Posts Tagged ‘data’

Our data defines the way we work, the way we relax, the way we play, and the way we live. Few job descriptions can be separated from the data involved. From the nurse who manages patient records to the package deliverer who obtains digital signatures, almost everyone works with data. Likewise, in our personal lives, we store everything from music and movies to photographs and recipes digitally.

Our societally-ingrained reliance on and use of digital data is what makes it so important. And while business data may have an estimable dollar worth, our personal data is often invaluable. A good business lead might be worth thousands of dollars, but a video of a daughter taking her first steps is priceless.

Sadly, such data is being lost every day. It’s been estimated¹ that almost 20 billion dollars of business data is lost yearly. It’s hard to imagine how much priceless personal data must also be lost. And even though we in the technical business know to treat hard disk drives as subject to unexpected failure and mobile devices as easily broken, lost, or stolen², many individuals do nothing to prevent or mitigate the loss of their personal data.

Part of the cause for so much lost data is simply a lack of awareness that the risks are so severe. But at times, even many of those of us who know better have simply succumbed to laziness in our backup habits. Backing up can be a time-consuming and tedious process. And though tools have been created to ease the pain of backups³ by substantially automating the process, they often still involve inconvenience and compromise.

With the advent of devices like the iPhone and iPad, our data usage has become even more mobile, and thereby even more susceptible to damage, loss, and theft.

It’s my opinion, however, that what we need in this age of highly mobile, often valuable data isn’t better backups; it’s a change in our data storage paradigm. The problem with backups isn’t that they can’t or don’t work. In fact, they can work well. The problem with backups is that we must be aware of them. We must use them, if not perform them.

Put a different way, backups are a relic of a “device-based” data paradigm. But with the connectivity and security infrastructures in place, it’s time to move to a “cloud-based” data paradigm. This obviously sounds fuller of buzzwords than meaning, but I believe good definitions of “the cloud” to be more concerned with the way we perceive data and computing than with how it’s implemented.

Regardless of implementation, we should be able to think of our data as being tied not to a physical device or object, but to a username and a password. Webmail was one of the earliest implementations of this paradigm, but it had great disadvantages: a user experience tied to a specific set of web technologies, and even more specifically, a lack of offline access. These have, of course, been alleviated for email itself, but what of everything else?

DropBox is a great step in the right direction, providing device-independent directories. But the best and most complete realization of this new paradigm will be subject-specific. Photos, for example, should be synchronized via the cloud and directly to the album applications we’ll want them in on all our computers and devices. Office documents should be synchronized to online editors as well as desktop and mobile office environments.

The list goes on, but the point remains: data should not only be seamlessly and effortlessly synchronized with the cloud, it should be pushed to exactly the contexts where it’s wanted and needed. The technology is all present and the infrastructure exists⁴; all that’s left to do is to stop thinking in terms of device-based data storage, and start taking advantage of the cloud in a way that’s invisible to the user, but will make manual synchronization, the need for traditional backups, and data loss itself a thing of the past.

¹In a study by Dr. David M. Smith
²Or all of the above, if Gizmodo has any interest in your devices
³Such as Apple’s Time Machine application
⁴Now if only there was a company with reliable, cost-effective cloud-services and a ridiculously powerful and flexible API.

How many of you when you were kids were scared to death of the movie The Shining? I know I was. I think it still scares me today. The movie even made a little kid scary; his voice is what pulled it off. I can still get in trouble with my wife for getting our 6 year old to say “redrum” in a scratchy, scary voice.*

What do The Shining and redrum have to do with SoftLayer? We’re all about redrum but only when it comes to destroying left over customer data. What do I mean by destroying customer data you ask?

When you have a server that you spent Capex on and have it in front of you and can touch it and set coffee on it or use it for a plant stand, you know where your data is. When you replace that server or upgrade the hard drive you can then do what most people do with the old one and chunk it in the dumpster or be a little more secure and format the hard drive or even a little more secure and take the drive out and smash it into pieces. Now, that is secure.

So what do you do when you outsource your hardware to a provider like SoftLayer? You put your old data in our hands and we redrum the data and make Jack Nicholson seem like an angel.

It is a little more difficult for us to protect your old data because we are an on-demand provider. When you cancel a server we reuse that server for another customer. You probably don’t want your data in that new customers hands so we have to do a little more than format the drive and we can’t just take it outside and bash it into pieces because then we couldn’t reuse the drive. So we use a little technology to make sure your old data is safe.

When you cancel a server, it sits in limbo for a while just to make sure we can’t change your mind and have you keep it. After the waiting period we erase the data. This is a destructive process, so when you do cancel a server, make sure you have the data you still require somewhere else. Our system uses algorithms developed by the Department of Defense and several independent agencies that are considered military grade as defined by the DOD 5220.22-M (sounds official right?). Utilizing this process residual drive data is destroyed. This process is monitored and logged and we can track the history of any drive. Once complete the drive is ready to be redeployed to a new customer.

I know you are thinking, “That isn’t redrum,” but what do we do with a drive when it is at the end of its productive life? If it’s too small, not fast enough, or dead and out of warranty? We redrum it for sure! We complete the steps above and then send them offsite to get destroyed and then get them back after they are destroyed for tracking and verification of redrum! Yes, we could get them shredded but then we would have no proof they were destroyed. Here is what they look like when they return:

Note the hole in the center.

This is looking down from the “top”.

And last but not least, a view from the bottom. Note the platters are bent and protruding through the board.

*Just in case you haven’t seen The Shining (Spoiler Alert) a small boy in the movie mumbles “redrum” in an eerie voice in the beginning of the movie. He continues to say it more and more and finally he writes it on the bathroom door. When you see it reversed in the bathroom mirror you then understand what he is saying.

-@Skinman454

Security is not a thing to be taken lightly. Think about the information that is stored on your server; think about how many months or years worth of data is stored in your databases. Your account information holds a master key to all of this data on your server. This is the very reason this information is protected so closely by the SoftLayer staff.

All companies work very hard to make sure that their products and services are as easy to use as possible. While on the other hand, security works as hard as possible to, seemingly, make the product or service difficult to use. While it is never our intention to make any service difficult to use, it is our intention to make them secure. This is the very reason why, when we are presented with any questions via phone that are sensitive to the operation of your server or account we ask the inconvenient questions to make sure the person on the other end of the phone line is authorized to make the requested changes to the account or the server.

Up to this point this article has not been as light hearted as I had originally intended, but it’s all about being prepared. The point is, everyone deserves a vacation at some point or another (or believes they do), and according to Murphy’s Law, something will inevitably occur that requires immediate attention. When you’re enjoying that time on the beach, your mind a million miles from bits and bytes, and you miles from anything that can be used to properly manage your server or your account an issue can occur.

While you are out, have you made proper provisions to ensure someone can manage your hardware in your place? Your staff may have the passwords for the servers, IP addresses, and may be able to drop your name; but, I assure you this is not enough information for the SoftLayer support staff to submit a ticket, reboot, or log into your server on your behalf. Have you made sure that in a panic situation someone will be able to provide us with the answers to the security questions on the phone? Are you sure whoever is left in charge has been given the proper permissions in our management portal? Making sure these points have been thoroughly covered prior to your vacation, or even leaving for the day, will help you minimize risk while maximizing your beach vacation.

It’s the holiday season, and that means everyone is getting busier. On top of all the existing responsibilities, millions of people are going shopping for gifts, decorating their houses, and navigating the bad weather. On top of all that, many people take their time off during the holiday season!

With this kind of time crunch, it’s best for your business to lie low until after the new year, right? Not so! With all this buying, selling, and giving going on, there’s a lot of extra retail data to process. Plus, it’s the end of the calendar year, many businesses have to get their finances in order too. ALSO, all these newly purchased electronic devices are soon going to be turned on and hooked up to the Internet, where they will almost surely put a new load on your servers.

Systems and network administrators need to be prepared for this influx of new traffic. Sometimes, this means purchasing new servers. However, it’s inefficient to buy the servers so far in advance when you don’t yet know what you will need. It’s best to wait until you’re sure you will need more servers and how many to order. At another hosting company, that would be a problem. People in our industry take the holidays off, too. Lowering the number of sales people and technicians and raising the number of new server requests would normally result in a disaster.

Luckily, SoftLayer does automatic provisioning. As soon as you order your server, it will be provisioned in two to four hours. Day or night, June 3rd or December 31st, if we have it, you can have control over it in two to four hours.

And therein lies the beauty of the SoftLayer system. You don’t have to wait for US to scale your business. If you need another server, get it. When it’s ready, it will automatically be added to your account’s private network and be available to you. You can even automate your server configuration and setup. Depending on the amount of data you need to transfer to a new server, you can have another server up and running your website less than 5 hours from the time you realized you needed it.

In fact, by using the SoftLayer API (and some clever configuration scripts on your servers) you can do live scaling on your website. Using the API, you can provision new servers exactly like the ones you already have. Once they’re available, a script can mirror the configurations from an existing machine to the new machine. Use the SoftLayer API once more to add the new servers to your load balancer rotation, and you’re in business! All without relying on any humans, even yourself! Treat yourself to some R&R this holiday season, while your website continues to get things done for you.

As an executive at Softlayer, one of the things that I am amazed by is the number of unique and extremely innovative ideas that we see on a daily basis from our customers. We love the fact that these groups understand the value of what we do, while focusing their energy on their core competencies. It’s the perfect relationship for us and one that we try to cultivate and grow continuously.

One of the challenges that we face is sharing information related to the entire breadth of our service offerings in a simple and useful way. Our business model is such that the cycle from first contact to purchase decision tends to be short. Most customers typically come in with a specified set of required services. We often hear comments like “we didn’t know you offered that as well” from customers that come to us with a shopping list and take advantage of the self-service capabilities that we offer. Global load balancing, CDN, and Data Center to Data Center back-up are all examples of products that we have heard get overlooked. It’s a tough balance between over selling and allowing a tech savvy customer work his way through the waters (so to speak).

One of the other challenges that we face here is overcoming the “we don’t need that” syndrome. I look at it practically and associate it with insurance and how it’s never needed, until something occurs that it makes it a must have. In tech terms, I recently read an article on CNNMoney.com “The Tech Catastrophe you’re ignoring” that typifies this “we don’t need that syndrome”. The article encompasses the idea of back-ups for your data. There is discussion that the business of dead drive recovery globally is up staggering rates and it’s due to the lack of people backing up data on a continuous basis. We hear this loud and clear at SoftLayer when a customer would accidentally lose data that they wish they would have spent the extra few dollars a month to back up. It seems trivial post incident, but pre incident it’s one of those decisions that gets passed on quite frequently.

As mentioned, the uniqueness and innovation that lives in SoftLayer’s service offering is tremendous. As our CEO hammers home the message of think large and think global to us every day, I want to pass that message onto our customers. What you do is driving industry, innovation and all that comes along with it. We hope that the decision making process for you as a customer is driven by thinking large and thinking globally and that you take advantage of the solutions that we offer to make your work more functional, more secure, more robust, and more effective. I can’t imagine telling my boss that ‘we didn’t need that’ if it was something that we did need and it was right in front of me. I am sure many of you share that sentiment!

There is some confusion out there on what’s a good way to back up your data. In this article we will go over several options for good ways to backup and sore your backups along with a few ways that are not recommended.

There is some confusion out there on what’s a good way to back up your data. In this article we will go over several options for good ways to backup and sore your backups along with a few ways that are not recommended.

When it comes to backups storing them off site (off your server or on a secondary drive not running your system) is the best solution with storing them off site being the recommended course.

When raids come into consideration just because the drives are redundant (a lave mirror situation) there are several situations, which can cause a complete raid failure such as the raid controller failing, the array developing a bad stripe. Drive failure on more than one drive(this does happen though rarely) , out of date firmware on the drives and the raid card causing errors. Using a network storage device like our evault or a nas storege is also an excellent way to store backups off system. The last thing to consider is keeping your backups up to date. I suggest making a new back every week at minimum (if you have very active sites or data bases I would recommend a every other day backup or daily backup). It is up to you or your server administrator to keep up with your backups and make sure they are kept up to date. If you have a hardware failure and your backups are well out of date it’s almost like not having them at all.

In closing consider the service you provide and how your data is safe, secure, and recoverable. These things I key to running a successful server and website.

When considering these 2 raid options there are a few points you’ll want to consider before making your final choice.

The first to consider is your data, so ask yourself these questions:

• Is it critical data that your data be recoverable?
• Do you have backups of your data that can be restored if something happens?
• Do you want some kind of redundancy and the ability to have a failed drive replaced without your data being destroyed?

If you have answered yes to most of these, you are going to want to look at a Raid 1 configuration. With a Raid 1 you have 2 drives of like size matched together in an array, which consists of an active drive and a mirror drive. Either of these drives can be replaced should one go bad without any loss of data and without taking the server offline. Of course, this assumes that the Raid card that you are using is up to date on it’s firmware and supports hot swapping.

If you answered no to most of these questions other than the backup question (you should always have backups), a Raid 0 set-up is probably sufficient. This is used mostly for disk access speeds and does not contain any form of redundancy or failover. If you have a drive failure while using a Raid 0 your data will be lost 99% of the time. This is an unsafe Raid method and should only be used when the data contained on the array is not critical in anyway. Unfortunately with this solution there is no other course of action that can be taken other than replacing the drives and rebuilding a fresh array.

I hope this helps to clear up some of the confusion regarding these 2 Raid options. There are several other levels of Raid which I would suggest fully researching before you consider using one of them.

Last night while making my regular backup for my World of Warcraft configuration, I thought about the blog and I didn’t remember seeing an article that went into more detail than “backups are good” about backing up and restoring data.

If you’ve been around the InnerLayer for a while you will have noticed that backing up of data comes up periodically.  This happens because we frequently see customers whose world is turned upside down due to a mistyped command wiping out their data.  If you just thought “that won’t happen to me… I’m careful at a prompt”… well, how about a cracker getting in via an IIS zero day exploit?  Kernel bug corrupting the filesystem?  Hard drive failure?  Data loss will happen to you, whatever the cause.

Data that is not backed up is data that isn’t viewed as important by the server administrator.  As the title of this blog mentioned, backing up isn’t the end of the server administrator’s responsibility.  Consider the following points.

• Is the backup in a safe location?  Backing up to the same hard drive which houses the live data is not a good practice.
• Is the backup valid?  Did the commands to create it all run properly?  Did they get all the information you need?  Do you have enough copies?
• Can your backup restore a single file or directory?  Do you know how to restore it?  Simply put, a restore is getting data from a backup back into a working state on a system.

Backup Safety
At a minimum backups should be stored on a separate hard drive from the data which the backup is protecting.  Better would be a local copy of the backup on the machine in use and having a copy of the backup off the machine, perhaps in eVault, on a NAS which is _NOT_ always mounted, even on another server.  Why?  The local backup gives you quick access to the content while the off-machine copies give you the safety that if one of your employees does a secure wipe on the machine in question you haven’t lost the data and the backup.

Validity
A backup is valid if it gets all the data you need to bring your workload back online in the event of a failure.  This could be web pages, database data, config files (frequently forgotten) and notes on how things work together.  Information systems get complicated and if you’ve got a Notepad file somewhere listing how Tab A goes into Slot B, that should be in your backups.  Yes, you know how it works… great, you get hit by a bus, does your co-admin know how that system is put together?  Don’t forget dependencies.  A forum website is pretty worthless if it is backed up but the database to which it looks is not.  For me another mark of a valid backup is one which has some history.  Do not backup today and delete yesterday.  Leave a week or more of backups available.  People don’t always notice immediately that something has broken.

Restores
A good way to test a restore is get a 2nd server for a month configured the same as your primary then take the backup from the primary and restore it onto the secondary.  See what happens.  Maybe it will go great.  Probably you will run into issues.  Forget about a small operating system tweak made some morning at 4am?  How about time?  How long does it take to go from a clean OS install to a working system?  If this time is too long, you might have too much going on one server and need to split up your workload among a few servers.  As with everything else in maintaining a server, practicing your restores is not a one-time thing.  Schedule yourself a couple of days once a quarter to do a disaster simulation.

For those who might be looking at this and saying “That is a lot of work”.  Yes, it is.  It is part of running a server.  I do this myself on a regular basis for a small server hosting e-mail and web data for some friends.  I have a local “configbackup” directory on the server which has the mail configs, the server configs, the nameserver configs and the database data.  In my case, I’ve told my users straight up that their home directories are their own responsibility.  Maybe you can do that, maybe not.  Weekly that configback data is copied to a file server here at my apartment.  The fileserver itself is backed up periodically to USB drive which is kept at a friend’s house.

So there I was after work today, sitting in my favorite watering hole drinking my Jagerbomb, when Caira, my bartender asked what was on my mind. I told her that I had been working with clouds and elephants all day at work and neither of those things are little. She laughed and asked if I had stopped anywhere to get a drink prior to her bar. I replied no, I’m serious I had to make some large clouds and a stampede of elephants work together. I then explained to her what Hadoop was. Hadoop is a popular open source implementation of Google’s MapReduce. It allows transformation and extensive analysis of large data sets using thousands of nodes while processing peta-bytes of data. It is used by websites such as Yahoo!, Facebook, Google, and China’s best search engine Baidu. I explained to her what cloud computing was (multiple computing nodes working together) hence my reference to the clouds, and how Hadoop was named after the stuffed elephant that belonged to one of the founders – Doug Cutting – child. Now she doesn’t think I am as crazy.

When it comes to managing a server remember you can never be to careful. In this day and age we face a lot of things that can damage and even take a server to its knees here’s a few things for everyone to consider.

Anti-virus:

This is a must on systems open to the net now days. There are always nasty little things floating around looking to take your server apart from the OS out. For windows servers there are a multitude of choices and I’ll just mention a few that can help protect your goods. You can use several programs such as avast (which offers a free edition), ClamWin (open source), Kaspersky , and Panda just to name a few. I would suggest before installing any of these you check links such as http://en.wikipedia.org/wiki/List_of_antivirus_software to name one that provides a list of several choices and their compatibility. You may also want to read reviews that compare the available options and give you an idea of what to expect from them. This will allow you to make an informed choice on which one works best for you. Now with linux there are also several options for this including the well known clamav which from personal experience works really well and can be installed on a variety of linux disro’s(aka distributions). It’s very simple to use and may prevent you from headache later on down the road.

Firewalls:

Firewalls are a double edged sword but are most defiantly needed. When it comes to firewalls you can protect yourself from quite a bit of headache however if setup to strict you can block positive traffic and even yourself from reaching your server but in the long run a defiant way to help protect your server from unwanted visitors. A lot of firewalls also have modules and add-ons that further assist in protecting you and securing your server. If in doubt it’s always a good idea to have a security company do an audit and even a security hardening session with your server to make sure you are protected the best way possible.

Passwords:

This is probably one of the most important this you can do to secure your server. Use strong passwords (no using password or jello is not a secure password even if it is in all caps) and if you are worried about not being able to come up with a secure one there are several password generators on the web that can come up with secure ones to assist. Passwords should contain caps letters, numbers, symbols, and should be at minimum 8 – 10 characters (the more the better). It’s the easy to remember and easy read passwords that get you into trouble.

Armed with this information and so much more on security that can be located on the web using the great and all powerful Google should be a good start to making sure you don’t have to worry about data loss and system hacks. Also remember no matter how secure you think you are make regular backups of all your important data as if you server could crash at any time.