Blog Header Banner

Securing WordPress against the Hordes of Bots   no comments

May 10, 2016 @ 6:20am Web hosting
Share : Facebooktwitterredditlinkedinmail

robots_attack_wordpress_blogWordPress is one of the most popular, third party scripts used on websites.  Each and every time WordPress releases an update or a patch, the reasoning behind the update is publicly released but often its security related.  This is for all developers to be aware and update their code accordingly.  This factor alone, makes your site targeted.  Not to scare anyone reading this, however in a recent study WP White Security reported 70% of WordPress sites are vulnerable to attacks!

The majority of hacked sites are compromised for the sole purpose of sending spam.  TurnKey Internet and other web hosting services cannot guarantee your site will not become compromised due mainly to third party scripted plugins and modules that often modify or alter WordPress in ways that even the main security aspects of WordPress can’t anticipate.   TurnKey Internet makes sure your site is secured against a large scale of attacks and has a restoration plan if needed utilizing our multiple online cloud backup services we offer  with our hosting services .  The last thing a hacker wants to do is spend a large amount of time accessing your site.  The more road blocks, the faster the malicious user will lose interest and move on.

Before I get too far ahead of myself, let me first explain how your site becomes compromised.  I believe this is important when securing your site.  Understanding how malicious users are gaining access and what the user is doing.  While there is a vast scale of techniques a hacker can use, the main way a malicious user will gain entry to your WordPress site was grouped in the following categories by WP White Security:

41% – Security vulnerability on the hosting platform.  Nothing to worry about on TurnKey Internet’s web hosting server platforms, as we are constantly updating the servers with the latest security releases and patches.  As well as keeping all services on the server up to date in addition to having the most advanced firewalls and intrusion detection systems in place.  If you have a dedicated or VPS server and would like to TurnKey to review your server, shoot us a support ticket we’d be more than happy to investigate.

29% – Outdated WordPress Theme which can open security holes

22% – Outdated WordPress Plugins which can open security holes

51% of reported compromised sites are due to an outdated theme or plugin.  This is completely preventable!  When your plugin or theme is compromised, this makes it possible for a hacker to inject an eval base 64 decode code.  This allows the hacker to run a PHP function from the site.  These are PHP mailers the malicious user users to send spam from your account.

8% – Due to a weak password.  This is where brute force attacks are successful.  Hackers use a script to continuously generating random passwords, until they have gained access to your dashboard.

First and foremost, make sure everything is updated to the latest version.  Each time WordPress releases an update, the update is addressing a security threat.  This is why keeping the script updated is important.  As mentioned previously, due to the popularity of WordPress the exploits patched are publicly released.  This allows developers to adjust their coding accordingly.

In version 3.7, WordPress added in the feature to allow automatic updates.  This sounds wonderful, except by default it only applies to minor updates.  The WordPress team did this to prevent sites from automatically breaking when updated.  (Typically this happens if your plugins are not continually updated by the developer.)  You can add the following lines of code to the wp-config.php file and all updates will be automatic.

# Enable all core updates, including minor and major:

define( ‘WP_AUTO_UPDATE_CORE’, true );

Alternatively, if you would like to take control and complete all the updates yourself, you can add these lines instead.

# Disable all core updates:

define( ‘WP_AUTO_UPDATE_CORE’, false );

Since more than half of WordPress sites are hacked due to outdated themes or plugins, be picky as can be with the ones you activate.  Pay attention and investigate the themes and plugins you are using.

Not all plugins and themes are actively maintained by their developers.  Only use plugins that are updated regularly.  If the plugin or theme hasn’t been updated in 6-9 months, there is a good chance the developer is no longer maintaining their theme or plugin.  Stick with WordPress developers.  You can download tons of plugins and themes directly from WordPress.org.

Do you honestly need that plugin?  If it is not necessary for your site, deactivate it and remove it.  Not only does it take your site longer to load, you’re providing more chances for a malicious user to find a backdoor.

Lock down who has access to your WordPress dashboard.  The easiest way to complete this is by adding a few lines of code into your .htaccess file.  As with all aspects of web hosting case sensitivity is important.  Please note where the capitalization is when implementing this code into your .htaccess file.

<Files wp-login.php>

order deny,allow

Deny from all

Allow from 111.111.111.111

</Files>

You will want to exchange 111.111.111.111 with the IP address of the machine you are connecting from.  If you are unsure of the IP, Google “what is my IP” from the device you would like the IP of.

Hey, that’s great but what if I need to access the dashboard from the office and from home?  No worries, you can add additional ‘Allow from’ statements.

<Files wp-login.php>

order deny,allow

Deny from all

Allow from 111.111.111.111

Allow from 222.222.222.222

</Files>

Limit the number of login attempts an IP address can have before your server blocks the IP.  If this is a new install, using Softacoulous, there is an option ‘enable the number of login attempts’ listed in the preinstall screen.  If you have already installed WordPress, I recommend using the Limit Login Attempts plugin.

Do not use the default “admin” username.  On new installs you are given the ability to make the username.  If you already have WordPress installed you can change the username in the dashboard.  Once logged in, access account setting, and click the “change” link next to your username.  From there you can follow along with WordPress to change the username.

Change your passwords often and make sure you are using a strong password.  I know this can sometimes be overwhelming and often hard for some uses to remember.  However, it is extremely important to use.  A good way to remember the password is to use a short sentence or phrase.  Make sure to do something like replace vowels with number or make them capital.

W3bh05t1ngK1ng

1R0ckth3w3B

The above are far more secure than using:

password

123456

Johnny

Change the WordPress default table prefix.  If you’ve noticed all your core WordPress files start with ‘wp’.  wp-config, wp-login, wp-admin, ect.  Changing the prefix can help prevent against SQL injections.

The table prefix is defined in the wp-config file.

$table_prefix = ‘wp_’;

PLEASE NOTE – Changing the table prefix in the wp-config file will not change the tables in the database.

In a fresh install you have the ability to set the table prefix to something other than wp.  If you have already installed WordPress, I have found the iThemes Security plugin to be the quickest way to compete this task.  If you prefer to not have a plugin complete this task, you can do so manually.  It is a bit time consuming and you will need to make sure to rename each WordPress table, update the usermeta table and update the options table.  Of course you will want to backup the database, before making any changes.

Make sure your file permissions are correct.  WordPress states only the following permissions should be used;

Directories should be 755 or 750

Files should be 644 or 640

Your wp-config.php should be set to 600

Your wp-config file is extremely important.  I recommend protecting this file in the .htaccess as well.  To do so place the following lines of code inside your .htaccess file:

<files wp-config.php>

order allow,deny

deny from all

</files>

Speaking of protecting important files.  The wp-includes directory contains the majority of files needed to run WordPress.  There is absolutely nothing in this directory a user will need.  With that being said, I recommend adding the following lines of code to the .htaccess file to protect these files as well.

# Block the include-only files

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteRule ^wp-admin/includes/ – [F,L]

RewriteRule !^wp-includes/ – [S=3]

RewriteRule ^wp-includes/[^/]+.php$ – [F,L]

RewriteRule ^wp-includes/js/tinymce/langs/.+.php – [F,L]

RewriteRule ^wp-includes/theme-compat/ – [F,L]

</IfModule>

Block out access to the xmlrcp.php file as well.

<Files xmlrcp.php>

order allow,deny

deny from all

</Files>

xmlrcp.php, this file is the worst!  While the features of using this file sound neat.  (Connect to your blog via text or email, sends tracebacks or pings.) This file has been used to take down a large number of server by implementing DDOS attacks with this file.  You can read more on these attacks here – https://blog.sucuri.net/2014/07/new-brute-force-attacks-exploiting-xmlrpc-in-wordpress.html

Since we are already protecting our files in .htaccess, might want to protect .htaccess as well.  To do use this code.

<Files .htaccess>

order allow,deny

deny from all

</Files>

Great, now my site is secured.  What about that restoration plan you mentioned earlier?

Backup, backup, backup!  I cannot stress this enough! If by chance a hacker is able to break through all these security measures we have put in place, the fastest way to get your site backup is by restoring a backup.

Depending on what service you have with TurnKey, we do provide backups.  However, it is not the responsibility of TurnKey to maintain your backups.  You should not rely on our backups and keep your own backups as well.  Our terms of service allows for you to keep one (1) full account backup stored on the server.  TurnKey recommends taking backups of your account weekly or even daily.  Connecting with an FTP client and storing the backup in a secure location.

While WordPress does off automatic updating services, we have disabled some of the PHP features required for this service to work on our shared hosting platforms.  The reasoning on this, we do not allow for the use of PHP execute.  This is for security purposes.

Inside your control panel you have the ability to take full account backups and database backups.  I strongly recommend doing so.

TurnKey also offers a backup add on service called TurnKey Vault which we highly recommend for anyone with a dedicated or cloud-based server, so you can protect your data If you need any assistance with competing any of the tasks listed in this blog, email our support team (helpdesk@turnkeyinternet.net) and we would be happy to assist you.

Happy blogging!

Share : Facebooktwitterredditlinkedinmail

It’s 2016 – Is Your Office Server or Web Site Being Held Hostage?   no comments

May 5, 2016 @ 6:07am cloud security
Share : Facebooktwitterredditlinkedinmail

ransomwareThe latest wave of computer security news may sound like the headline of a new Bruce Willis movie – but Ransomware is now part of the daily conversation between not only security experts, but unfortunately by office managers and PC users across the globe having to deal with the ramifications.

This year malware infections, more specifically ransomware, have seen an exponential growth. They are also becoming more sophisticated, using newer methods that are not only harder to detect, but also require less user interaction.

Security researchers report attackers are not only upgrading their malware to make it more unbreakable, they are also using unique methods of distribution. In some cases, these methods require no user interaction at all.

In the past, most ransomware infections occurred via phishing attacks, which required a user to click on a malicious website or email link. But these newer attacks are less dependent on user interaction and more dependent on unpatched vulnerabilities or poor security practices.

These new breeds of ransomware are utilizing more advanced methods to attack computers and encrypt their files, before you even realize what’s happened. You are then forced to either pay the ransom or hope you have a backup recent enough to prevent any lost data.

To protect yourself you need to follow best practices, such as

  1. backup your servers and PC’s
  2. backup your servers and PC’s
  3. see item (1) and (2) above (seriously!)
  4. keep your software and systems patched and up-to-date
  5. Have a corporate gateway firewall with advanced threat protection
  6. Have / Install / Update local AntiVirus and Malware Software protection
  7. Always avoid opening un-expected emails or attachments
  8. Avoid clicking to web sites you don’t recognize (especially if sent in email)
  9. if you aren’t backing up your servers and PC’s already – stop reading and visit https://turnkeyvault.com/

It’s pretty simple – the same things that protect your office data and servers from most threats apply here, but the damage of ransomware encrypting and disabling all your corporate data within seconds or minutes is real and has lead to some high profile cases including hospitals being locked out of all their data due to ransomware!  Don’t let your business fall victim to the bad-named villain of a Bruce Willis movie – ransomware is among the most costly cyber threats actively attacking businesses right this very second.

Make no mistake – backing up your data is a must have in any security policy, and utilizing a secure remote cloud based backup solution such as  TurnKey Vault is ideal.  Make sure whatever backup solution you deploy offers data encryption, supports both desktop PC’s and Macs, as well as Linux and Windows based servers.  A backup solution like TurnKey Vault offers live cloud replication which will get you back on your feet in minutes in case of a true disaster by creating a live cloud-based copy of any PC workstation or Server accessible from anywhere over the Internet to get you access to your data and applications quickly.  If ransomware takes over your office network you can spin up a backup live copy of your servers and PC’s with TurnKey Vault from a time before the ransomware took over your office – and will have you saying “Yippee Ki-Yay” just like Bruce Willis as the ransomeware data hostage takers wont ever see a dime, and you will have all your data safe and secure.

 

Share : Facebooktwitterredditlinkedinmail

DROWN Attacks – Web Encryption No Longer Safe – Is My Web Site at Risk?   no comments

Apr 28, 2016 @ 9:07am Web hosting
Share : Facebooktwitterredditlinkedinmail

drown-attackEncryption fills the headlines with stories of APPLE and decoding iPhones – but with all the security challenges and cyber threats today – its getting hard pressed to have a web site, computer, or mobile device and not realize your data is as private as you once thought.  Encryption is what protects (hides) the details of what we do online certain web sites – keeping your private banking or purchasing data (or online traffic hidden) from prying eyes.  But last month a new threat called DROWN was publicized that essentially made it so many web sites you shop, visit or utilize that you thought were secure and private via their https SSL encrypted access turned out to not be so private.

DROWN, standing for Decrypting RSA with Obsolete and Weakened eNcryption, is an xample of a cross-protocol attack that exploits weaknesses in the widely used online encryption protocol, SSLv2.  Using weaknesses in the SSLv2 implementations against TLS (transport layer security) hackers can “decrypt passively collected TLS sessions from up to date clients.” Or in simpler terms, hackers and anyone can see what you are doing, your personal details, and more when you thought you may of been protected by that SSL ‘lock’ protected symbol next to the web site you were shopping or visiting.

TLS is probably the most important security protocol on the internet.  Almost every action you take on the internet relies on the use of a TLS version.  Not just you accessing a web site, but a lot of the back behind the scenes things like email transmission, to database connections, to sending files between servers for backups.

Fortunately, the latest versions of OpenSSL do not utilize SSLv2 connections by default.  However, if your certificate or key is being used in another location on a server that supports SSLv2, you could be at risk.  For example, the mail service (POP, IMAP, SMTP connections).

A DRWON attack would be able to decrypt HTTPS connections, sending specifically designed packets to another server.  If the certificate is on more than one server, it is possible a MitM (man in the middle) attack can be successful.

Isn’t SSLv2 depreciated?  Why is this still a threat?  In the early 2000’s SSLv2 was still supported by browsers, to be used as a fallback protocol.  An attacker could easily trick the browser into using an older protocol.  Thankfully, this is no longer an issue if you are using a recent version of your web browser.

While browsers are no longer supporting SSLv2, most servers still do.  Most servers are configured to use both TLS and SSLv2.  This means both protocols would use the same RSA private key.  Therefore, any bugs in the SSLv2 protocol that use the private key, potentially could affect the security of TLS.

While this all may sound a little scary, as most security vulnerabilities are.  TurnKey Internet takes all security avenues very seriously.  Our web hosting servers and software are always kept up to date.  If your account is on any of our shared hosting packages, you have nothing to worry about.  Just in case, you want to test your sites security against DROWN or the server your account is hosted on.  Please feel free to do so here – https://drownattack.com/#check  You will need to use the IP address your site is living on and not your domain name – which you can easily find by using a DNS lookup service such as http://www.getip.com/.

If you need assistance finding your web sites IP, or reviewing your security  please send us a support ticket (helpdesk@turnkeyinternet.net) and we would be happy to tell you.

 

 

 

 

Share : Facebooktwitterredditlinkedinmail

TurnKey Internet, Inc Launches ‘TurnKey’ All-Inclusive Managed Cloud Servers   no comments

Mar 29, 2016 @ 9:43am managed services
Share : Facebooktwitterredditlinkedinmail

TurnKey Internet, Inc Launches ‘TurnKey’ All-Inclusive Managed Cloud Servers

managed cloud services LATHAM, NEW YORK (March 29th, 2016) – Sustainable IT solutions provider TurnKey Internet, Inc. announced today the launch of a suite of ‘TurnKey’ All-Inclusive Managed Cloud Server offerings that extend the capabilities of traditional cloud servers backed with all-inclusive IT managed services including high availability, security, cloud migration, implementation, and ongoing optimization.

TurnKey All-Inclusive Managed Cloud Servers provide premium technical service and support that help businesses leverage easy to use cloud-based IT infrastructure so they can focus on running their business. The new service tier provides 24 x 7 access to TurnKey Internet’s local U.S. Network and Application Engineers to provide on-going guidance, security and performance monitoring to maintain and optimize cloud-based hosted infrastructure.

The new service tier includes hardware, network and software related support to deliver firewall security, VPN setup, high availability, server performance tuning, server security hardening, deep inspection monitoring, Denial of Service and DDoS protection, database replication, load balancing, disaster recovery planning, bare-metal and standard backups, and much more. Additionally, All-Inclusive Managed Servers bundle standard software licensing such as Microsoft Windows Server 2012, CentOS Linux, Plesk, Directadmin, and cPanel.

“We created the All-Inclusive Managed Service in response to customer and industry requests for a more ‘TurnKey’ approach to on-boarding and maintaining cloud-based infrastructure.” said Adam Wills, CEO of TurnKey Internet, Inc. He continued “All-Inclusive Managed Service in the cloud provides all-access to our Support and Application Engineers which is far more cost-efficient than hiring. In Today’s on demand IT world that is evolving faster and faster to hybrid cloud-based solutions, we are helping customers to meet their IT goals without having to invest in additional staff or complex on premise hardware.”
For more information about TurnKey Internet’s managed services or to speak with a cloud hosting expert, visit https://turnkeyinternet.net/managed/

About Turnkey Internet
Founded in 1999, TurnKey Internet, Inc. is a full-service green data center and leading provider of sustainable web hosting and IT solutions. From its SSAE 16 Type 2 and ENERGY STAR® certified facility in Latham, NY—New York’s Tech Valley Region—TurnKey offers cloud-based hosted services, web hosting, communication services, web-based IT systems, software as a service (SaaS), enterprise colocation services, and computing as a service to clients in more than 150 countries. For more information, please call (518) 618-0999 or visit www.turnkeyinternet.net/media.

Share : Facebooktwitterredditlinkedinmail

Cloud Backup Business Continuity : Prevention That Sizzles   no comments

Feb 2, 2016 @ 9:20am cloud,Web hosting
Share : Facebooktwitterredditlinkedinmail

billy-mays1When discussing Cloud Backup with our staff here at TurnKeyVault.com I am reminded of a saying from the Late Billy Mays, that said “Prevention doesn’t Sell”.  The famous  pitchman, and star of his own Reality Show “PitchMen” often said that your product has to have a visual “wow”, and prevention based products just don’t sizzle because you can’t effectively demonstrate and produce the WOW effect for potential buyers.

Backing up your data, to the cloud or otherwise, is basically prevention; prevention from disaster, your own financial and corporate demise is what you ultimately are hoping to prevent.  Recently some new advances in the cloud backup space have come to market, that specifically being business continuity backup services that have added some new WOW to a prevention based product line giving it some new sizzle that is getting the attention of business owners and IT managers alike.  It may not have the WOW effect visually on TV of getting a stain out of a shirt, but the right backup solution will save you time, and ultimately keep you employed if you ever need it.

 

Cloud backups

 When I say cloud backup, what immediately comes to mind? I personally imagine a white, puffy cloud in the sky that resembles a vault. Was that what came to mind for you? If not, that’s quite all right. A cloud backup is a piece of software that takes a snapshot of your server or desktop computer and then stores the data in the cloud. What exactly do I mean by the cloud? The cloud is a piece of software or data that is stored off-site that can be accessed from any location. Cloud backups allow for greater flexibility than a local disk or tape backup. A disk backup or tape backup has the limitation of only being able to access the data locally and can be damaged, lost or stolen leaving you without your backup data when you need it most.  Even with cloud backup, to get back up and running from a disaster requires that you setup new computers, and copy back your data, and in many cases reconfigure and re-install most of your applications.  That’s how local and cloud backups have done things for years and quite frankly it doesn’t sizzle any more like it used to.

Now there is some WOW factor – the next generation of cloud backup service offered by TurnKeyVault.com offer live cloud replication and complete business continuity.   Cloud Replication allows restoration of your cloud-based backed up data to any virtualized server in rapid fashion.  That means you can restore your desktop or server including the entire operating system, applications, licenses, settings, and all your data to a perfect copy just as it was before the disaster struck.  Providers like TurnKey Vault even offer fully automated cloud replicated desktops and servers that utilize cloud-based infrastructure to make your data available instantly and allow you to access them remotely from anywhere in the world.  The key aspect here, the sizzle, is that cloud replication removes the bottleneck of the traditional backup technologies that would rely on local internet service providers bandwidth availability, and saves potentially hours of business critical time waiting for your systems to be back in working order.

Should a disaster occur in which your infrastructure is no longer available or accessible to be restored, the need to purchase new hardware and set it up in a new office can be completely eliminated. Utilizing cloud infrastructure you can be back online in minutes, not days. Employees can continue their work from home, remotely accessing images of their old workstations running live in the cloud, ensuring your business does not skip a beat.  Prevention may not sizzle on TV commercials – but in the IT world, knowing there is a business continuity plan regardless of possible disaster scenarios will leave you thinking of the WOW of your new backup plan.

 

 

 

Share : Facebooktwitterredditlinkedinmail

Written by Adam on February 2nd, 2016

Tagged with , , , ,

Did Your Web Site survive Mobilegeddon? Is your Web Site Mobile-Friendly?   no comments

Jan 26, 2016 @ 9:36am Web hosting
Share : Facebooktwitterredditlinkedinmail

 

Is-Your-Website-Mobile-Ready

It’s been less than a year since Google’s April 21st change over that created what was thought to be mobilegeddon – where web sites that didn’t meet Google’s design and layout plans for being mobile friendly would be pushed down in the tankings (penalized if you will) to encourage more web sites to be universally accessible and usable. You see, big changes came to Google’s search algorithm. More specifically, the ranking of sites that are mobile-friendly. You may be wondering by what exactly I mean by “mobile-friendly” and how having a “mobile-friendly” website can increase your Google  SEO rankings. In order to clear up your confusion on mobile-friendly websites, let me start by asking you another question. Have you ever tried to view your favorite website on your cell phone or your mobile device? Chances are that in this information driven, technological day and age, that you’ve at least attempted to view one website on your mobile device. How was it? Did the site look as you thought it would and work properly? Or did see a funky website with styling’s out of whack and no idea on how to navigate this crazy looking website?

 

You see, my friend, that site wouldn’t be considered “mobile-friendly”. If you haven’t figured out what a “mobile-friendly” website is by now, then let me enlighten you. A mobile-friendly website is a website that has been designed for your mobile phone. This could mean the website looks completely different, however, the basic functionality of the site is still there. For example, go to yahoo.com in your computer browser and then go yahoo.com on your phone. Notice any difference? You see, yahoo is a great example of how a mobile-friendly website is supposed to function. The site when viewed on your phone may be slightly different, however, the site is still providing the same content.

As more and more users view websites on mobile devices, Google decided that it’s time to make it easier to find relevant, mobile-optimized websites. To do this, Google will now use mobile-friendliness as a factor in ranking search results. If you’ve not created a mobile-friendly website, no worries as Google has provided guides on how to create a mobile friendly website and also a mobile-website friendly tester.

Also, in addition to favoring mobile-friendly websites, Google announced that it will include content from mobile apps when ranking search results. Google is terming this App Indexing and it requires manually activation for your app content to be scanned and appear on search results.

With all of that being said, many people passed over “Mobilegeddon” without realizing it – and maybe now is a good time to re-review what you thought was mobile ready and where google thinks you are, and if you didn’t prepare last year then now is the time to consider revamping your web site.

Is your website mobile-friendly? If not sure or you want some tips check the links below:

https://developers.google.com/webmasters/mobile-sites/get-started/?utm_source=wmc-blog&utm_medium=referral&utm_campaign=mobile-friendly

https://www.google.com/webmasters/tools/mobile-friendly/?utm_source=wmc-blog&utm_medium=referral&utm_campaign=mobile-friendly

https://developers.google.com/app-indexing/webmasters/details?utm_source=wmc-blog&utm_medium=referral&utm_campaign=mobile-friendly

 

Share : Facebooktwitterredditlinkedinmail

Written by Adam on January 26th, 2016

Tagged with , , , ,

Will Your Local Grocery Store Be Selling Cloud Hosted Services Next?   no comments

Jan 12, 2016 @ 9:34am Web hosting
Share : Facebooktwitterredditlinkedinmail

grocery-storeWill your local grocery store be selling cloud hosted services next?  This may seem like a silly question but the reality is big companies in many markets like HP, Dell, and major telecom companies have chased the cloud services market spending billions.   The theory is anyone can get in on the cloud services gold rush.

 

The great Cloud Services gold rush is real – for the last few years major corporations like HP, AT&T, Verizon, TechData, Dell, and many more have spent billions trying to re-tool their tired business models into new trendy cloud-services models.  The unfortunate problem is that they each keep coming up short, and shuttering the doors.  HP announced the end of its cloud services at the end of 2015.  AT&T already handed over full control of it’s managed hosting to IBM and is rumored to be in talks to sell off the $2B in datacenter and hosting assets shortly.  Centurylink one of the nation’s largest telecom companies recently stated they are “considering alternatives to data center ownership” to exit the hosting market.  Telecom power house Windstream sold its datacenter and hosting business in 2015 to exit the market. The list goes on, and in 2016 we are sure to see others strategically and not-so-strategically exit the cloud services and datacenter market place

There is no question as to why every company on earth seems to be trying to get into the cloud services market, the perception of great riches and perceived low barrier to entry (people think its as easy as buy or rent some computers and put up your virtual lemonade for sale sign).  But the reason why even the deepest of pockets on earth can’t make those cloud services business profitable and viable at the same time cloud service companies continue to flourish, grow, and show industry and sector growth rates and profitability has major hedge fund managers, investors, and CEO’s scratching their heads as each major player unceremoniously exists the market.

The reason for success (and unfortunately failure) is so simple, it’s literally in the name – Cloud Services, and that is the word SERVICE.   That would be service you can provide only with experience – when its your core product, your core competency and you have you have been doing it for many years with a customer-focused vision to deliver what the client wants.  The word I believe best describes it would be  hubris.   So many big companies thinking they can successfully translate selling or delivering groceries, cd’s, software, desktop pc’s or computer parts into a cloud infrastructure and cloud services company comes at a large price tag, billions lost by these companies that are shuttering the doors and pulling the plugs on their cloud services gold rush attempts.

When was the last time you called any of the failed ventures from the company names above to ask for help, or get some good old fashioned customer service?  Customer Service – talking to someone, hand holding a client as they transition to the cloud and genuinely having someone present to answer questions and help is the corner stone to what made the Web Hosting industry successful for key players over the last 20 years to help those players evolve into today’s cloud services companies that remain successful.  When was the last time you called the telephone company for help, how did that go for you?  Exactly – and that’s why customers, revenue and growth flock to where there is genuine customer service.  Service comes with experience of course, and you don’t just become a successful cloud services company over night.

Don’t get me wrong – there is a place for non customer service oriented offerings in the cloud landscape for do-it-your-selfers and through partnering service companies that add on top that layer of a cloud infrastructure offering.  AWS has captured the lion’s share of the market space with that strategy, but that didn’t come over night but evolved over 20 years.

There is a great quote in the 2011 movie Margin Call from actor Jeremy Irons that sums it up – “there are three ways to make a living in this business: be first, be smarter, or cheat.”  And I don’t think you are going to see any of these pc makers, or telephone companies accused of cheating their way to the top of the cloud services race while they fight over each other to sell off and unplug their cloud business units in the next few years.  The cloud service companies that have been around and made the right investments long ago in people, infrastructure, and culture will continue to succeed by delivering and focusing on what customers want.  Those that try to jump into the cloud services gold rush hopefully have the right core competency’s and culture to support a cloud services business model.  So next time you are at your grocery store, feel free to ask one of the cashiers or managers if they’ve heard any rumors about their grocery chain expanding into cloud services any time soon.  You might be surprised at the answer.

Share : Facebooktwitterredditlinkedinmail

Written by Adam on January 12th, 2016

Ditch the Messy Server Room and Move to Colocation   no comments

Jan 5, 2016 @ 9:13am colocation
Share : Facebooktwitterredditlinkedinmail

messy-server-room-wiringIn the late 80s /early 90s times where starting to change, this wonderful technology era we live in now was just beginning. Businesses now, need to be online in order to stay competitive and grow with this new age.

Like most business a Server Room was built, in a spare room or space in your office or home and today now resembles a pile of mis-colored wires that you could spend days trying to untangle. You purchased equipment that easily fit into your budget, and your team was able to configure the networking without any troubles. This setup was the same in all business across the board. In the beginning of this era, you could get away with this. There was no thought of cooling systems or ventilation. No notion of backup power systems, or any real working order was to be found in your Server Room.

Once again, the era of technology has changed. Businesses need their operations to run with super speeds, be secure, maintained, monitored, and most of all be redundant. The terms Server Room and Data Center could once be used interchangeably, no longer can they now.

A Server Room can be any room, in any building that houses servers. Whereas a Data Center, is a whole building designed to support and provide a secure, power protected, environmentally controlled space, used for accommodating servers, networking, and computer equipment.

 

Some of the key points to a Data Center, a Server Room does not have.

Security and Monitoring:

Most Server Rooms do not have a high volume of security. Besides the buildings overall security, there may be a lock on the Server Room door.

Data Centers pride themselves in the security features they offer. All entrances and exits are secured with a key coded entry system, as well as alarms. Not just alarms for entry. Alarms for temperature control, air pressure, fire / water control, ect. All Data Centers have network cameras, accessible to their staff and security team in a needed event. The cores / racks the servers are housed in are all locked. Only opened when your team needs to visit or by the Data Center staff, if needed.

Connectivity:

What good is your server if you have a fixed bandwidth rate? Most Server Rooms are capped off by their ISP as they are using a residential internet service.

Data Centers do not use any type of residential internet service and most times are able to set the bandwidth limits as they are needed by the server.

Redundancy:

If there is a power failure at your business, do you have a backup power plan? Most Server Rooms run from the same power source, as the full office. Making your sites and servers go down if there is ever a power failure.

Data Centers have a plan for any type of failure. When it comes to power failures, most Data Centers have battery backups, automatically triggered if the main power supply is not responding. When the system sees the backup batteries are being utilized, another backup power source is engaged, the generator.   At this point the battery backups turn off and all power is controlled by the generator until normal power is restored.

Affordability:

With a Server Room, you are accumulating all the costs that go along with it.  You may have had to cut advertising short or possibly even lay off good employees as the costs to maintain and house your equipment have risen. At a Data Center all those costs are tied into your package and at a much, much lower cost.

 

Environment:

Datacenters control the cooling and humidity – to a precise and perfect level to keep your equipment running as long as possible.  Storing equipment in non-conditioned environmental space like your server room or office closet will shorten the life of your equipment significantly (meaning it will cost you real money to replace broken equipment sooner).  Electronics are sensitive to things like electrical and static shock, which occur due to improper humidity (moisture) and you can even find corrosion on the electronics in some poor environmental conditions.  Its crucial if you have valuable equipment to store it in a properly humidified and cooled location like a datacenter.

 

Green (going Green):

Some modern datacenters, like TurnKey Internet’s Green Datacenter , offer one additional benefit ontop of everything above.  Your IT equipment and servers consume less energy in terms of cooling and power draw in a modern green-focused datacenter – and in TurnKey Internet’s datacenter your equipment consumes energy provided by only by the Sun (on-site solar array) and Water (Hydro power) providing zero carbon foot prints for your IT infrastructure versus having it at your office.

 

Our offices do not look anything like they did 20 years ago. Our businesses are not what they were 20 years ago. Most companies have employees living all around the world, remoting in for work. Your administrative staff is no longer dependent on white out, typewriters, and filing cabinets. You attend conferences and meetings by using a phone, tablet, or even your watch. The majority of your business is conducted over email and most of your sales are placed through your website. In order to keep up with these growing times, we now need to ditch the Server Room and head to the Data Center.

 

Share : Facebooktwitterredditlinkedinmail

The Cyber Monday Blues : Don’t Let Your IT or Web Site Let You Down   no comments

Dec 1, 2015 @ 3:11pm cloud
Share : Facebooktwitterredditlinkedinmail

target_crash_cyber_monday_2015Black Friday is in the rear view mirror, and Cyber Monday is quickly passing by – did your web site survive the storm?  Both Target.com and Paypal.com experienced major outages for Cyber Monday this year.

Being prepared for large spikes in traffic is one thing, loosing sales and upsetting customers can have long term ramifications that can’t be easily fixed.  One of our own employees happened to be participating in this years land rush to Cyber Monday during his lunch break, placed an order online Target successfully only to get emailed hours later that the order had been cancelled due to availability sold out (After having accepted the order).  He was luckier than most, the site took his order online – but the end result the same as other angry Target.com shoppers yesterday – he was left out in the cold this winter shopping season.

 

Target’s response online twitter confirmed the issues, multiple site delays and crashes and mentioned this year’s traffic exceeding double the previous year’s as a cause (though online traffic reporting and analytics company’s Alexa.com and Netcraft.com could not confirm a double in volume or remotely close to that regarding Target.com).

It brings up a good lesson for any business to keep in mind.  Just what impact is there on your business if your web site or customer data, inventory, or ordering systems are inaccessible or worse, crash and loose data.  Do you have a business continuity plan and what is the financial loss (time, sales, and loss of good will for the future) mean to your business?

Just a couple of years ago around Black Friday and Cyber Monday shopping season Target announced falling victim to millions of account’s being compromised including credit card information – among the worst hacking scandals of the last decade in the news.  Yet Target has survived and continues, but not all business are so lucky to survive major mis-steps like these and being un prepared or blind sided when their IT infrastructure is not adequately prepared.

Being prepared for the best (big volume spikes for the holiday shopping season) also means being prepared for the worst (outages, data loss, data corruption, and more).   Having your web site or IT infrastructure hosted in the cloud using a seasoned IT firm like TurnKey Internet can offer a safety net utilizing hardened technologies to provide the scallability and redundancy crucial for your business.

Also, consider having your corporate data, servers, and web sites mirrored into the Cloud with a service like TurnKey Vault – regardless if you are a Billion dollar retail chain, or a small business office – we all need continuous reliable access to our data to keep the lights on.

Proper planning can mean the difference of going out of business versus surviving in an unexpected crisis – not every business gets multiple strikes against them and lives to tell about it.    Don’t wait until next holiday season to evaluate your cloud-based infrastructure.

Share : Facebooktwitterredditlinkedinmail

TurnKey Internet, Inc Expands Customer Loyalty Bonus Program for Black Friday 2015   no comments

Nov 19, 2015 @ 12:51am black friday
Share : Facebooktwitterredditlinkedinmail

black-friday  LATHAM, NEW YORK (November 23, 2015) – Sustainable IT solutions provider TurnKey Internet, Inc. announced today the launch of their 2015 Black Friday Deals offering some of the best cloud services, datacenter facility services, and web hosting offers for 2015.

TurnKey Internet is known for running its eagerly-awaited, industry-leading Black Friday specials, and this year is no different. TurnKey Internet is offering 80% off for the life on nearly every product they offer – cloud servers, disaster recovery backup services, cloud storage, dedicated servers, virtual private servers, cPanel web hosting, Microsoft Windows web hosting, enterprise colocation services, SEO optimized web hosting, and much more. More information can be found at https://www.turnkeyinternet.net/blackfriday/ .

In a bold move in contrast to other companies that exclude or limit their best seasonal deals from existing clients – TurnKey is rewarding existing clients with a loyalty bonus. The loyalty bonus is applied as a free month of service for every previous year of loyalty when purchasing any new services during this Black Friday promotional period. This gives existing clients access to deals greater than 80% off when factoring in the free loyalty bonus months of service included.

“We love our loyal clients and I’m truly excited to expand our loyalty bonus during our Black Friday promotion.” Remarked Adam Wills, CEO of TurnKey Internet. “While most companies offer only their best deals to new customers, we shake up that model and put the customer first. TurnKey is focused on giving back to our loyal clients with added bonuses on top of access to the very best cloud hosted services. Last year exceeded all expectations- and I am happy we are offering deals like these to our valued clients and potential new clients across the globe. “

About Turnkey Internet

Founded in 1999, TurnKey Internet, Inc. is a full-service green data center and leading provider of sustainable web hosting and IT solutions. From its SSAE 16 Type 2 and ENERGY STAR® certified facility in Latham, NY— New York’s Tech Valley Region —. TurnKey offers cloud-based hosted services, web hosting, communication services, web-based IT systems, software as a service (SaaS), enterprise colocation services, and computing as a service to clients in more than 150 countries. For more information, please call (518) 618-0999 or visit www.turnkeyinternet.net/media.

 

 

Share : Facebooktwitterredditlinkedinmail

Written by Adam on November 19th, 2015

Tagged with , , ,