Ping! Zine Issue 81 - A Transparent View from a Legally Blind Marketer by Ping! Zine Web Hosting Magazine

PINGZINE TABLE OF CONTENTS

PING! ZINE

THE STAFF...

081

EXECUTIVE STAFF Publisher Keith Duncan Production Manager Lois Clark-Mayer Marketing Director Zachary McClung Executive Editor Dave Young Senior Online Editor Robert Lang

EDITORIAL STAFF Technical Editor Frank Feingold

page ten

Associate Editor Peter Burns Headlines Editor Derek Vaughan

six DATA FOUNDRY ANNOUNCES THE OPENING OF ITS NEWEST HOUSTON DATA CENTER

eight INVESTMENT IN THE DATA CENTER WORLD

ten A TRANSPARENT VIEW FROM A LEGALLY BLIND MARKETER

thirteen HOW DEPRESSION AND STRESS IN THE WORKPLACE ARE KILLING PRODUCTIVITY

CONTRIBUTING WRITERS STEPHEN BRENT MAY Graeme Cowan EVAN KAMLET Dietrich Benjes JANE GRAFTON ALAN GLAZER SHARON KOIFMAN

eighteen

sixteen HOSTINGCON 20515 WRAP-UP

WORDPRESS SECURITY

ADDRESS Ping! Zine, LLC Post Office Box 516

NETWORK • LEARN • GROW

SEPT 22-23, 2015 AMSTERDAM, NETHERLANDS

twenty FEATURED SESSIONS AT HOSTINGCON EUROPE 2015

twenty two

PROTECT YOUR DATA: TOP TEN “NEED TO KNOW” TIPS

THE PREMIER INDUSTRY CONFERENCE AND TRADE SHOW FOR HOSTING AND CLOUD PROVIDERS.

Magazine,

Published

and

Copyrighted

2015

EUROPE.HOSTINGCON.COM

Permission to reproduce part or all of this issue must be secured

twenty four MY BOSS THINKS I’M A SECURITY THREAT

twenty eight

TOP DISASTER RECOVERY CHALLENGES & HOW TO ADDRESS THEM

in writing from the publisher. Complementary subscriptions are at the discretion of the publisher and may be cancelled or modified at any time. Unsolicited submissions are welcome. We assume no liability for lost or damage of submissions. We assume no liability for the content of this issue and all points and ideas are strictly that of the writers involved and not that of the publisher, publishing company, printing company or editors.

thirty

WHAT IS REMOTE RECRUITING AND HOW CAN IT HELP MY COMPANY?

DON’T MISS AN ISSUE! SUBSCRIBE NOW WWW.PINGZINE.COM/SUBSCRIBE

DIGITAL EDITIONS...FREE!

PING! ZINE

BITS & BYTES

Data Foundry Announces the Opening of Its Newest Houston Data Center

Data Foundry, a leading provider of data center colocation, managed and network services, finished construction and commissioning of Houston 2, a 350,000 SQ FT, purpose built data center on their 18-acre campus in North Houston. This is the Company’s second data center in Houston, and was built in response to the lack of premium colocation options for the Houston business community. Data Foundry is known in the industry for providing premier colocation with superior service and support. Engineered for flexibility, Houston 2 can accommodate colocation requirements from single cabinet to large wholesale deployments, along with a choice of 11+ diverse network carriers, providing redundancy and greater competitive pricing. Designed for performance, the 60MW facility with dual 34.5 kV underground utility feeds can accommodate the most demanding HPC (High Performance Computing) environments. Houston 2 can withstand winds up to 185 MPH and the campus site was strategically chosen to be outside of the 500-year flood plain. “Our Houston 2 data center was constructed to support unprecedented growth we’re experiencing in the region,” said Shane Menking, CFO and President of Data Foundry. “Houston has been an underserved market that has been waiting for a large scale, premium data center with the high level of service and quality Data Foundry provides.” Houston 2 was designed with customers in mind and this can be seen throughout the facility. For colocation deployments,

the depressed slab design allows for zero ramps from the loading dock to the white floor space, which is a unique design feature of Houston 2. Customers have the ability to rent and customize 60,000 SQ FT of available office space and many customer comforts are available on site: Conference Rooms, Customer Lounge, Lockers, Shower Facilities and a 75-person Technology Briefing Center for events and presentations. Data Foundry will continue to operate its Houston 1 data center, which is located in the Galleria/West Loop area. They also own and operate two data centers in Austin and offer a suite of global colocation and managed services in data centers located in Ashburn, Va., Los Angeles, Amsterdam and Hong Kong. About Data Foundry Data Foundry provides comprehensive wholesale and retail data center outsourcing, colocation, and disaster recovery services. The company provides its customers with secure premium facilities for servers and equipment, emergency workspace and carrier-neutral network accessibility, supported by experienced onsite technicians and customer support 24/7/365. The company supports more than 1,000 enterprise customers across a variety of industries including energy, healthcare and financial services. Founded in 1994, Data Foundry was the first Internet Service Provider in San Antonio and one of the first 50 Internet Service Providers in the United States. Today, Data Foundry operates data centers in Austin and Houston and owns private networks in Austin, Houston, San Antonio and Dallas. For more information, visit www. datafoundry.com or call 1.888.839.2794. P!

DOMAINS | MAIL | HOSTING | eCOMMERCE | SERVERS

.COM FREE! LIMITED TIME OFFER

ÂŽ

1 (877) 461-2631 *Limit 1 .com domain per customer, new customers only. Offer and pricing does not include any fees charged by ICANN, currently $0.18/year, which must be paid at sign up. After the first year, regular pricing applies. Valid credit card must be provided upon sign up, which will be used to pay any ICANN fees. Credit card will be charged for the second year if domain registration is not canceled prior to the anniversary of the domain registration date. Additional .com domains are available at $14.99/year plus ICANN fees. 1&1 and the 1&1 logo are trademarks of 1&1 Internet, all other trademarks are property of their respective owners. ÂŠ2015 1&1 Internet. All rights reserved.

1and1.com

PING! ZINE BITS & BYTES

Investment in the D The growth of the data center technology industry would seem to be a given. The globalization of information technology, the trend towards near-ubiquitous connectivity, the proliferation of mobile smart devices, the rise of cloud computing and the expanding market for data analysis all mean that demand for data center services can only rise, and steeply. Yet this level of demand is so great that it could very easily overwhelm supply. The coming Internet of Things (IoT) in particular will devour massive amounts of storage capacity, and unless data centers invest now in next-level storage capacity and server technology, the whole connectivity project could easily grind to a halt, or at the very least move forward a lot slower than it needs to. The situation then is that data centers represent a huge potential market for investors â&#x20AC;&#x201C; but only if they receive sufficient investment to meet the challenges of new technology and realize their own potential growth. Once this wheel starts turning it can only be beneficial for everyone, including not only the data centers, their clients and their backers, but also the wider world that will benefit from the technological advances so facilitated. But to get it started investors need to have faith in the future, and give it a helping push. Showing the way Many of the big names in the industry are already investing huge sums of money into data centers, realizing that their future lies in expansion, and being able to handle the huge growth in data they are hoping to see. Microsoft has spent 750 million dollars on its Wyoming data center, expanding three times over the past four years. Apple Inc. has committed to spending almost two billion dollars on two European data centers. Big hitters like Facebook, Amazon and Google are also investing in renewable energy projects in order to provide the extra power they foresee their data centers requiring. Where the big fish lead, the shoals of smaller fish are sure to follow. If the industry insiders are prepared to invest so much in their data centers, then the wider investment community must also sit up and take notice. Getting connected Most experts concur that the IoT will drive technology investment over the next decade. According to recent research there are 08

BITS & BYTES PING! ZINE

Data Center World expected to be over twenty billion connected devices by 2020, effectively revolutionizing the marketplace and business in general. Data center capacity urgently needs to be increased to cope with a predicted increase in demand of 750% over the next four to five years alone. Investment in IoT hosted data center platforms is therefore essential, and businesses need to focus on their IoT service platform requirements at data center level rather than at the level of individual servers or storage devices. Itâ&#x20AC;&#x2122;s sobering to consider that 90% of the data in the world was generated in the past two years, and that in another 18 months this amount will have doubled again, and will continue to grow exponentially. This represents huge challenges, but also unparalleled investment opportunities. Ways to invest Much of the investment in data centers so far has been in the form of real estate investment trusts (REITs). These have done very well and have generally outperformed other REITs. Yet they also represent a fundamental misconception. The value of data centers is increasingly not in real estate, but in the data they store and the technology they use. The rise of cloud computing bears this out; though cloud REITs are growing in popularity at a phenomenal rate, the cloud is not tied to real estate, or any one data center, and information can be moved around at the click of a mouse. To stay competitive, data centers need to invest in their technology rather than their real estate. Conventional equity stock is one way to invest if a data center company is publicly traded, but a better and more potentially lucrative possibility could be binary options. By developing an investment strategy through a website likehttp://www.binaryoptionstrategy.euÂ an investor can give the industry the support it requires while standing an excellent chance of getting a good return as a result. Data centers currently sit at a confluence of real estate and technology; as such they are extremely attractive to investors while also making them wary, for they represent an unfamiliar and complex combination of risk factors that are difficult to assess. After all, not every data center is a sound investment. Only those that are prepared to grow with the times and keep up to date with the changes required by advancing technology stand to benefit the most from investment, and will pass those benefits on to their backers many times over. P! 09

PING! ZINE by stephen brent may I’ve recently become slightly obsessed with Rand Fishkin of Moz. In reading his story, I was struck by how open and transparent he is - not only about the company he co-founded but about his personal life, as well. On his personal blog, he wrote openly about his struggle with depression.

I’ve always valued transparency in business, and I believe it causes people to feel more accountable for their work and it increases their “buy-in” when it comes to accepting work, as well. What I’ve never thought about is what happens when our fearless leaders become transparent with more than business. After reading Rand’s blog, I know the answer. They become human.

Instead of respecting and praising these people for only what they’ve done in business, we start also to respect and revere them for who they are as a real-life human outside of the office. What Does This Have To Do With Me? I’ve always liked to think of myself as an open book. My social media accounts are public, people at work know where I live, they know about my dogs and all that fun stuff.

What a lot of people might not know is that I’m legally blind. Granted, a lot of people I work with do know, but a lot of people I work with don’t. It’s not because I wouldn’t tell them; it’s just not something I talk about. I never really thought there was a reason to share it, but after reading Rand’s blog, I have decided there might be a reason.

There might be someone out there in high school, college or even early in their career who is in the same boat, and they may not have had the same support system I had. They may actually have a lot of people telling them they can’t do certain things, and that’s not the case. I mean, in reality, could I be a brain surgeon? I probably shouldn’t, but in my mind, it was never off the table. Hindsight Is 20/20, Or In My Case 20/200 Forget high school and college. Those years are hard enough without throwing the vision in the mix. When you’re young, you just want to be like everybody else and do all the things your friends are doing, and while I was pretty good at assimilating, there were always things that were a little more challenging for me. I just had a great group of family and friends who never made me feel like my experience was any different. Even in my fleeting moments of “why does everything have to be so much harder for me?”, I always imagined that once I was out in the real world, that would all change. It was the piece of hope I needed to make it easier. But… News Flash: graduating college didn’t make me not legally blind, and when I got to the real world, there was a whole new slew of things I hadn’t dealt with before.

“Here’s this spreadsheet with a 6pt. font. Can you read line 5 to the group of 10 managers in this room?”

“Ummm…well, it says…um…actually, I’m having a hard time reading this.”

feature PING! ZINE

A Transparent View from a Legally Blind Marketer At the beginning of my career, I felt like being legally blind somehow made me less qualified. I was never forthcoming about why I couldn’t see something, and I tried to hide all the little tricks I used to see things better. In my mind, I thought it would be harder to get promoted if people knew, and in some really shitty workplaces, that’s probably still a reality. Pro-tip: Stop working there immediately.

I also have a Superman complex, which makes it hard for me to admit when something presents a challenge. But as I’ve gotten older, I’ve learned to stop caring so much about other people’s perceptions. I know I do great work, and if that requires me to sit closer to my computer monitor, who cares? And if you do care, why are you in my office…or my life for that matter? There are a lot of companies, like Apple, for example, who win awards for developing accessibility features for people like me. I used to hate using these features because I felt like I was accepting defeat, but now I realize they are there to make my life easier. I was dealt a shit deck when it came to eyesight, but I don’t have to make it harder on myself, and it took me a while to get there.

I use the zoom feature on my iPhone and computer, but in the past, if someone walked in the room, I’d quickly zoom out so they didn’t notice. That seems so stupid to me now, but I was a work in progress. Seeing Things More Clearly I hate when people say “I suffer from…” I don’t suffer from low vision; I succeed because of it.

It makes me work harder to prove people wrong. It makes me bust my ass to prove myself wrong. I have a co-worker who is deaf, and when he wants to focus on coding, he turns his hearing aid off. That’s brilliant, and that’s making the most of it. Hell, if I see someone struggling to carry some heavy boxes while trying to open a door, I can always claim I didn’t see it to keep from helping. If they know I’m legally blind, they will never question me. This example may make me sound like an awful person, but my point is, use what you have to propel you, and stop letting what you don’t have define your success.

Do I think I’m some great influential leader who will change the world with this post? Nope.

But if I can help or inspire one person to do something they thought was impossible, well, that’s pretty cool. So yeah, let’s be a little more transparent and let people see inside. Well, most people. I still won’t be able to. :-) P! Stephen Brent May - Marketing Product Owner, cPanel After 10 years of experience with traditional marketing methodologies, Stephen made the switch to operating in an agile marketing environment. He has conducted workshops and written blog posts on the topic. Outside of his role at cPanel, Stephen currently serves on the board of directors for the Houston Chapter of the American Marketing Association. You can connect with him on LinkedIn at: linkedin.com/in/stephenmay

Technology your strength? Marketing not so much? Let eBridge make it simple. NEWSLETTERS

LEAD GENERATION

PODCASTS

DISPLAY / MEDIA

PAID SOCIAL

SEARCH MARKETING

Comprehensive Experienced

PARTNERSHIPS

DESIGN /CRO

Reliable Responsive Trusted since 2001

CONNECTING WEB HOSTING BUYERS & SELLERS ConďŹ dential

SPONSORSHIP

SOCIAL MEDIA

CONTENT

www.ebridgemarketingsolutions.com

RETARGETING

Free to subscribe. Connect with your next deal at thehostbroker.com

HOW DO YOU MEASURE UP? Check the results of your last campaign. Call us to get your free ROI tool (888) 436.5262.

GET THE CUSTOMERS YOU DESERVE Pay per click model Strong buyer intent Unbiased search results Register with us now at www.searchhostingvendors.com

feature PING! ZINE

How Depression and Stress in the Workplace Are Killing Productivity As companies strive to compete in a global economy, they become high-stress incubators for mental health problems. This wreaks havoc on productivity. Graeme Cowan explains why we must overcome the stigma associated with depression and tackle the “elephant” head-on. In a hypercompetitive global economy, organizations must be “on” 24/7. Yet this scramble for perpetual performance is taking a harsh toll on employees. They relentlessly push to get ahead and stay ahead— working longer days, emailing after hours, taking fewer vacations—often with little acknowledgment for their efforts. The result is a workforce that’s not just disengaged (Gallup’s 2013 State of the American Workplace report revealed that 70 percent of U.S. employees fall into this category), but also stressed and depressed. And here’s the irony, says Graeme Cowan: The constant hustle aimed at increasing productivity and profitability actually decreases both. “The mental and emotional state of today’s workforce is abysmal,” says Cowan, a survivor of depression and author of Back from the Brink: True Stories and Practical Help for Overcoming Depression and Bipolar Disorder (New Harbinger Publications, Inc., 2014, ISBN: 978-1-608-82856-2, $16.95, www. IAmBackFromTheBrink.com). “And since there’s a stigma around mental health issues, people aren’t seeking help. In fact, despite depression and stress disorders being the biggest source of lost productivity, my research shows that 86 percent of those afflicted would rather suffer in silence. That’s very bad news for employers, who may have a big portion of their workforce struggling along at reduced capacity.” Cowan, who is Australian, knows the ravages of depression firsthand. After spending most of his life as a senior executive with organizations like Johnson & Johnson and A.T. Kearney, he suffered a mental breakdown, culminating in a suicide attempt. It was then that he began to wonder how widespread and impactful a problem workplace depression really is. Turns out the problem is quite costly indeed. A study recently published by the Journal of the American Medical Association found that depressed workers experienced more health-related productivity losses than those without depression—costing employers $44 billion. A big part of the problem is a phenomenon called presenteeism—meaning that people are physically at work but not engaged and certainly not fully functioning. In fact, the JAMA study found that presenteeism accounts for greater losses in productivity among depressed workers than does absenteeism. “The loss in productivity caused by depression is extremely difficult to track because it manifests via poor performance,” notes Cowan. “But companies that don’t address the elephant in the boardroom will suffer— even if they don’t know they’re suffering at all.”

Here are just a few of Cowan’s recommendations for leaders seeking to help depressed employees: Be proactive about helping employees treat depression. Cowan recommends providing employees with workplace resources—including a mental health policy, wellness program, and intranet materials—to help them take action to deal with their illness. Whether available via an organization’s intranet or downloadable in the form of a smartphone app, these resources must be both practical and evidence-based. To accommodate different learning styles, multimedia delivery would be optimal. Companies could also assemble a panel or list of suitable mental health professionals whom employees can feel comfortable going to when they need assistance. “A big regret for depressed individuals is that they didn’t get an accurate diagnosis and treatment plan earlier,” says Cowan. “There is a stigma around depression that discourages people from getting treatment. But when companies emphasize the importance of treating these issues, they help destigmatize them, which will lead to more people’s getting the help they need more quickly.” Know how to recognize the signs of depression. Of course, a key step in providing employees with the care and support they need is knowing what signs indicate they may be suffering from depression. If a normally reliable employee starts calling in sick more than usual, missing deadlines or meetings, looks tired or overwhelmed, or has a decrease in overall performance, they could be depressed. “Employers, managers, and coworkers should also keep an eye out for changes in temperament,” notes Cowan. “For example, maybe an employee was well known for greeting you and other coworkers each morning or making friendly conversation during work breaks, but now goes straight to his desk or spends his breaks alone or surfing the Internet. These could each be signs that depression has taken hold and certainly indicate it might be time to check in with them and see how they’re doing.” Teach managers and team members how to ask “Are you okay?” Fifty-one percent of employees believe that the most effective way to address harmful stress is “speaking to someone at work.” “This creates a compelling case to increase the will and skill of managers and team members to ask ‘Are you okay?’ and encourage the stressed employee to take action,” says Cowan. “I recommend a four-step process to building trust and helping someone you are concerned about. First, break the ice. The best ice breaker? Simply ask ‘Are you okay?’ Next, listen without judgment. Then, encourage action. And finally, follow up. “Many managers are paralyzed by the fear of saying the wrong thing and opt for saying nothing instead. I guarantee that if you approach the conversation with a genuine effort to ‘put yourself in their shoes,’ your intent will be felt and appreciated. Compassion or emotional support plays an essential role in recovering from depression. Employees say that when a supervisor or coworker shows they care about them as a person, it is the biggest predictor of recovery and return to productivity.” Make sure their work fits their strengths. Engaged employees, doing work they’re good at, are happy employees. Companies can help prevent workplace depression by making sure employees are satisfied with their work. And where depression already exists, Cowan says helping the employee get back to doing fulfilling work will help them recover. “Through my own work in recruitment, outplacement, and career planning, I know that a large percentage of employees aren’t in the right role, and this will often have a detrimental impact on their mental health,” notes Cowan. “Employees achieve the greatest fulfillment from work when they’re using their strengths. Tom Rath’s (Gallup, Inc.) book Strengths Based Leadership finds that employees who use their top five strengths on a daily basis are 600 percent more likely to be engaged at work and 300 percent more likely to be satisfied with their lives. “Martin Seligman in his book Flourish provides numerous case studies highlighting how recovery from mental illness can be enhanced by coaching people using their strengths. And of course, ensuring your employees are 14

doing work that is truly engaging and that they actually like to do is great for companies, too. Not only will employees be more productive, but their work will be of a greater quality.” Provide ways for employees to get exercise. One of the common symptoms of depression is fatigue and an overactive mind and underactive body. According to the Mayo Clinic, a 30-minute brisk walk improves your mood 2, 4, 8, and 12 hours later compared to those who don’t exercise. “A great way for companies to play a role here is to offer physical and mental wellness programs,” says Cowan. “Employees with a positive mood are 31 percent more productive, sell 37 percent more, and are 300 percent more creative. The productivity benefit that could flow from a program that builds employee physical and mental well-being is almost selfevident, especially in light of exercise’s being judged so important for recovery.” “If a virus or other illness was running rampant through your workforce, you wouldn’t sit back and do nothing while employees called in sick or sat at their desks unable to do their jobs,” says Cowan. “More than likely, you’d find ways to help your employees get well as soon as possible. That’s why it doesn’t make sense for employers to ignore the hold that depression has on so many of their employees. It’s time to get this elephant out of our boardrooms. Companies that recognize the importance of helping their employees get the mental health care they need will reap huge benefits.” P!.

About the Author: Graeme Cowan is the author of Back from the Brink: True Stories and Practical Help for Overcoming Depression and Bipolar Disorder (New Harbinger Publications, Inc., 2014, ISBN: 978-1608-82856-2, $16.95, www.IAmBackFromTheBrink.com). He is also a speaker who helps people build their resilience, well-being, and performance. Despite spending most of his career as a senior executive in Sydney, Australia, with organizations like Johnson & Johnson, Pfizer, and A.T. Kearney, Graeme had struggled with depression for more than 20 years. Graeme reemerged with not just a best-selling Australian book series to his name but a new attitude toward the way individuals approach recovery. He is also the author of the report “The Elephant in the Boardroom: Getting Mentally Fit for Work,” which highlights that 86 percent of people with a mood disorder in the workplace would rather suffer in silence than discuss their illnesses with colleagues. Cowan is one of Australia’s leading speakers and authors in the area of building resilience and mental health, and has appeared regularly on national Australian television and radio and had articles written in the Australian Financial Review on workplace health. He is also a director of the R U OK? Foundation, whose slogan is “A Conversation Could Change a Life” (www.ruokday.com), and was supported in its launch campaign with video promotions from Australian actors Hugh Jackman, Simon Baker, and Naomi Watts. Cowan is passionate about sharing his journey and helping others to find hope, know they are not alone, and find a way back from the brink. Sign up for his free 30-Day Mood Challenge at www. IAmBackFromTheBrink.com. About the Book: Back from the Brink: True Stories and Practical Help for Overcoming Depression and Bipolar Disorder (New Harbinger Publications, Inc., 2014, ISBN: 978-1-608-82856-2, $16.95, www. IAmBackFromTheBrink.com) is available at bookstores nationwide and major online booksellers.

PING! ZINE hostingcon 2015

s u o m r o n i g q h t #even

#isurvivedho

DISCOVER WHAT’S

POSSIBLE

s t s o c t u c s r e #microserv

NETWORK • LEARN • GROW

JULY 27 • 29, 2O15 igSAN htdistDIEGO, CALIFORNIA THE PREMIER CONFERENCE AND TRADE SHOW ricINDUSTRY t s tripAND CLOUD PROVIDERS. FOR HOSTING

#gasl

USE COUPON CODE PINGZINE2015 AND SAVE UP TO AN ADDITIONAL $60 OFF YOUR REGISTRATION

WWW.HOSTINGCON.COM/GLOBAL/

#bestswaga

hostingcon 2015 PING! ZINE

ostingcon2015

d e t r a t s y t r a enthep

#wh

DISCOVER

awardagain

#WHAT’S aft ert hep art y

POSSIBLE was ov

NETWORK • LEARN • GROW

JULY 27 • 29, 2O15 #ilearnnet

wSAN orkgroDIEGO, w

CALIFORNIA

THE PREMIER INDUSTRY CONFERENCE AND TRADE SHOW FOR HOSTING AND CLOUD PROVIDERS.

g a m a d s k USE COUPON CODE PINGZINE2015 AND SAVE UP TO AN roc ADDITIONAL $60 OFF YOUR REGISTRATION rero #co WWW.HOSTINGCON.COM/GLOBAL/

PING! ZINE WORDPRESS SECURITY BY evan kamlet

Wordpress Secruity Help Us Help you with Securing Your Wordpress

Almost 75 million websites are powered by one of the 98 versions of Wordpress (97 of which are insecure). Among self-hosted sites, almost 1 in 5 are Wordpress. Of those, hundreds of thousands are hacked, cracked, defaced, and otherwise ravaged daily. For better or worse, Wordpress is going to be around for the long haul. As a webhost, you may have a love/hate relationship with the software. In fact, you may tear your hair out over Wordpress daily. Here at Host4Yourself, we hire dedicated staff just to assist our Wordpress users and more importantly to maintain security. Maybe I am doing my own company a favor by giving YOU some tips on security. Why? Because YOUR hacked Wordpress installs are likely used to attempt compromise of OUR clients’ Wordpress sites as well! For your sake AND my sake, please utilize these 5 tips to keep Wordpress happy and secure for your clients!

Latest Posts

1) REQUIRE UPDATES. SOFTACULOUS IS YOUR FRIEND.

* Security plug-ins-Not so secure?

If your clients aren’t updating Wordpress, they should be scolded. You should remind your clients that religiously updating Wordpress AND all of its plugins is life-or-death. You should also consider using Softaculous. At only a couple of bucks per month, you can not only give your clients oneclick Wordpress installs, but also utilize the automatic update feature. You can even import existing Wordpress installs into Softaculous so that they begin to receive automatic software updates. This is huge! Softaculous also features over 350 other scripts, each with auto-updates. 2) WATCH OUT FOR SYMLINKS!! Your servers may have PHP open_base protection, Apache mod_security, jailed shells, and all of the security bells and whistles, but one little trick brings them all to their knees. Those darned symlinks! Most cPanel and other Linux servers require that PHP scripts be world-readable so that the webserver can access them. In most cases, your users will leave their wp-config.php file with these default permissions too. THIS IS BAD! Every host has probably seen a hacked Wordpress or other script where symlink attacks are used to attempt root compromise of the server or other accounts on the server. Most servers are vulnerable and there is not much defense from this believe it or not! If one attacker successfully finds a wp-config.php file using symlinks, a chain reaction quickly starts. On most servers running suPHP or PHP-CGI, a chmod value of 600 (-r-----) is sufficient for wp-config.php. Use a cron to chmod ALL wp-config.php files found on the server every 24 hours and those chain reaction Wordpress hacks will be halted in their tracks, I promise! 3) .htaccess is your friend This is an easy one. There are many quick .htaccess directives that can be used to dramatically increase security for Wordpress sites. You can find some tips here: http://www.wpexplorer.com/ htaccess-wordpress-security/ or just Google “Wordpress .htaccess security”. 4) Security plug-ins - Not so secure? Wordpress security plug-ins such as Wordfence or All-In-One (AOI) Security & Firewall generally do more good than harm. However, if you don’t update them, even the security plug-ins get exploited. Leaving ANY plug-in stagnant and without the latest patches will open up potential exploit opportunities for the baddies. If you are unwilling or unable (too lazy) to enforce a policy that all plugins are regularly updated, even the security plug-ins will become security holes! 5) Scan your server for signs of trouble R-fx Networks Linux Malware Detect (maldet) has made available a free, easy to use malware detector. Most Wordpress compromises result in loads of malware. Script kiddies use pre-existing malware kits that cause server admins huge headaches. The malware is used to send spam, create phishing sites, shell accounts, and to seek and destroy other nearby or remote Wordpress holes. Use Malware Detect to get daily scan reports emailed to you or even auto-quarantine suspect scripts within your users’ home directories. Don’t be afraid to suspend your client’s site if they are infected. Enlighten them to the rules of the road when it comes to Wordpress security and maybe they will become a bit more vigilant in the future.

* Require Updates, Softaculous is your friend. * Watch out for Symlinks!! * .htacesss is your friend

* Scan your server for signs of trouble

Meta Tags *updates *symlinks *htaccess *plugins *trouble

Catagories * Wordpress * Softaculous * Symlinks * htaccess * Security

Author Evan Kamlet is the CEO of H4Y Technologies LLC and managing partner of Tier. Net Technologies LLC, leading hosting service providers. Evan has decades of experience in the IT arena. With degrees in Electrical Engineering Technology and Telecommunications Technology, Evan has a unique machine-layer understanding of digital circuitry and hardware all the way up to high level application-layer coding, systems and network administration, modern software applications, and IT security.

NETWORK • LEARN • GROW

SEPT 22-23, 2015 AMSTERDAM, NETHERLANDS THE PREMIER INDUSTRY CONFERENCE AND TRADE SHOW FOR HOSTING AND CLOUD PROVIDERS.

EUROPE.HOSTINGCON.COM

hostingcon europe 2015 PING! ZINE

Featured Sessions At HostingCon Europe 2015!

NETWORK • LEARN • GROW

HostingCon Europe 2015 features an incredible lineup of sessions over two actionpacked days! The first of two Keynote Addresses will have Pearse O’Donohue, Head of Unit for Software & Services, Cloud Computing, European Commission DG CONNECT, discuss “Driving the Digital Single Market through uptake of Secure Cloud Services”.

SEPT 22-23, 2015

David Ednie, President and CEO of SalesChannel Europe will deliver the second Keynote entitled “Adapt or Die”: Hybrid Cloud Means The End of Business As Usual”.

Other sessions and panels include: · Cybersecurity Trends and Considerations in the EU · Data Localization: An Opportunity or a Threat to a Truly Digital Europe? · The Dawn of Containers: What do Hosting companies need to do to be ready? · Valuation: What is Your Hosting Company Worth and How to Improve It · Global Legal Strategy and Considerations for a Growing Cloud and Hosting Business · Domains and Hosting Aren’t Enough: Adding Ecommerce Solutions to Boost Business · European Go To Market Strategy · 2015 - A Critical Year for Internet Governance Development · How Long is the Long Arm of Interception Law? · ...and much more!

AMSTERDAM, NETHERLANDS THE PREMIER INDUSTRY CONFERENCE AND TRADE SHOW FOR HOSTING AND CLOUD PROVIDERS.

For complete details on these and other sessions, view the HostingCon Europe 2015 schedule. http://europe.hostingcon.com/

EUROPE.HOSTINGCON.COM

PING! ZINE DATA PROTECTION

Protect Your Data: Top

With breaches happening on an almost daily basis, it’s critical to establish rules and processes to keep your data safe and secure. The following tips, designed to help you build a sustainable path towards data security, were inspired by the FTC. Don’t Make Security an Afterthought Think before you collect. Is it necessary and does it add value to capture personal, sensitive information from your customers and prospects? Or does it just open up additional risk? If you absolutely need to collect sensitive information, don’t hold on to it longer than necessary. Set an “end date” and follow through with securely destroying the info. Security shouldn’t be reactive but proactive. Stay In Control If you need to hold on to sensitive data (it’s a business must), then how do you keep it safe from prying eyes – both inside and outside your organisation? Answer: limit access. Does your summer intern need wide-open access to corporate IP to do her job? Probably not. Implement a system for periodically reviewing entitlements to ensure people only have access to the information they need. Your auditors will thank you. Passwords and Authentication, Please You’ve got sensitive data and want to keep it safe. Requiring complex passwords (by the way, “password” is NOT complex) that include multiple elements (caps, numbers, minimum characters) and changing them on a quarterly basis makes it hard for hackers. Even better: require two-factor authentication, disable access after a specific number of failed login attempts, and protect against authentication bypass to really “up” the proverbial ante. Share It Securely Sure, your internal network is secure. But what if you need to share your data outside the firewall? One way to do this securely is with a data file sync and share solution that works with your existing permissions and authentication infrastructure. Who’s Knocking on Your Door? Do you know who is accessing what computer at all times? Probably not. So protect yourself – and your sensitive data – in a separate, secure place on your network. Limit access. Even better, continuously monitor your file access activity with a solution that makes it easy to see and address suspicious, unusual behavior before it’s too late.

by dietrich benjes, vp uk, ireland and middle east PING! ZINE

Ten “Need to Know” Tips

Remote Control Isn’t telecommuting great? It allows employee freedom and increased productivity. But it can be a security nightmare. The key idea is to allow remote connections, but restrict the ability to re-login to other desktop and servers. We really want to make it difficult for hackers to leapfrog around your network. This can be accomplished by enhancing security of the Remote Desktop feature in Windows. You can read more about how to do it here. Keep It Under Wraps Is your organization developing a hot new product or solution? Have you thought about how your customers will use it and whether it needs to be secure? Make sure your developers are up to scratch with Privacy by Design principles, and the latest best practices in safe coding. In addition, know thy platform security guidelines – no need to recreate the wheel. Finally, testing is key! While not every threat can be anticipated, testing for common vulnerabilities ensure security at the gate.

D C E ATA SE NTE CU R RIT Y

Who’s Got Your Back? You probably work with service providers and other contractors. But do they share your passion for security? Make sure your standards are being met by including your security requirements (for example, encryption, two-factor authentication, data retention limits) in contracts and service-level agreements. Remember to stay active and always monitor your controls to ensure that your security expectations are followed and your users aren’t inadvertently exploited Make a Plan, Stan You’re secure – for now. Unfortunately, security isn’t static and so to remain compliant you’ll need to stay on top of your systems and technology. This means making a plan that includes monitoring third party software, performing updates, and faithfully implementing patches. In addition, pay heed to security warnings and notifications! Develop an action plan! If a vulnerability has been exposed, be proactive and take the steps necessary to protect your data! Physical security Network security is critical. But what about computer hardware, as well as paper files and all the miscellaneous stuff that makes up a typical office environment? Does your company have a security policy for the non-virtual world? Rule #1: keep important papers and other physical IP in a secure place (locked file cabinets, secured server rooms, etc.). Laptops should have secure-login and hardware-level password protection set. What about old computers, servers, tapes, and disk drives? What may appear as trash to you could be a gold mine to hackers. P!.

PING! ZINE INTERNET SECURITY In this cautionary tale Jane Grafton, Director of Product Development at Lieberman Software, interviewed a woman who should have known better. Her story is told in her own words. If this sounds all too familiar there is some great advice at the end of this article to make sure you too don’t end up losing your job! In her own words It all started when I landed a job at Virtually Direct. From day one I realised accountancy didn’t really float my boat but, with mum on my case, at least it gave me shopping money. On my first day at the office I was shown to a desk in the corner, piled high with invoices that I had to input onto the system but, as you’d expect with an up and coming ecommerce business, at least my PC had super fast internet access. Result, I thought, I could update my Facebook status. The guy that worked opposite me - was alright, but he had his face stuck in a spreadsheet most of the time. He didn’t even look up when I asked him for help with my spreadsheet. Bored doesn’t even begin to describe those first five minutes, so I thought I’d update my blog. The morning passed in a bit of a blur, well so did the next few months if I’m honest. I’d spend most of my time surfing the internet, doing a little virtual shopping, updating my status, posting on my blog, emailing my buddies about the awful people I had to spend the day with and sharing pictures of the hot

guys I met in the evenings – sometimes in the buff! The work was mundane and boring but most of the time I just didn’t do it. No one seemed to notice or care! Thankfully my online diary was a hit and I did consider becoming a writer. My updates about how archaic everything was were really popular. The post where I complained about our lack of antivirus software, because I’d introduced a virus into the network by opening a nude picture of Brad Pitt, had thousands of hits and I started to get a regular following. Well, I couldn’t leave my public wanting, so I would tell them about funny complaints from customers, the weirdly worded messages I’d get in pop-ups about ‘patches’ or directing me to various ‘policies’ and ‘practices’ that I should read, that sort of thing. Claire’s ‘secret formula’ for creating new un-crackable passwords was another entry that spiked people couldn’t get enough of me.

by Jane Grafton PING! ZINE

My Boss Thinks I’m A Security Threat Then one morning - on my four month anniversary - I arrived at work to find my PC logged on, which I thought was a little strange but soon forgot all about it. A little later that day I passed Roy, the Big Cheese, in the corridor and he asked about my phobia of invoices. Now, I know I hadn’t told him about it - mainly because I’d never even spoken to him before, so I deduced he must be one of my followers and was referring to my recent update “Why working sucks” – Kudos indeed! Just before home time, and I’m still not sure why I was telling my online disciples how phallic Roy is, I realised he was standing behind me so I switched screens rather snappishly. Thankfully, I hadn’t spoiled the surprise but I wish I could have seen his face when he read it later online! One of my mates suggested I contact my local paper and tell them about the thousands of people that were following my online diary. So, on Monday morning back at my desk, I researched who our local reporter was and sent her an email. I wasn’t sure it was ‘news’, but nothing ventured and all that – perhaps it would be my big break into journalism. I was thrilled when Doris gave me a bell and told me her editor loved my online diary – especially about the workings at my company, and that it would be in this week’s issue. She needed a photo so I poked her on Facebook and told her to choose one from my album. I’d have preferred if they hadn’t used the image of me on an anti-capitalism rally, or the headline asking if I was a security risk, but there’s no such thing as bad PR, is there? I suppose it all went wrong the morning I saw an advert for a job in the communications department. I thought I’d be perfect, especially with how well I’d developed my online community. Roy was bound to give me a glowing recommendation. I mean - I was always at my desk on time, admittedly I didn’t do anything all day but no-one had noticed, and he obviously liked my blogs! I had to submit my application online, which was a little tricky as I couldn’t remember my login details for the accounts server, so I asked IT if they could remind me. Derrick in IT did seem a little surprised that I didn’t know it, especially

as I should be using it everyday, but I put it down to a heavy night and he seemed to accept that. Gullible doesn’t even begin to describe our IT team – I have to say that was one of my better blogs! To make sure I didn’t ‘forget’ again I wrote the password in indelible marker on the underside of my keyboard – genius! The last thing I did before I left the office that evening was respond to an email from Derrick, asking me for the username and password for our bank account. I mean, he’d given it to me when I’d first started so he was obviously thicker than I’d given him credit. I was thrilled when I got a call from Susan in HR, although a little annoyed that she’d called me at home, inviting me to an interview in the morning. I thought the communications gig was in the bag. Security met me the next morning and took me up to HR. Alarm bells probably should have gone off then but I just thought Susan was so keen to talk to me that she wanted to make sure I didn’t get lost. It’s fair to say it went downhill from there. Roy and Derrick were with Susan, with big thick dossiers in front of them, and they’d left their happy faces behind. To cut a long story short, Roy wasn’t so thrilled with my blog entries after all. He didn’t like the blogs criticising the company, but it was the complaints from customers who’d been scammed from my revelations that he kept banging on about. Derrick, the turncoat, had printed off emails I’d sent to my friends and even had pictures of the bloke I’d met at the anti-capitalism ecotent minus his kit. I tried to argue that he wasn’t that intelligent himself having asked me for the bank details and he turned purple. How was I supposed to know that it was a scam and our bank account had been breached! I’m not sure what’s next for me. Gross industrial misconduct doesn’t read so well on my CV! (continued...)

PING! ZINE INTERNET SECURITY by Jane Grafton

Here are some simple IT security rules to observe unless you want to replicate our hero’s experiences! Don’t include easily-guessed information in your passwords such as birthdays, family and pet names. Don’t use easily guessed words or common words such as `password’ and simply replace characters such as “a” with an “@” or “o” with a zero. Hackers know this strategy and their software knows it too. Don’t use the same passphrase for multiple logins - and in particular don’t mix personal passphrases with business ones. Keep everything separate so that even if one account is compromised, the rest are secure. Never give anyone - including IT staff - your password. If an administrator truly needs your passphrase, change it before disclosing it, then change it back when they no longer need access and ensure you are present when they are using your account. Don’t click links in emails from unknown senders, no matter how attractive or urgent they seem. And if your browser starts displaying pop-ups with unusual frequency or appearance – no matter where you are browsing close your browser and scan your system for malware and adware. Even when logging onto websites, use passphrases that are 15 characters long whenever allowed. This can help safeguard your account on sites whose administrators may not be protecting stored passphrases by disabling vulnerable hashing algorithms. If you do online banking, be sure to logout after each session. This invalidates the login session stored on your system. Then CLOSE all browser windows before leaving your machine. If you are using a tabbed browser, simply closing the single tab is NOT enough. Don’t allow browsers to store your passphrases for you, as not all browsers store your logins in a secure fashion. Never configure a computer to automatically log you on. If your system is configured for auto-logon, Windows may actually store your passphrase in clear text within the registry of the system in one or more well-known locations. P!

PING! ZINE disater recovery

Top Disaster Recovery In today’s enterprise environment, a disaster recovery plan isn’t just something nice to have – it’s more crucial than ever. A business continuity strategy must be formulated to ensure that when a disruptive event takes place – be it a service interruption, inclement weather or some other instance – the company can sustain its usual processes. Creating an effective disaster recovery plan isn’t without its fair share of challenges. Unless every essential aspect is factored into the strategy, the enterprise will likely find it lacking when it comes time to activate the plan. Therefore, pinpointing and addressing these obstacles is key. Who’s Adequately Prepared According to a Dimensional Research study commissioned by Axcient, today’s enterprises deem a backup and business continuity strategy critical. However, the majority find current approaches lacking. The study found that 90 percent of IT leaders leverage several different backup and recovery tools. Of the respondents with multiple DR systems in place, 60 percent said these tools had overlapping functionalities. At the same time, 91 percent noted that having a variety of tools in place causes numerous problems with the company’s DR strategy, including the learning curve involved with the use of several different systems and the cost of added service licenses and maintenance.

Alan Glazer, Senior Product Manager at Hostway Services, Inc. PING! ZINE

Challenges and How to Address Them The research also underscored the impact of unscheduled downtime. Although 97 percent of respondents had experienced a major outage in the past 24 months, only 7 percent said they would be able to respond and recover from a similar subsequent event within two hours. Overall, Axcient CEO Justin Moore noted that such downtime and permanent data loss can cost the business market more than $40 billion annually. “With multiple, disparate, legacy tools for backup and recovery, current solutions are broken,” Moore noted. “As a result, users are unable to recover their systems in the event of an IT outage, or even worse, a disaster.” The study also found that half of all IT professionals agree that if data is unable to be recovered, their department is held responsible. Since a permanent loss of data could also result in a loss of employment, IT teams are working to find solutions to these issues that will help them create an all-encompassing plan for disaster recovery. Other Challenges In addition to the obstacles illuminated by the study, senior systems engineer and technology author Karl Palachuk also noted several other issues with companies’ disaster recovery strategies, including: · They may not have a DR plan in place at all. · The current plan is incorrect or unreliable. · The plan includes unnecessary technology. · The plan hasn’t been effectively tested. · The plan doesn’t include sufficient information management regulations. “The bottom line is that preparation will make a disaster recovery go as smoothly as possible,” Palachuk wrote. “Having technical knowledge and a vague idea of what needs to be done is simply not enough. A successful recovery requires a good plan that addresses the…biggest problems of disaster recovery plans.”

Addressing Challenges There are several approaches business leaders and IT managers can take to mitigate the challenges seen with their enterprises’ DR plans, according to an Acronis white paper: · Carrying out smaller backups that help streamline information organization, backup scheduling and overall management. · Leveraging scalable technology that can expand with the business’s needs. · Utilizing data duplication strategies for cost-effectiveness in storage. · Integrating new, non-traditional deployment systems. Leveraging the Cloud However, one of the best solutions to emerge in this arena is the use of cloud technologies. The study found that one-third of businesses currently utilize the cloud as part of their DR plans, and 89 percent of respondents noted clear benefits in using the cloud in this capacity. Furthermore, of the 74 percent of IT professionals that use a non-cloud secondary site for their business continuity, 79 percent said they would consider switching to a cloud-based strategy if the resources were in place. As such, Moore noted that it’s no surprise that IT departments are beginning to realize the advantages of including the cloud in DR plans. “Given the staggering complexity and limitation of traditional on-premise backup and recovery solutions, there is clear value in fully transitioning to a single, comprehensive cloud-based solution,” said Diane Hagglund, senior research analyst at Dimensional Research. “Although cloud-based backup and recovery is still early in adoption, the recovery market is ripe for innovation and the cloud is the next frontier.” To find out more about how the cloud can be leveraged for disaster recovery, contact a trusted service provider like Hostway. Hostway offers best-in-class business continuity services and can help business leaders craft a DR plan that will suit their company’s needs. P!

PING! ZINE BITS & BYTES

What is Remote Recruiting and How Can It Help My Company? Sure, most people love to save money. But unlike the retail market, companies looking to fill job positions cannot take advantage of coupons, limited-time sale prices, or two-for-one specials. Remote recruiting Yes, two heads are better than one – but you can’t hire this type of employee. Even so, employers should try to manage their payroll costs in order to stay competitive. This is true whether you’re a small business owner in need of some IT help, an entrepreneur who wants a team to build and maintain a website, or a manager of a large company who is trying to free up some money and resources to increase the budget for use in other areas. There is one solution for all of these situations: remote recruiting. Defining Remote Recruiting Let’s define this term by breaking it up into its two words. Hiring remote workers technically means employing people who work outside the office or business. These days, remote workers are being distinguished from the 3.3 million telecommuting employees in the U.S. because the latter are often expected to appear in the office from time to time. Conversely, remote workers are permanently based far away from the business – usually thousands of miles away. As for the recruiting part of the term, it refers to the same occupation as that of local headhunters or job placement agencies: locating potential employees for a particular company. But remote recruiters focus their efforts in overseas and/or emerging markets where skilled workers are plentiful and available. And instead of a company’s HR department searching Internet job boards for talent, a remote recruiting agency handles the entire identifying, screening, and testing functions of this process. Remote recruiting If she was selected by a recruiting agency, you know that she is well-qualified. Benefits of Remote Recruiting For certain types of businesses and job duties, remote recruiting can be an effective tool for improving a company’s bottom line. First, these remote workers usually have the same skills as their on-site counterparts, but their payroll costs are less than half of those associated with traditional employees. In addition, remote recruiters can select from a talent pool that’s unfettered by geographical restrictions because these applicants will never need to commute to an office. Finally, studies show that remote workers are just as dedicated – and possibly even more productive – than regular on-site employees. In addition, there are significant benefits to hiring a remote recruiting agency to procure remote workers than to contract with faraway freelancers or outsource a division entirely. Since freelancers work for themselves, they ultimately set their own schedules and prioritize projects according to their own workloads, rather than devoting all of their efforts toward achieving your company’s goals. As for outsourcing a division, you face the problem of delegating authority to an unfocused manager who is responsible for supervising unknown workers. With remote recruiting, however, you get the best of both worlds. Your business can take advantage of a larger talent pool and reduced personnel costs while maintaining direct control and oversight of remote workers just like they are normal full-time employees. Moreover, remote recruiters have an intimate understanding of the various remote worker markets, so they can find you the most highly-qualified applicants possible. And most importantly, a remote recruiting agency has the commitment and experience to find remote workers that possess the required job skills, communicate adequately, and have the willingness to embrace your company’s core values. Remote recruiting She’s a proud full-time employee of your company – even though her home is half a world away.

Author: Sharon Koifman Sharon Koifman is a veteran of the web hosting industry and an active participant in the tech community. He has been running a hosting company with 3000 clients and recently stopped to initiate a brand new consulting operation. As a consultant he became the Hosting Director for Applicure, the business development director for Soholaunch and consults with a few other hosting companies. These days he is running Distant Job www.distantjob.com

䰀䤀䴀䤀吀䔀䐀吀䤀䴀䔀伀一䰀夀

堀攀漀渀䔀㌀ⴀ㄀㈀㌀ ⴀ嘀㌀䐀攀搀椀挀愀琀攀搀匀攀爀瘀攀爀 ⠀㐀挀漀爀攀猀⼀㠀琀栀爀攀愀搀猀⤀

㄀㘀䜀䈀刀䄀䴀㈀吀䈀匀䄀吀䄀䌀愀瘀椀愀爀䈀氀愀挀欀䠀䐀䐀㔀吀䈀倀爀攀洀椀甀洀䈀愀渀搀眀椀搀琀栀䤀渀挀氀甀搀攀搀㄀ ─ 唀瀀琀椀洀攀Ⰰ 䴀漀渀攀礀ⴀ䈀愀挀欀䜀甀愀爀愀渀琀攀攀㈀㐀⼀㜀⼀㌀㘀㔀䤀渀搀甀猀琀爀礀ⴀ䰀攀愀搀椀渀最匀甀瀀瀀漀爀琀㔀䤀倀瘀㐀䤀倀猀䤀渀挀氀甀搀攀搀Ⰰ 唀渀氀椀洀椀琀攀搀䤀倀瘀㘀匀吀䄀刀吀䤀一䜀䄀吀

␀㘀㔀

䴀伀一吀䠀

吀椀攀爀⸀一攀琀䠀漀猀琀椀渀最㨀匀栀愀爀攀搀Ⰰ 刀攀猀攀氀氀攀爀Ⰰ 嘀倀匀Ⰰ 䌀氀漀甀搀Ⰰ 䐀攀搀椀挀愀琀攀搀Ⰰ 䌀漀氀漀Ⰰ 䄀搀瘀愀渀挀攀搀

㠀㠀㠀ⴀ㔀㄀㠀ⴀ ㈀㠀㠀

猀愀氀攀猀䀀琀椀攀爀⸀渀攀琀