incident, you're wasting time that could better be spent focusing to the issue at hand. An emergency communication solution automates that process quickly and logically.

When you create a BCP, you consider which people in your organization are key to responding to specific types of emergencies, and if anything ever happens, you want to get all of those people together. An emergency communication system will collect the relevant information, send it to the relevant people in your organization and seamlessly bridge them into a secured conference call. What would take minutes to complete now takes seconds, and when it comes to responding to these kinds of issues, seconds count. With everyone on a secure call, decisions can be made quickly and recorded to inform employees and stakeholders of what occurred and what the next steps are.

Plan for emergencies and hope that you never have to use that plan. Think about preparing for emergencies strategically, and it could make all the difference in the world. Secure Quorum is a platform that makes it easy to communicate and collaborate quickly, reliably and securely in those high-stress situations, so if you're interested getting help when it comes to responding to emergencies and incidents, visit our site at SecureQuorum.com and check out the whitepaper we just published with one of our customers: Ease of Use: Make it Part of Your Software Decision.

-Gerard Ibarra, CEO of Secure Quorum

This guest blog series highlights companies in SoftLayer's Technology Partners Marketplace.
These Partners have built their businesses on the SoftLayer Platform, and we're excited for them to tell their stories. New Partners will be added to the Marketplace each month, so stay tuned for many more come.
May 14, 2013

Interop 2013 - SoftLayer + Supermicro Server Challenge II

The SoftLayer team visited Las Vegas for Interop 2013, and attendees from around the world stopped by our booth to take on the infamous Server Challenge II. The challenge was completed more than two hundred and fifty times with an average time of 1:31.34.

The Server Challenge II "Hall of Fame" was particularly competitive at Interop 2013. Only 8 seconds separated our first place finisher from tenth place:

Interop Server Challenge

Jim Chrapowicz recorded the competition-winning time of 58.40 seconds (after a 5-second penalty for not closing one of the latches), edging out the second place time by a razor-thin margin of less than two tenths of a second. For his Server Challenge II heroics, Jim is being rewarded with the MacBook Air grand prize, and everyone who made the top ten list will be receiving $25 iTunes gift cards. Here's video of the winning completion:

Take a look at some of the other action from the show floor:

Interop Server Challenge

Interop Server Challenge

Interop Server Challenge

Interop Server Challenge

About the Server Challenge II

The Server Challenge II is a race to reassemble a scaled-down version of a SoftLayer server rack. Participants are tasked with repopulating the drive bays of two 2U Supermicro servers and plugging 18 network cables into network switches. The competition provides conference attendees with a fun opportunity to get hands-on with the servers and network gear that fuel SoftLayer's global cloud infrastructure platform. For more information about the Server Challenge II, check out "Server Challenge II: How SoftLayer Saves the World."

About SoftLayer

SoftLayer operates a global cloud infrastructure platform built for Internet scale. Spanning 13 data centers in the United States, Asia and Europe and a global footprint of network points of presence, SoftLayer's modular architecture provides unparalleled performance and control, with a full-featured API and sophisticated automation controlling a flexible unified platform that seamlessly spans physical and virtual devices, and a global network for secure, low-latency communications. With 100,000 devices under management, SoftLayer is the largest privately held Infrastructure-as-a-Service (IaaS) provider in the world with a portfolio of leading-edge customers from Web startups to global enterprises. For more information, visit softlayer.com.

About Supermicro

Supermicro, the leading innovator in high-performance, high-efficiency server technology is a premier provider of advanced server Building Block Solutions for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and Embedded Systems worldwide. Supermicro is committed to protecting the environment through its "We Keep IT Green" initiative and provides customers with the most energy-efficient, environmentally-friendly solutions available on the market. For more information, visit supermicro.com.

May 10, 2013

Understanding and Implementing Coding Standards

Coding standards provide a consistent framework for development within a project and across projects in an organization. A dozen programmers can complete a simple project in a dozen different ways by using unique coding methodologies and styles, so I like to think of coding standards as the "rules of the road" for developers.

When you're driving in a car, traffic is controlled by "standards" such as lanes, stoplights, yield signs and laws that set expectations around how you should drive. When you take a road trip to a different state, the stoplights might be hung horizontally instead of vertically or you'll see subtle variations in signage, but because you're familiar with the rules of the road, you're comfortable with the mechanics of driving in this new place. Coding standards help control development traffic and provide the consistency programmers need to work comfortably with a team across projects. The problem with allowing developers to apply their own unique coding styles to a project is the same as allowing drivers to drive as they wish ... Confusion about lane usage, safe passage through intersections and speed would result in collisions and bottlenecks.

Coding standards often seem restrictive or laborious when a development team starts considering their adoption, but they don't have to be ... They can be implemented methodically to improve the team's efficiency and consistency over time, and they can be as simple as establishing that all instantiations of an object must be referenced with a variable name that begins with a capital letter:

$User = new User();

While that example may seem overly simplistic, it actually makes life a lot easier for all of the developers on a given project. Regardless of who created that variable, every other developer can see the difference between a variable that holds data and one that are instantiates an object. Think about the shapes of signs you encounter while driving ... You know what a stop sign looks like without reading the word "STOP" on it, so when you see a red octagon (in the United States, at least), you know what to do when you approach it in your car. Seeing a capitalized variable name would tell us about its function.

The example I gave of capitalizing instantiated objects is just an example. When it comes to coding standards, the most effective rules your team can incorporate are the ones that make the most sense to you. While there are a few best practices in terms of formatting and commenting in code, the most important characteristics of coding standards for a given team is consistency and clarity.

So how do you go about creating a coding standard? Most developers dislike doing unnecessary work, so the easiest way to create a coding standard is to use an already-existing one. Take a look at any libraries or frameworks you are using in your current project. Do they use any coding standards? Are those coding standards something you can live with or use as a starting point? You are free to make any changes to it you wish in order to best facilitate your team's needs, and you can even set how strict specific coding standards must be adhered to. Take for example left-hand comparisons:

if ( $a == 12 ) {} // right-hand comparison
if ( 12 == $a ) {} // left-hand comparison

Both of these statements are valid but one may be preferred over the other. Consider the following statements:

if ( $a = 12 ) {} // supposed to be a right-hand comparison but is now an assignment
if ( 12 = $a ) {} // supposed to be a left-hand comparison but is now an assignment

The first statement will now evaluate to true due to $a being assigned the value of 12 which will then cause the code within the if-statement to execute (which is not the desired result). The second statement will cause an error, therefore making it obvious a mistake in the code has occurred. Because our team couldn't come to a consensus, we decided to allow both of these standards ... Either of these two formats are acceptable and they'll both pass code review, but they are the only two acceptable variants. Code that deviates from those two formats would fail code review and would not be allowed in the code base.

Coding standards play an important role in efficient development of a project when you have several programmers working on the same code. By adopting coding standards and following them, you'll avoid a free-for-all in your code base, and you'll be able to look at every line of code and know more about what that line is telling you than what the literal code is telling you ... just like seeing a red octagon posted on the side of the road at an intersection.

-@SoftLayerDevs

May 7, 2013

Tips from the Abuse Department: DMCA Takedown Notices

If you are in the web hosting business or you provide users with access to store content on your servers, chances are that you're familiar with the Digital Millennium Copyright Act (DMCA). If you aren't familiar with it, you certainly should be. All it takes is one client plagiarizing an article or using a filesharing program unscrupulously, and you could find yourself the recipient of a scary DMCA notice from a copyright holder. We've talked before about how to file a DMCA complaint with SoftLayer, but we haven't talked in detail about SoftLayer's role in processing DMCA complaints or what you should do if you find yourself on the receiving end of a copyright infringement notification.

The most important thing to understand when it comes to the way the abuse team handles DMCA complaints is that our procedures aren't just SoftLayer policy — they are the law. Our role in processing copyright complaints is essentially that of a middleman. In order to protect our Safe Harbor status under the Online Copyright Infringement Liability Limitation Act (OCILLA), we must enforce any complaint that meets the legal requirements of a takedown notice. That DMCA complaint must contain specific elements and be properly formatted in order to be considered valid.

Responding to a DMCA Complaint

When we receive a complaint that meets the legal requirements of a DMCA takedown notice, we must relay the complaint to our direct customer and enforce a deadline for removal of the violating material. We are obligated to remove access to infringing content when we are notified about it, and we aren't able to make a determination about the validity of a claim beyond confirming that all DMCA requirements are met.

The law states that SoftLayer must act expeditiously, so if you receive notification of a DMCA complaint, it's important that you acknowledge the ticket that the abuse department opened on your account and let us know your intended course of action. Sometimes that action is as simple as removing an infringing URL. Sometimes you may need to contact your client and instruct them to take the material down. Whatever the case may be, it's important to be responsive and to expressly confirm when you have complied and removed the material. Failure to acknowledge an abuse ticket can result in disconnection of service, and in the case of copyright infringement, SoftLayer has a legal obligation to remove access to the material or we face serious liability.

DMCA Counter Notifications

Most DMCA complaints are resolved without issue, but what happens if you disagree with the complaint? What if you own the material and a disgruntled former business partner is trying to get revenge? What if you wrote the content and the complaining party is copying your website? Thankfully there are penalties for filing a false DMCA complaint, but you also have recourse in the form of a counter notification. Keep in mind that while it may be tempting to plead your case to the abuse department, our role is not to play judge or jury but to allow the process to work as it was designed.

In some cases, you may be able to work out a resolution with the complaining party directly (misunderstandings happen, licenses lapse, etc.) and have them send a retraction, but most of the time your best course of action is to submit a counter notification.

Just as a takedown notice must be crafted in a specific way, counter notifications have their own set of requirements. Once you have disabled the material identified in the original complaint, we can provide your valid, properly formatted counter notification to the complaining party. Unless we receive a court order from the complaining party within the legally mandated time frame the material can be re-enabled and the case is closed for the time being.

While it might sound complicated, it's actually pretty straightforward, but we urge you to do your research and make sure you know what to do in the event a client of yours is hit with a DMCA takedown notice. Just as we are unable to make judgment calls when it comes to takedown notices or counter notifications, we are also unable to offer any legal advice for you if you need help. Hopefully this post cleared up a few questions and misconceptions about how the abuse department handles copyright complaints. In short:

Do take DMCA notifications seriously. You are at risk for service interruption and possible legal liability.
Do respond to the abuse department letting them know the material has been disabled and, if applicable, if you plan to file a counter notification.
Don't refuse to disable the material. Even if you believe the claim is false and you wish to file a counter notification, the material must be disabled within the time period allotted by the abuse department or we have to block access to it.
Don't expect the abuse department to take sides.

As with any abuse issue, communication and responsiveness is important. Disconnecting your server is a last resort, but we have ethical and legal obligations to uphold. The DMCA process certainly has its weaknesses and it leaves a bit to be desired, but at the end of the day, it's the law, and we have to operate inside of our legal obligation to it.

-Jennifer

May 2, 2013

Startup Series: wind2share

I'm amazed by the people who work at the startups that work with Catalyst. If you could somehow bottle the enthusiasm, creativity and passion that entrepreneurs and startup teams have on a daily basis, you'd have an energy drink worth billions of dollars. It's impossible to describe in a blog, but because I'm surrounded by people with those characteristics, I'd be doing the blog audience a disservice if I didn't try to express what I've experienced first-hand. Instead of trying to generalize, a better approach would be to give you an example of what I'm talking about, and for that, I just need to turn the spotlight on wind2share.

I first met the wind2share team at TechCrunch SF in the fall of 2012, and I was immediately taken aback by their energy and the genuine kindness they exuded as people. At the time, the team had been slowly making the transition of having employees work in three different cities on two different continents, but it was clear that they shared a unified willingness to work hard and create a meaningful solution for their clients. As my boy Iggy Pop said, they had a "lust for life" that is as magnetic as it is uncommon. And if that weren't enough, their vision for wind2share is innovative and intriguing:

wind2share is a social business network specially designed for people to make referrals to leading institutions and companies and receive cash rewards based on successful referrals. Businesses seeking to enter new markets can lean on hundreds of ambassadors worldwide to offer their services to new audiences, and expand their client base in new markets.

Since I met them, they've made incremental improvements in their user experience, incorporating Facebook and Google+ accounts to streamline signups and launching a new site design to clearly and succinctly convey the business model and the platform's features.

After a successful pilot run in 2012 which generated more than $1.7 million in revenue, wind2share is strategically ramping up their marketing efforts to continue the viral growth of their disruptive referral model. Given how easy they make the process of connecting and interacting with businesses and top-level professionals around thew world, it's not a surprise that the startup has been so successful, and I have no doubt that their success will continue.

The beauty of the network wind2share created is the diversity of its functionality. Your social network trusts you, and your referrals are valuable, so wind2share provides a medium for businesses to reward you when you recommend them. Beyond that use-case, if you're an entrepreneur or you have an idea, you can connect with investors who share your interest and may be of some help. The way I think of it is that it's a social community with a business purpose. Members are provided with all the information, tools and resources they need to "Make a Wealth of Referrals."

Companies like wind2share are a glowing successes in our Catalyst. Our team has solved numerous infrastructure challenges for them, and we've had the opportunity to make strategic introductions to investors, business leads and potential business partners as the company has grown and matured. Seeing the work pay off in such a positive way with wind2share is proof positive of the value Catalyst provides startups.

To learn more about wind2share or to sign up, head over to wind2share.com. If you'd like to meet the fantastic team of brilliant folks behind the platform, reach out to me directly and I'll happily start the conversation for you.

-@JoshuaKrammes

April 30, 2013

Big Data at SoftLayer: Riak

Big data is only getting bigger. Late last year, SoftLayer teamed up with 10Gen to launch a high-performance MongoDB solution, and since then, many of our customers have been clamoring for us to support other big data platforms in the same way. By automating the provisioning process of a complex big data environment on bare metal infrastructure, we made life a lot easier for developers who demanded performance and on-demand scalability for their big data applications, and it's clear that our simple formula produced amazing results. As Marc mentioned when he started breaking down big data database models, document-oriented databases like MongoDB are phenomenal for certain use-cases, and in other situations, a key-value store might be a better fit. With that in mind, we called up our friends at Basho and started building a high-performance architecture specifically for Riak ... And I'm excited to announce that we're launching it today!

Riak is an open source, distributed database platform based on the principles enumerated in the DynamoDB paper. It uses a simple key/value model for object storage, and it was architected for high availability, fault tolerance, operational simplicity and scalability. A Riak cluster is composed of multiple nodes that are all connected, all communicating and sharing data automatically. If one node were to fail, the other nodes would automatically share the data that the failed node was storing and processing until the node is back up and running or a new node is added. See the diagram below for a simple illustration of how adding a node to a cluster works within Riak.

Riak Nodes

We will support both the open source and the Enterprise versions of Riak. The open source version is a great place to start. It has all of the database functionality of Riak Enterprise, but it is limited to a single cluster. The Enterprise version supports replication between clusters across data centers, giving you lots of architectural options. You can use replication to build highly available, live-live failover applications. You can also use it to distribute your application's data across regions, giving you a global platform that you can update anywhere in the world and know that those modifications will be available anywhere else. Riak Enterprise customers also receive 24×7 coverage, both from SoftLayer and Basho. This includes SoftLayer's one-hour guaranteed response for Severity 1 hardware issues and unlimited support available via our secure web portal, email and phone.

The business use-case for this flexibility is that if you need to scale up or down, nodes can be easily added or taken down as your requirements change. You can opt for a single-data center environment with a few nodes or you can broaden your architecture to a multi-data center deployment with a 40-node cluster. While these capabilities are inherent in Riak, they can be complicated to build and configure, so we spent countless hours working with Basho to streamline Riak deployment on the SoftLayer platform. The fruit of that labor can be found in our Riak Solution Designer:

Riak Solution Designer

The server configurations and packages in the Riak Solution Designer have been selected to deliver the performance, availability and stability that our customers expect from their bare metal and virtual cloud infrastructure at SoftLayer. With a few quick clicks, you can order a fully configured Riak environment, and it'll be provisioned and online for you in two to four hours. And everything you order is on a month-to-month contract.

Thanks to the hard work done by the SoftLayer development group and Basho's team, we're proud to be the first in the marketplace to offer a turn-key Riak solution on bare metal infrastructure. You don't need to sacrifice performance and agility for simplicity.

For more information, visit SoftLayer.com/Riak or contact our sales team.

-Duke

April 29, 2013

Web Development - Installing mod_security with OWASP

You want to secure your web application, but you don't know where to start. A number of open-source resources and modules exist, but that variety is more intimidating than it is liberating. If you're going to take the time to implement application security, you don't want to put your eggs in the wrong basket, so you wind up suffering from analysis paralysis as you compare all of the options. You want a powerful, flexible security solution that isn't overly complex, so to save you the headache of making the decision, I'll make it for you: Start with mod_security and OWASP.

ModSecurity (mod_security) is an open-source Apache module that acts as a web application firewall. It is used to help protect your server (and websites) from several methods of attack, most common being brute force. You can think of mod_security as an invisible layer that separates users and the content on your server, quietly monitoring HTTP traffic and other interactions. It's easy to understand and simple to implement.

The challenge is that without some advanced configuration, mod_security isn't very functional, and that advanced configuration can get complex pretty quickly. You need to determine and set additional rules so that mod_security knows how to respond when approached with a potential threat. That's where Open Web Application Security Project (OWASP) comes in. You can think of the OWASP as an enhanced core ruleset that the mod_security module will follow to prevent attacks on your server.

The process of getting started with mod_security and OWASP might seem like a lot of work, but it's actually quite simple. Let's look at the installation and configuration process in a CentOS environment. First, we want to install the dependencies that mod_security needs:

## Install the GCC compiler and mod_security dependencies ##
$ sudo yum install gcc make
$ sudo yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel

Now that we have the dependencies in place, let's install mod_security. Unfortunately, there is no yum for mod_security because it is not a maintained package, so you'll have to install it directly from the source:

## Get mod_security from its source ##
$ cd /usr/src
$ git clone https://github.com/SpiderLabs/ModSecurity.git

Now that we have mod_security on our server, we'll install it:

## Install mod_security ##
$ cd ModSecurity
$ ./configure
$ make install

And we'll copy over the default mod_security configuration file into the necessary Apache directory:

## Copy configuration file ##
$ cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf

We've got mod_security installed now, so we need to tell Apache about it ... It's no use having mod_security installed if our server doesn't know it's supposed to be using it:

## Apache configuration for mod_security ##
$ vi /etc/httpd/conf/httpd.conf

We'll need to load our Apache config file to include our dependencies (BEFORE the mod_security module) and the mod_security file module itself:

## Load dependencies ##
LoadFile /usr/lib/libxml2.so
LoadFile /usr/lib/liblua5.1.so
## Load mod_security ##
LoadModule security2_module modules/mod_security2.so

We'll save our configuration changes and restart Apache:

## Restart Apache! ##
$ sudo /etc/init.d/httpd restart

As I mentioned at the top of this post, our installation of mod_security is good, but we want to enhance our ruleset with the help of OWASP. If you've made it this far, you won't have a problem following a similar process to install OWASP:

## OWASP ##
$ cd /etc/httpd/
$ git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git
$ mv owasp-modsecurity-crs modsecurity-crs

Just like with mod_security, we'll set up our configuration file:

## OWASP configuration file ##
$ cd modsecurity-crs
$ cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf

Now we have mod_security and the OWASP core ruleset ready to go! The last step we need to take is to update the Apache config file to set up our basic ruleset:

## Apache configuration ##
$ vi /etc/httpd/conf/httpd.conf

We'll add an IfModule and point it to our new OWASP rule set at the end of the file:

<IfModule security2_module>
    Include modsecurity-crs/modsecurity_crs_10_config.conf
    Include modsecurity-crs/base_rules/*.conf
</IfModule>

And to complete the installation, we save the config file and restart Apache:

## Restart Apache! ##
$ sudo /etc/init.d/httpd restart

And we've got mod_security installed with the OWASP core ruleset! With this default installation, we're leveraging the rules the OWASP open source community has come up with, and we have the flexibility to tweak and enhance those rules as our needs dictate. If you have any questions about this installation or you have any other technical blog topics you'd like to hear from us about, please let us know!

-Cassandra

April 26, 2013

Catalyst at SXSW 2013: The Startups Speak

SoftLayer listens to customers. There's no marketing spin or fluff on that statement ... I'm a former client, so I can attest to that from a customer perspective and from an internal perspective. When I joined the company as part of the community development team to work with startups in Catalyst, I knew my role was going to be more relationship-based than project-oriented, and that was one of the most exciting aspects of the job for me.

In my last blog about mentorship and meaningfulness, you heard from George Karidis and Paul Ford about the vision to make Catalyst a part of the startup ecosystem, committing to helping participating teams with more than just their hosting needs. While we attended SXSW Interactive, I ran into a few of our phenomenal customers and had the opportunity to sit down with them and talk about their businesses, their connection to SoftLayer and what the future holds:

Over the next few weeks, we'll add video interviews to that YouTube playlist to show off all of the startups that stopped by the Catalyst Startup Lounge at SXSW 2013. When a new video is published, it'll be added to the embedded playlist above, and we'll send some social media shout-outs via Twitter and Facebook.

With SoftLayer's 7th birthday coming up on May 5, we still feel like a startup, and a lot of that has to do with how closely we work with our customers ... Their energy is contagious, and it only encourages us to keep innovating and building our platform for the future. That's why entrepreneurs like the ones you meet in these videos choose SoftLayer. The fact that we have better technology and provide a more powerful cloud infrastructure winds up being a fringe benefit.

A big "Thanks!" goes out to the folks from Epic Playground, Flowmio, Medved, Urbane, YouNoodle, KeenIO, Cloudability and Preferred Return for taking time out of their busy SXSW schedules to chat with me. We love you guys!

-@JoshuaKrammes

April 23, 2013

Server Challenge II: How SoftLayer Saves the World

SoftLayer made our way to San Francisco for another great year of digital marketing fun at ad:tech. This event is always a blast because it allows us trade show roadies to change up our usual dialogue and talk about SoftLayer in a unique way ... Instead of fielding technical questions about our platform, we get to talk about our cloud hosting solutions from a "big picture" perspective. This year, the bridge between those "big picture" discussions and the hardware and technical side of our business was the Server Challenge II.

This isn't the first time the advertising-focused crowd at ad:tech has seen the Server Challenge, but with the competition's new retro arcade game design, it was much more of a focal point this year than it has been in years past ... And it didn't hurt that we were in an awesome location right at the entrance of the expo floor:

Server Challenge II - ad:tech

Given the fact that most people who stopped at our booth were drawn to us as part of a crowd around the Server Challenge, the first question we heard was subtly different than the "What does SoftLayer do?" question we're used to answering at ad:tech. This year, most of my conversations started with an attendee asking, "What in the world does this game have to do with SoftLayer?" Luckily, the graphic on the front of the Server Challenge with three simple objectives provides a great outline for the competition's relevance to our business:

  1. Load the Data
  2. Connect the Network
  3. Save the World

1. Load the Data

Game Application: Insert all 24 of the drive trays into the drive bays of two Supermicro servers.
SoftLayer Significance: We have more than 100,000 Supermicro servers in our 13 data centers around the world. When you walk into one of our facilities in Dallas, Houston, Seattle, Washington, D.C., San Jose, Amsterdam or Singapore, you'll see racks filled with servers just like the ones in the Server Challenge II, and those servers are loaded up with the hard drives you choose when you order from us.

2. Connect the Network

Game Application: Connect the 18 network cables into the three network switches.
SoftLayer Significance: The three different colors of network cables are the same colors you'll see in our data centers. The red cables carry public network traffic, the blue cables carry private network traffic, and the green cables carry out-of-band management network traffic. This is a huge differentiator for SoftLayer because those three physical networks allow for much greater flexibility for our customers. While the public network is serving public traffic to your websites, games and apps, you could be running an off-site backup of your database over the private network (where you don't incur bandwidth charges), and you can manage your server over SSL, PPTP and IPSEC connections via the out-of-band management network carried by the green cables.

3. Save the World

Game Application: Win a MacBook Air!
SoftLayer Significance: SoftLayer provides the flexible, scalable platform on which you can build your application, run your game or push an advertising campaign. The fact that all of our servers are racked, networked and ready for your order means that we're ready to "Save the World" for you by provisioning on-demand bare metal cloud servers and virtual cloud computing instances.

At least four or five times per show, I hear attendees talking about how the Server Challenge is the most fun game at the conference (even at GDC ... where the entire expo hall is filled with gaming companies). While it draws crowds for being fun, the best part of the competition is that it helps us tell our story and creates memories at the same time. When Server Challenge competitors hear that their companies need a new server, they're going to have a flashback to stepping up to a SoftLayer server rack and learning what makes SoftLayer the best choice as a cloud hosting provider. With the crowds we see at every show, that means we've got a lot of future customers:

Server Challenge II - ad:tech

Thanks to all of the ad:tech attendees who took on the Server Challenge II this year. The show actually had one of the most dramatic conclusions of any we've ever had before! Yuki Matsumoto broke the one-minute mark early on Day 2 of the expo with his first attempt of the day, and John Li managed to squeak by him with a time of 0:58.05 less than five minutes before the show floor closed:

Yuki had one shot at redemption as the last competitor of the show, but he wasn't able to beat John's 58-second completion, so the MacBook Air went to John Li! Keep practicing your server-building skills and come look for SoftLayer (and the Server Challenge) in an expo hall near you!

-Summer

April 22, 2013

Going Global: How to Approach Expansion into Asia

Asia is an amazing place for business, but companies from outside the region often consider it mysterious and prohibitive. I find myself discussing Asian business customs and practices with business owners from other regions on an almost daily basis, so I feel like I've become an informal resource when it comes to helping SoftLayer customers better understand and enter the Asian markets. As the general manager for SoftLayer's APAC operations, I thought I'd share a few thoughts about what companies outside of Asia should consider when approaching new business in the region.

Before we get too far into the weeds, it's important to take a step back and understand the Asian culture and how it differs from the business cultures in the West. The Asian market is much more relational than the market in the United States or Europe; significant value is placed on the time you spend in the region building new networks and interacting with other your prospective customers and suppliers. Even for small purchases, businesses in Asia are much more comfortable with face-to-face agreements than they are with phone calls or emails. Many of the executives I speak to about entering Asia argue they don't have time to spend weeks and months in the region, and they make whistle-stop trips in various countries to get a snapshot of what they need to know to make informed decisions. Their businesses often fail at breaching the market because they don't invest the time and resources they need to create the relationships required to succeed. Books, blogs (even this one), consultants and occasional visits aren't nearly as important to your success as investing yourself in the culture. Even if you can't physically travel to your target market for some reason, find ways to plug into the community online and become a resource.

Asia is not homogenous. There are 20 distinct countries and cultures, dozens of languages and hundreds of dialects. There are distinct legal systems, currencies, regulatory frameworks and cultural norms. From a business perspective, that means that what you do to appeal to an audience in Singapore won't be as effective for an audience in Japan ... This is not the United States of Asia nor is there an Asian Union. Having partners in Hong Kong does not get you into China; if you want to access markets in China, you need to build relationships with partners and customers in China. One of the biggest reasons for this in-country presence to understand and avoid a "death by a thousand cuts" situation where minor, seemingly insignificant questions and problems cumulatively prevent a business from successfully entering the market. Take these questions from customers as an example:

  • When I buy from your office in Bangkok, where is the contract jurisdiction?
  • I'm in Hong Kong. Can I pay in Hong Kong Dollars? Who takes the currency risk?
  • Corporate credit cards aren't common in Vietnam. Can I pay for my online purchase in cash?
  • If I sign up for a webinar, is it at a time convenient for me (i.e. repeated for other time zones), or do I have to be at my PC at 3am?
  • If you invite me to a meeting on 12/4, is that April 12th, or December 4th?
  • When I print whitepapers from your website, do I need to resize to a different paper size?

The way you handle currencies, time zones and how you present information are barometers of how approachable your business is for users and businesses in a particular market. Most users won't reach out to you to ask those kinds of questions; they'll just move on to a competitor who answers their questions without them asking. You learn about these sticking points by having people on the ground and talking to potential customers and partners. Since globalization is "flattening" the World Wide Web, the mechanics of hosting a site, application or game in a data center in Singapore are identical to hosting the same content in Dallas. It's easy to make your data locally available and have infrastructure available in your target market, but that's only a start. You need to approach Asian countries as unique opportunities to redefine your business in a way that fits the culture of your potential customers and partners.

In my next blog, I plan to share a few best practices about management, responsiveness and responsibility, positioning, operations and marketing in Asia. These posts are intended to get you thinking about how your business can approach expanding into Asia smartly, and if you have any questions or want any advice about your business in particular, please feel free to email me directly: dwebb@softlayer.com.

-@darylwebb

Pages

Subscribe to customer-service