Monthly Archives: May 2020

Reading Time: 4 minutes

Anyone who won’t agree that technological advances have been arriving in leaps and bounds these days will probably be told they’ve had their head in the sand or something similar. If technological advances weren’t to the greater benefit of all of us they’d never get past the prototype stages, but with many of these advances come certain degrees of risk.

 

We’re all aware of how our increasing reliance on the digital world has made us more at risk of cyber fraud, and when it comes to cards many people have chosen to keep theirs in some sort of RFID sleeve that prevents card information from being scanned unwillingly. There’s all sorts of other examples of this sort of stuff, and we won’t stray too far off topic.

 

Here at 4GoodHosting, we’re like any other reputable Canadian web hosting provider in that we take an interest in any type of technology-related topic that might be of interest to the people who count on us for keeping their websites optimized and at-the-ready for visitors on the World Wide Web.

 

So today’s topic is smartcards, and what you can do to ensure any person who’s looking to steal your information from them is thwarted in their attempts to do so.

 

Completing a transaction, opening security systems, and achieving a whole array of other operations in this smart technology era can now be done with a simple swipe of a smartcard. They have continued to gain popularity over the world, and as you might then expect security attacks have become increasingly common as they target owners and users.

 

Fortunately, the right information on technology-based use and applications is usually made available to keep you one step ahead of any attack, and some of that is what we’ll be sharing with you here today.

 

For any of you who are not familiar with them, this is how smartcards work. They use microchip technology and secure authentication to provide purchasing security and are equal parts convenient, practical, and reliable for data transfer with transactions. Nonetheless, smart hackers have still worked out various ways of observing their operations and then setting their sights on gaining access to credentials, funds, and information contained in the microchips of the cards.

 

So here’s what you can do to ensure you can protect yourself from hackers and the continued safe use of your smartcards.

 

Ensure Full System Security

 

Should an attacker successfully gain access to a computer device connected with your smartcard, it unfortunately becomes fairly easy to use your card to complete transactions. Most of the time this breach is the result of unpatched software, or it may be due to the fact you’re running something you shouldn’t.

 

There’s nothing to be done about the fact that once attackers gain access to your computer device it becomes simple for them to authenticate transactions while assuming your identity through the card. This is usually done by copying digital certificates from your local cache if they’re available, or the hackers may be keying in your PIN at requests.

The most effective way to protect yourself here is to ensure you don’t get suckered into interacting with click baits. Start by ensuring the software you install is not compromised and that you regularly run anti-malware software on your computer.

 

Keep Your PIN Safe and Secure

 

We mentioned RFIDs above, but smartcards aren’t the same as RFID cards. RFIDs are programmed to produce specific codes once activated and are powered by a magnetic field while using radio frequencies to transmit data. Hackers are able to steal information from this kind of card by utilizing RFID proximity readers and then collecting IDs from cards that have been left unprotected.

 

Smartcards are different. They use Personal Identification Numbers (PINs) for protection, and have a memory that can store information and put forward a ‘challenge & response’ system when the card initiates a conversation with a transaction terminal. What this means is that before a transaction is completed you would need to provide your PIN at the terminal.

 

What you need to do here is physically protect your PIN and work with the understanding there may be an unseen individual who’s trying to access the information that’s locked behind it.

 

Guard Against Hacks From Transaction Terminals

 

Transaction terminals is where these hackers will typically stage their attacks, and if not protected your credentials can be obtained during communication between your card and payment terminals.

 

An effective way to enhance your safety precautions is to remove your cards as soon as you complete a payment submission. If possible, see to it that your payment terminals are standalone machines, and not ones where access other web services is possible.

 

Owners of such terminals will ideally take some responsibility to ensure software used on such terminals has all necessary patches implemented and ongoing fraud-prevention support. Terminal operators can run anti-malware software periodically. It’ll reveal attempts at hacking card credentials.

 

Use Mobile Phones Instead When Possible

 

For many people their mobile phone is already a payment gateway for them. Setting up your device for mobile payment and connecting it to a smartcard is a fairly straightforward process, and there’s no shortage of apps you can download and use to manage your payments.

 

Using apps is going to be safer than cards 90-plus percent of the time. Apps generate a one-time authentication code, and the ‘one-time’ part of that is key as it’s enabled for use only once for the current transaction before it comes entirely meaningless and ineffective for any function. It’s highly unlikely you’d lose this code to hackers, and even if you did it’d be of no use to them.

 

It’s good to know that using a smartphone means much less of a chance of having your card credentials stolen.

 

Most payment terminals equally accept scan payment using mobile phones, and you’re not limited by where your phone can serve.

 

Use Cards from Trusted Suppliers

 

The last thing we’ll share here is that where you obtain your cards is important too. There have been instances where staff members at companies have attempted to steal smartcard credentials. Others will have inadequate security measures for their cards.

 

Using smartcards provided by reputable, established, and trusted establishments will let you have less concerns about losing your card credentials.

 

Plus, it’s easy to mix cards up. If you’re not able to identify you cards on your own, that means fraudsters can take advantage of you that much more easily. Ensuring your name is on your card and unscripted with high print quality and durability is important. Lastly, make sure you destroy these cards first if you’re going to be disposing of them for any reason.

Reading Time: 4 minutes

One of the things that many of us have realized – and particularly those without high-speed internet at home – is that for some people available bandwidth is at a real premium these days with so many of us forced to stay at home. Whether you’re being productive or just keeping yourself entertained, you probably find yourself taking advantage of the wonders of the Internet during this pandemic time. Perfectly natural that you do, and for the average person who doesn’t have a stake in their own website there’s not much to think about.

 

However, if you’re not only a website visitor but also a website owner and someone who’s got a vested interested in the reliable Canadian web hosting that we provide here at 4GoodHosting then you’ve got more skin in the game. Especially if your website exists for e-commerce purposes, and that’ true for a good many of them. You won’t be cool with any type of shortcomings where your site isn’t able to handle a large influx of visitors at any one time.

 

Something that – as it so happens – is increasingly likely during these Covid times!

 

So we thought that today we’ll share information on something we know quite well – how to make sure your website is ready to accommodate traffic ‘spikes’, as they’re referred to.

 

Let’s get right into it, because the truth of the matter is no one like website crashes or those darn 404 error messages. So what should you do?

 

Have Your Own Host

 

Shared hosting packages are the cost-effective way to have your website up and open alongside the Information Superhighway. While that’s fine and dandy, you also might like to know that websites hosted in shared hosting arrangements are going to the be the least well equipped to handle traffic spikes. And it has everything to do with not enough bandwidth to go around.

 

It’s safe to assume that if your traffic is increasing, the websites that you’re sharing your hosting with are also experiencing more traffic. The smart move here is to be proactive and move your site to an individual server. Doing so will ensure that you will have enough bandwidth to accommodate a large increase in visitors to your website. Without it a heavy stream of potential customers browsing your website may cause it to crash, and in a worst case scenario that means lost revenue.

 

Compress Downloads and Images

 

It’s smart to aim to have everything on your website be visually and experientially pleasing to visitors. Anything that might irritate them or create confusion should not be remedied. Large and slow loading images could mean lost website view time or increased bounce rate – the rate with which users leave your website after arriving. With an increase in traffic, this becomes even more likely.

 

What you can do to avoid this is being sure that all of your images or pictures are smaller than you’d usually prefer to keep them. However, if you don’t know what to compress – or how to compress it – to conserve server capacity then it’s best to hand that task off to someone who does. That’s because compression can cause problems if it’s not properly configured.

 

Insist on the Right Server

 

VPS stands for Virtual Private Server, and that type of server arrangement with your web hosting is often the best option for having full peace of mind with the well being of your website. It offers security of your data solely on the server and the convenience of storing it virtually, and not having to have it onsite goes a LONG way in ensuring your website can handle traffic spikes.

 

With a secure server, you can have the confidence that your website will support the increase in online browsing and cardholder and protected data of your users is safe.

 

The benefits of VPS don’t end there. If you are expecting a spike in traffic, you have the ability to request that your server amp up capacity or practice load balancing of your website during traffic spikes. This prevents systems from becoming overwhelmed by the increase in traffic. Choosing VPS is smart for small to medium-sized businesses and it is an easy and cost-effective way to have your website hosted.

 

Plus, we should mention that many customers will opt to go for a VPS server AFTER they experience some type of failure due to a traffic spike. So instead of being reactive, be proactive and get your VPS before you experience any harmful downtime.

 

Be Mindful of Typical Customer User Means and Preferences

 

Mobile web browsing has surpassed fixed station web browsing now, and quite handily at that. Most of the time when people are browsing the Internet, they are on a phone or a tablet and using a mobile network or Wi-Fi. You need to ensure that your web design will be engineered to accommodate the smaller screens of these individual’s mobile devices. The last thing you want is for potential customers to have to minimize their display and re-scroll over your content.

 

Long story short, most of them won’t be willing to do that and will ‘bounce’ quickly.

 

Learn from Visitor Behaviour Patterns on the Site

 

When you find you are busier than normal on your website, it’s the ideal chance to learn how visitors are coming to your site and how they’re inclined to move while they’re there. How many visitors are coming in and what do they seem to be the most interested in? You will notice patterns that can help you to identify any changes that you may need to make to protect your website from having problems in the future.

 

Along with identifying causes of an increase in traffic flow through your website, you can also take a few cautionary steps to be prepared for it and – most ideally – benefit from what you’ve learned from these spikes and the ways you and your web hosting provider are willing and able to make changes in response to all of that.

Reading Time: 5 minutes

It’s pretty much several times a day that we hear about how some aspect of life has been turned on its head by the current global pandemic, and while the workings of the digital world won’t be front and centre for a lot of people it most certainly is for us. Here at 4GoodHosting, that ongoing interest and eyes wide open nature is likely a large part of what puts us among the best Canadian web hosting providers.

 

With that said, even if you’re not working in the some wrinkle of the industry it’s still going to be hard not to be aware of the importance of cloud computing. It’s very much a staple of the digital nature of business, and it’s at the very heart of the IoT (Internet of Things). Which brings us today’s topic – what can webmasters or shot callers of other stripes do to keep the current situation from taking cloud computing costs and pretty much running away with them?

 

Managing financial uncertainty is going to be a challenge, even during the best of times. There are two major factors driving the need for continuous cloud cost optimization; first, there’s the evolving global financial conditions in response to the COVID-19 pandemic. Next, we’ve got the accelerating adoption of cloud usage.

 

A recent report is showing that organizations expect cloud spend to go up by 47% in the coming year. This rapidly growing spend leads to challenges in forecasting, as the majority of respondents contributing to the report indicate they’ve exceeded their cloud budget by an average of 23% and they don’t see much in the way of what can be done to counter that.

 

More Difficult to Optimize Cloud Costs

 

Along with the growth of crowd spending goes businesses finding it difficult to ensure that cloud costs are optimized. The consensus is that nearly a third (30%) of cloud spending is wasted, and 73% of respondent see the need to optimize their existing use of cloud as a primary initiative for this year.

 

As one might expect, the new digital-heavy realities of life that COVID-19 has thrust upon us all has meant that cloud use is accelerating, and the situation is now that about half of organizations are expecting their cloud usage to exceed prior plans. Oppositely, it’s also expect that other organizations – albeit fewer of them – will see their cloud use decrease as their businesses are impacted by the pandemic. Either way it becomes imperative for organizations to optimize cloud costs.

 

Finding Savings in Operating Costs

 

The best way to counter this is with on-demand cloud spend. Unlike many other IT costs that are set in long-term contracts, with this you can benefit from nearly instantaneous savings by eliminating idle resources or downsizing over-provisioned resources. A focused plan for cloud cost optimization can yield significant benefits, to the tune of as much as 20 to 25 percent savings over just a few months.

 

In addition, with on-demand cloud spending you are better prepared to manage cloud costs efficiently as cloud usage speeds up or slows down.

 

So the question then becomes – what can you do to achieve ongoing reductions in cloud costs? A good place to start is with these 4 best practices:

 

1. Conduct Assessments Before Signing up for Discounts

 

A discount of any sort is always going to look good, but you need to look at them more equivocally and evaluate the goals of those involved. Make no mistake about it – cloud providers aim to lock in your cloud usage, and that runs counter to your primary interest our priority, which of course is saving money first and foremost.

 

Cloud providers will likely offer a variety of discount options (e.g., reserved instances, enterprise agreements, and savings plans) but with them comes a requirement that you make contractual commitments to use certain types and levels of cloud use over a set time period. Signing up for commitments that lock you into unoptimized or wasted cloud expenditure isn’t going to be beneficial, but many people look past this and only focus on the here and now of getting good looking discounts.

 

A better approach is to start with a thorough assessment that evaluates all areas where you could save on cloud spending.

 

Understanding potential adjustments you can make in advance of accepting discounts enables you to pinpoint where to optimize your cloud usage and determine what levels of commitment to make in order to receive discounts.

 

2. Pick Low-Hanging Fruit First

 

Ensure you’re looking over everything you can, including whether or not there are optimizations that are available to you. Examples of this can be getting rid of idle resources, making cuts to overall resources based on working efficiencies and / or actual needs, and eliminating wasted PaaS services.

 

Other points you may want to consider are de-provisioning unused storage; shutting down instances after hours, or finding newer, lower-cost instances.

 

What this does is help you identify ‘low-hanging fruit’ like idle resources and unused storage that can be eliminated without any concerns for creating shortcomings elsewhere. Try to make it all part of a comprehensive optimization plan that clearly identifies the appropriate levels of usage and spend once the optimizations are complete.

 

3. Determine how Software Licenses Contribute to Overall Cloud Costs

 

It’s fairly common to find that traditional software license costs are contributing to the costs of applications running in the cloud in a very big way. Optimizing license use is an important part of cloud cost optimization.

 

If it’s possible, one of the best things you can do is bring your own license (BYOL) to the cloud and enjoy significant savings as a result of it. One good example is how the Azure Hybrid Benefit can provide 45% savings on virtual machines running Microsoft Windows or SQL Server in the Azure cloud. Another example will be if license restrictions on Oracle Database may make it more costly to run in certain clouds.

 

It’s good to have a solid understanding of what licenses are being used in the cloud, plus the relevant use rights or entitlements that go along with them. Another consideration for you is the cost implications that should be weighed with any cloud cost optimization initiative.

 

4. Be Choosy with your Discounts

 

So after you’ve made your assessments and identified doable optimizations, you can now implement a strategy to leverage cloud discounts to your maximum advantage. First consider how your cloud usage may vary in the future. This can include changes in cloud providers, regions, instance types, or a shift from raw VMs to PaaS services. Only commit to a level of cloud usage that will allow to stay well positioned with expenses even if unexpected changes occur.

 

Also be sure to avoid making commitments that cover 100% of your cloud spend. The reason for this is that doing so locks you in should your cloud use change, as it often does. A better move is to identify a ‘coverage level’ that’s more realistically lined up with your strategic initiatives, your plans to decrease or increase cloud usage with a provider, and any allowances you have wiggle room for in the event of unexpected changes.

 

Cloud cost optimization is going to be an ongoing process, and not something that’s a one-time fix that can be relied on going forward. That may be the most important takeaway of all from everything that we’ve shared with you here today.

Reading Time: 5 minutes

There’s the old expression that goes ‘you can’t stop progress’, and often times the digital world and advances in it are the best examples of how this tends to be true. Cloud computing really has become an unstoppable force, and the way we’re seeing the entire digital world conforming to the new realities its ushering in isn’t something that’s going change.

It’s always good to move into some ‘new’ things with caution, but there’s nothing that warrants not embracing the cloud as much as we can. Or at least that seems to be the overarching mindset of the majority of engineers and the influential decision makers that decide where their expertise is directed.

Now we’re not developers here at 4GoodHosting, but like any other quality Canadian web hosting provider we do take an interest in the major structural building blocks that make the digital world go around, and continue to make it so that the people we provide with solid and reliable web hosting are able to get more out of their interests – whatever those interests may be.

Redefining Serverless

Serverless was once a handy platform that saved you from having to size server resources correctly, plus removing resources when no longer needed. Nowadays though it’s a catchall that will have a different meaning depending on its applications and the specifics of who’s providing serverless as a service on the public clouds.

Now there’s not a systems engineer alive that’s not familiar with Kubernetes. It has become the nearly default open source container cluster and orchestration platform, and eventually seeing it go serverless was pretty much a given. Features such as networking, service discovery, scaling and cluster & container federation multi cloud support are the benefits we’re likely to see start making real impacts soon—and every one fo them is serverless enabled.

Serverless for Statefulness

The idea of statefulness may not receive the best reception with newer developers, but serverless does support statefulness. Some may continue to see them a principally incompatible, given that serverless systems execute a serverless function in a stateless manner.

However, that’s not going to be accurate.

Keep in mind that many applications – including ones moving from traditional systems – leverage state. Although most of the time stateful applications could not be ported to emerging serverless platforms, what’s emerging now seems to be a real change in direction. We can foresee many more applications moving to serverless than industry insiders would have expected. Many of the serverless technology limitations we dealt with just a few years ago are not limitations of any sort anymore.

Those familiar with devOps will know that Gitops is built as a version-control system. The plan is for Gitops to improve operational workflows and contribute to projects being more agile. The integration between Gitops, serverless Kubernetes, and even functions-as-a-service will provide benefits the industry hasn’t even been able to imagine yet, and these systems will be public cloud-based for the most part.

The Consensus on Serverless

The integration of serverless approaches and databases is already well underway and will only pick up speed this year and next. If you read up on what industry experts foresee with regards to all this, the consensus is that most enterprises will only accept a serverless approach to databases within two years’ time.

There’s the old expression that goes ‘you can’t stop progress’, and often times the digital world and advances in it are the best examples of how this tends to be true. Cloud computing really has become an unstoppable force, and the way we’re seeing the entire digital world conforming to the new realities its ushering in isn’t something that’s going change.

It’s always good to move into some ‘new’ things with caution, but there’s nothing that warrants not embracing the cloud as much as we can. Or at least that seems to be the overarching mindset of the majority of engineers and the influential decision makers that decide where their expertise is directed.

Now we’re not developers here at 4GoodHosting, but like any other quality Canadian web hosting provider we do take an interest in the major structural building blocks that make the digital world go around, and continue to make it so that the people we provide with solid and reliable web hosting are able to get more out of their interests – whatever those interests may be.

Redefining Serverless

Serverless was once a handy platform that saved you from having to size server resources correctly, plus removing resources when no longer needed. Nowadays though it’s a catchall that will have a different meaning depending on its applications and the specifics of who’s providing serverless as a service on the public clouds.

Now there’s not a systems engineer alive that’s not familiar with Kubernetes. It has become the nearly default open source container cluster and orchestration platform, and eventually seeing it go serverless was pretty much a given. Features such as networking, service discovery, scaling and cluster & container federation multi cloud support are the benefits we’re likely to see start making real impacts soon—and every one fo them is serverless enabled.

Serverless for Statefulness

The idea of statefulness may not receive the best reception with newer developers, but serverless does support statefulness. Some may continue to see them a principally incompatible, given that serverless systems execute a serverless function in a stateless manner.

However, that’s not going to be accurate.

Keep in mind that many applications – including ones moving from traditional systems – leverage state. Although most of the time stateful applications could not be ported to emerging serverless platforms, what’s emerging now seems to be a real change in direction. We can foresee many more applications moving to serverless than industry insiders would have expected. Many of the serverless technology limitations we dealt with just a few years ago are not limitations of any sort anymore.

Those familiar with devOps will know that Gitops is built as a version-control system. The plan is for Gitops to improve operational workflows and contribute to projects being more agile. The integration between Gitops, serverless Kubernetes, and even functions-as-a-service will provide benefits the industry hasn’t even been able to imagine yet, and these systems will be public cloud-based for the most part.

The Consensus on Serverless

The integration of serverless approaches and databases is already well underway and will only pick up speed this year and next. If you read up on what industry experts foresee with regards to all this, the consensus is that most enterprises will only accept a serverless approach to databases within two years’ time.

Along with that many other serverless trends will emerge as well, as cloud technology providers attempt to make their technology buzzword compliant. We’re only just scratching the surface of what the core value of cloud technology makes possible, and the problems it will be able to solve will be seen to in an ideally pragmatic way if the current swell continues and the right type of foresight is applied.