Monthly Archives: March 2023

It has been quite a while since we made any type of cybersecurity threat the focus for our blog entry, but one that is really prominent and increasingly so these days is mobile Stalkerware. Stalkers are different from spies, and Stalkerware is different from spyware. As the name suggests, what it involves in uninvited following and tracking of your activities and whereabouts. It can be just as disconcerting digitally as it is in real life, and more specifically what they do is record conversations, location, and pretty much everything you type.

So yes, they pretty much nix any aspect of privacy at all that might have – and expect to have with the operation of your mobile device. And the problem is that all of this occurs while you have no idea you’re being ‘stalked’. These types of malware often comes disguised as calendar or calculator apps and ‘Flash Keylogger’ is the most infamous one that was busted for it and is fittingly nowhere to be found these days.

Passing on information that their clients can use to keep themselves cyber-safe is going to be agreeable for any reputable Canadian web hosting provider, and that certainly applies for us here at 4GoodHosting too. So we’re taking this entry to talk about why Stalkerware is even more of a problem now than before, and then we’ll conclude by talking a little bit about what you can do to get rid of it.

3x The Risk Now

Apparently there is 3x the risk of being a victim of Stalkerware as compared to what it was three years ago. The possibility of encountering this form of mobile malware has gone up 329% since 2020. These attacks involve the attacker stealing the physical and online freedom of the targeted person, and doing that by tracking their location and monitoring their smartphone activity without consent or the victims being aware it’s going on.

One of the biggest risks can be with valuable information that may be exchanged in a text message, for example. Stalkerware may also be installed secretly on mobile phones by people who have grudges or ill will towards a person, and there have even been instances where it is concerned parents who are being a Stalkerware infection on a device. This is not only about stealing personal data, there are also tangible implications concerning the safety of the individual targeted.

As mentioned above, Stalkerware commonly imitates benign apps such as notes, calculators, or ones similar to these. This allows them to stay hidden in plain sight, with the victims seeing the apps every day on their phone and not thinking much of them. Sometimes they are advertised as apps used to keep a close eye on children and other people that are unable to take care of themselves.

Detection & Removal

The most reliable way to make sure your devices aren’t carrying Stalkerware is to go through all of the apps installed on the device and make sure they all work as intended. A phone that suddenly drops in performance, or starts crashing and freezing for no apparent reason may have a Stalkerware app installed on it. Another indicator can be if suddenly you have a new browser homepage, new icons on your desktop, or a different default search engine.

There are 3 best ways to get rid of Stalkerware on your phone. First is to conduct a factory reset of the device. That’s not something you should do unless you’re aware of what you stand to lose, but if you do decide to it’s important to first back up all important data on your phone: your videos, contacts, photos, etc. You can do this using your phone’s default cloud service, or use something like Google Drive to back up your data.

Your next choice would be to update your operating system. Some Stalkerware is only designed for older operating system versions and so an OS update might disable the stalkerware installed on your device. The Stalkerware may still continue to operate even after an OS update though. If your device has an OS update available, you’ve really got nothing to lose by trying this way.

Last up is using a malware removal app specifically designed for stalkerware. There are lots of good ones, including Norton, McAfee, Bitdefender, and Avira. However, be aware that you’ll need to pay for them.

Try to travel outside your country of citizenship without a passport and see how far you get. Likely no further than the airport or terminal of either sort, and that is the way it should be considering there are some people – and some things – that aren’t allowed to leave the country. It’s best that they stay in, or it’s best that they aren’t to be elsewhere in the world. The last part of that would apply to anyone who’s a risk to others, but the first part of it can apply to big data too.

There are companies that need to give federal governments the assurance that some of the data they collect from customers or investors doesn’t go beyond their borders, and a good example of this would be manufacturers who work with the Department of Defence or others who have patents on manufactured goods where the government has a vested stake in keeping that technology under wraps and out of the eyes of others in different countries where patent laws aren’t adhered to the same way they are here.

All of this comes at a time when the ongoing shift to cloud computing is as strong as ever, and where the need to not have the bulk and expense of physical data storage is a huge plus for companies of all sorts. This is the aspect that we can relate to here at 4GoodHosting with our being a good Canadian web hosting provider that can see the bigger picture with anything digital despite our being a mere bit player who ensure that a company’s website is always there and open for business or at the very least connection on the World Wide Web.

The need for cloud storage while staying inside laws around domestic data control has led to what are called ‘Sovereign’ Clouds, and that’s what we are going to look at with this week’s blog entry.

Protecting Interests

Banking is another prominent example here of an industry that has been very eager to adopt cloud computing where certain data segments need to be kept within the country. Insurance, healthcare, and the public sector are other ones where complying with laws and requirements within specific regions is important. Sovereign clouds are the type of cloud architecture that has been developed to meet this need.

They are semi-public cloud services that are owned, controlled, and operated by a particular country or region. In some instances that controller may be a cloud provider serving a smaller nation or region. They may be owned by the local government outright or by a consortium of private and public organizations, or owned by private companies that work closely with the government.

The objective of sovereign clouds is to provide computing infrastructure that can support specific government services. Most notably with protecting sensitive data and complying with laws and regulations specific to a country or region. Until not long ago mega cloud providers that served all countries were quite standard, but even with introduction of sovereign clouds ad the shift to them we will likely continue to need the hyperscalers for some systems that are less cost-effective to run on sovereign clouds.

It’s always going to be the case that sovereign clouds are part of multi-cloud deployments, and having the acceptance of multi-cloud and its flexibility driving new interest in sovereign clouds is what we’re seeing today.

Sovereign Cloud Benefits

Increased control and ownership of data is far and away the most prominent advantage to having big data in a sovereign cloud. It ensures that data is stored and managed in compliance with local regulations and laws, including keeping data in specific countries or regions. Use of public clouds might put you at risk of having your data made available outside of the country, and it might not be a situation where anyone or any group has done something ‘wrong’ to allow that to happen.

Sovereign clouds take that possible risk out of the equation since they physically exist in the country they support. Enhanced security measures are another big part of the appeal for sovereign clouds. They offer more unique encryption, access controls, and network segmentation that also may be tailored to specific countries or regions. Larger public clouds may provide the same or better services, but the way sovereign cloud security systems are purpose-built for a specific country’s laws and regulations results in superiority for supporting data security measures for that country.

Other benefits:

• Higher service availability and reliability levels in comparison to commercial cloud providers
• Customizability for meeting the specific needs of a country or organization, including compliance requirements, data storage, and processing capabilities
• Creation of jobs and supporting local economic development

Sovereign Cloud Drawbacks

It is always possible that a sovereign cloud may not be compatible with other cloud infrastructures, resulting in the chance interoperability and data exchange challenges. Data privacy concerns are legit too, as there’s been plenty of instances across history where governments have taken advantage of having this type of control. Many companies prefer to use global public cloud providers if they believe that their local sovereign cloud could be compromised by the government.

Sovereign clouds may not have the same capacity for speedy adoption of new technologies and services compared to global cloud providers. This might limit their ability to innovate and remain competitive. Sovereign clouds won’t likely be able to offer the same types of services, considering that they don’t have billions to spend on R&D like the larger providers. Flexibility and autonomy may be lessened or compromised as organizations that rely on a sovereign cloud may end up having a dysfunction based on being dependent on the government or consortium operating it.

There’s always going to be the need to make distinctions between wants and needs, but when it comes to space and resources there’s many times that having a greater amount of it is much more of a need than a want. That is obviously true for people, and the best example would be how a married couple with 3 kids can’t make do with a 1-bedroom condo even though it’s in the most desirable part of town. But it can also be true of objects and inanimate items of all sorts, and it’s true for servers too and the data centers they reside in.

It’s never going to be a situation where businesses, organizations, or ventures uniformly have the exact same data management needs and for ones that have especially large ones server colocation often makes a lot of sense. This is where a server owned by one of them is deployed and hosted within a managed service facility / environment, and usually an existing data center or IT facility. The customer retains control of server services, operating system and applications while the MSP provides the physical space, power and network resources.

Obviously with 4GoodHosting being one of the best Canadian web hosting providers this is a topic that we’re very familiar with even though a hosting provider is going to have their own expansive data centers all the elbow room we need for our clients’ data storage needs to begin with.

We’ve got two excellent ones full of capacity in both Vancouver and Toronto, but that’s all we’ll say about that and instead let’s move to discussing what sort of server colocation services you will want to be aware of if your data management needs are much bigger than they used to be.

1. Tower Server Colocation

Server colocation is sometimes also referred to as ‘carrier hotels’ and having the maximum of safety when having your server within a facility is best achieved with tower server colocation. It provides your servers with an extra layer of security that wouldn’t be available with another type of server colocation arrangement. Server colocation pricing and things of that nature also need to be taken into consideration, but identifying the type of server colocation service you need comes first.

Tower server colocation is a wise choice for those who have very basic needs. With it there will typically only be space on one shelf for one tower server. If you can make do with this arrangement it’s a very efficient and usually very cost-effective one. Another big plus is that there is unmetered incoming bandwidth made available and you are free to use any one of several IP addresses most of the time.

2. Full Rack Colocation Space

Greater server space needs will require the bigger fit, and that is a full-rack colocation space. This will be the situation if you need a lot of space to protect several servers at once and all of them are essential to whatever it is you are doing online and doing it is entirely worth your while. Whether that’s a business, e-commerce, or something else entirely. This is the setup that will benefit you the most. As the name suggests, this setup provides an entire rack of space for your servers.

This certainly is the most expensive option, but if it’s what you need then the cost becomes one you’re willing to pay as it is fairly standard to have upwards of 50 IP addresses along with something like 20 AMPs of power made available to your servers. It is one of the most advanced colocation options on the market, and quite often it is the most ideal fit if you need a setup with plenty of power and security.

Pricier for sure, but for so many clients it is simply part of the cost of doing business and especially in the digital age where so much data is in the cloud and there’s so much operational efficiency and reliability that comes with that.

3. 1U – 4U Colocation Space

For a mix of affordability and more capacity / performance a smaller U colocation space may your ideal server colocation arrangement. It allows you to take your 1U / 2U / 3U / 4U colocation server and put it safely on a single rack in a very secure colocation facility. Along with that you’ll have somewhere around 2-5 IP addresses to use while still being able to have unmetered incoming bandwidth.

This options is usually quite affordable even though it is a functional step up from a simple tower server colocation. The basic concept for how much you’d pay is actually quite simple. The more rack space you use, the less available space the colocation center will have available, and the more power the data center will consume as a whole.

Rack space is measured first in terms of single tray units, which is the amount of space occupied by a single tray in a server rack enclosure. Then the actual racks themselves where you physical server will sit. These two units form the backbone of most colocation center pricing scales, but there are also more precise measurements of space that can be used to further tailor your data colocation space to best fit your business and budget

People may think of Abraham Van Brunt or the Legend of Sleepy Hollow when they hear the word headless, but in the context of it we’re about to lay out here we’re not talking about horsemen. We’re talking about headless commerce, which is a separation of the front end and back end of an e-commerce application where brands are more free to build whatever and however they want. One of the many offshoots of conventional e-commerce since it came around some 25 years or so ago.

Headless commerce has gained attention as a method that businesses can employ to address some of the challenges associated with the evolving eCommerce market and it does allow businesses to obtain a substantial competitive advantage when the presentation layers and the backend of the application are built and operated distinct from each other and continue to be standing apart from each other as the business gains traction.

And of course a primary resource for any e-commerce business, venture, or other commercial enterprise online – headless or not – is going to be the website. And as a top Canadian web hosting provider, 4GoodHosting is always all ears when it comes to whatever it may be that might be relevant for the small / smallish businesses that have their websites hosted by us.

Dedicated hosting is often a better choice than shared hosting for many reasons, but it is especially so for headless commerce interests and that’s what we’re going to look at with our entry for this week.

Challenges With Headless Commerce

There are common challenges that need to be overcome by organizations implementing a headless commerce environment. What is quite common is that these challenges aren’t overcome sufficiently (or easily) and the company then decides to choose to deploy a traditional e-commerce solution. But if they were to move to a dedicated server arrangement with their Canadian web hosting provider then at least a PART of why that is would be taken out of the equation.

These are the most common challenges:

Cost – There are often substantial initial cost of implementing a headless commerce architecture and there may not be a fit with a company’s projected budget. Weighing costs against the projected benefits and increased revenue generated by the new system is often what transpires.

Technical expertise – Considerable technical expertise is often required to correctly implement headless commerce. Changing existing processes is rarely straightforward and failure to get it right can expose a company to failed systems, downtime, and lost revenue.

Data integration and connectivity – Integrating the diverse data streams and sales channels is often a heavy challenge, and very time consuming. Faulty integrations will lead to dissatisfied customers and mounds of work for a development team.

Dedicated Web Hosting Benefits

Shared servers are always the least expensive option, but will not always deliver the desired level of performance or reliability. A virtual private server (VPS) addresses some of the shortcomings of a shared server but will still not offer the performance achievable with dedicated physical hardware. Costs can be controlled with options such as renting a dedicated server from a 3rd-party vendor rather than purchasing it and housing it in an on-premises data center.

Considerable as well that partnering with a 3rd-party hosting provider can reduce or eliminate any concerns about the availability of adequate technical resources, and 3rd-party tools that help integrate and automate data intake are essential when implementing a headless commerce environment.

Superior customization potential is a benefit too A dedicated server provides full control over the deployment of operating systems and software applications. Both frontend and backend resources can be fine-tuned and customized to provide an improved user experience. Same goes for reliability as a dedicated server enables a company to use in-house technical resources to make changes or respond to an emergency or unexpected outage.

Next up is flexibility. When they own the hardware a company can quickly make changes as soon as they become necessary. Shared tenants or limits on partitioned resources are not part of the picture and you won’t be disadvantaged this way. A dedicated server for headless commerce applications also gives transparency as companies know exactly what software is running. There will be no surprised with unexpected compatibility issues.

Choosing Implementation

After you’ve decided that a dedicated hosting environment is going to be the best working fit for your headless commerce architecture, you then need to choose how it will be implemented. As with any website, a company can elect to host it using internal or third-party resources. The following factors influence an organization’s choice. Here are the standard considerations around this:

Financial status – Setting up a dedicated server in an internal data center is not inexpensive. You may want to think about finding a reliable provider and renting your hardware from them. This is one way to minimize the cost of going with a headless solution.

Technical resources available – Lacking the in-house technical resources to adequately handle the responsibilities of maintaining a dedicated server is quite common. A reliable vendor can supply those resources, allowing a company to implement headless commerce with a limited staff.

Datacenter space – Dedicated servers need to be located and a 3rd-party vendor will already have space allocated. Companies that do not have on-premises space available can still go headless by paying for use of provider’s space and servers.