Most IaaS cloud vendors rely on best practices and security baked into their software to provide the security to their end clients, but with certain internally used bits of source, like was the case with VPS.NET and Rackspace, the potential for security errors creep up.

Case in point, the issue here was with regards to reusing hard disk space after it was relinquished by a customer. In the IaaS world, resources are reused once they are terminated by a user. This reuse includes hard disk space for storage of files – the data that was previously stored on the drive by an old customer is deleted before being presented as blank space to another customer.

However, as these researchers found, a method for thoroughly destroying the data was not completely employed, and bits and pieces of file data were preserved between customer use. This means that any data potentially stored on disk could have been leaked to another customer, if the other customer had known where to look.

This is very bad, but not surprising. Low level details like this are easy to overlook, and until someone finds them out and points it out to a provider, they may be blissfully unaware of its existence.

This isn’t a unique problem to these two vendors. Folks like Amazon, who have a pretty good history of security, are just as vulnerable. Perhaps not on this specific issue, but others. In fact, one of the biggest vulnerabilities is the ever changing code behind the scenes that the end user is not aware of. Amazon in particular is constantly adding new features, releasing new internal versions of their Cloud software and deploying it strategically – all out of view of the end user. However, due to the constant changing state of the code, new vectors for exploitation are always a possibility. Even security holes that didn’t exist a few days ago could potentially open up as a result of a misstep by an Amazon engineer.

The bottom line is cloud security must be taken very seriously. While there is a certain level of trust that must be accepted, going the extra mile with internal security practices to ensure that data can’t be leaked is a prudent decision for any organization utilizing the cloud.

_______

Data Cave is a privately owned and operated Tier IV data center located in Columbus, Indiana convenient to Indianapolis, Louisville and Cincinnati. Please contact us for more information at 866-514-2283.

You know what else is awesome? BitTorrent. Specifically, its file type called a torrent. Yes, they have gotten an extremely bad rap for piracy issues, as you know. However, just because a tool is used for evil, doesn’t make it evil. Torrents are one of the most brilliant internet-centric inventions of the last two decades. It has made large file downloading nearly painless.

From Wikipedia:

Torrents work by dividing the target file into small information chunks, found on an unlimited number of different hosts. Through this method, torrents are able to download large files quickly. When a client (the recipient of a target file) has initiated a torrent download, the chunks of target file that are needed can be found easily, based on the data from the torrent itself. Once all the chunks are downloaded the client can assemble them into a usable form.

I’m currently attending IUPUI in Indianapolis. We get a TON of expensive software for free, so I shouldn’t complain about things, but I will anyway. IUPUI gives us this large-sized software and then breaks the software into 500MB chunks which are very inconvenient to download. Part of the beauty of BitTorrent’s system is that you are getting very small chunks of data from a lot of people that have what you need. This allows you to pause and resume at any time, and most times, without a hitch. But what does Data Cave use torrents for?

We are open source enthusiasts as you know. We use Ubuntu servers fairly heavily. So when a new distribution comes out, we like to give back to the community and allow uploads of the latest Ubuntu/Kubuntu operating systems.

We let the uploads run with Transmission, an open source BitTorrent client, and generally keep them going for quite awhile after the initial distro launch. This makes us feel warm and fuzzy. Our employees also have their hands in other open source projects. For a taste, here is Caleb’s github page as well as David’s page. They contain both professional and personal projects. We’ll talk more about the professional ones later.

What open source software do you love? We want your feedback! Let us know in the comments.

_______

Data Cave is a privately owned and operated Tier IV data center located in Columbus, Indiana convenient to Indianapolis, Louisville and Cincinnati. Please contact us for more information at 866-514-2283.

The stakes are high for complying with federal regulations. Any sort of breach in releasing health information can cost a company dearly in lost good will with customers, severe backlash from the public and monetary fines, up to $1.5 million in some instances.

HIPAA security compliance is often more complicated than expected. That’s why we at Data Cave have developed a new whitepaper to help you understand both HIPAA and HITECH Acts, the safeguards needed to protect health data, and why you should consider using a HIPAA compliant data center, like Data Cave, to meet these regulations.

For more information contact us or call 866-514-2283.

Virtual Machine Manager

We use run-of-the-mill Dell servers for hosting these VM’s, and you can see from the screenshot above that even the most-heavily used host is still barely being exercised. For the additional complexity of the setup, we get very real cost savings on the number of boxes we need, while providing us even more flexibility to segregate all major computing services onto their own partition, allowing us to work on them independently.

To provide the disk space for these VM’s, we use Coraid disk enclosures. They use the ATA-over-ethernet (AoE) protocol to create a SAN. Comparing bang-for-buck, this approach cannot be touched. Our experience has proven Coraid’s promises of cost-effectiveness to be true. A comparable, similarly-sized iSCSI configuration, from one of the big names in the industry, started at five times the cost of our Coraid units.

For larger installations, Ubuntu is adding OpenStack cloud software in their forthcoming 12.04 LTS release, but for smaller implementations, KVM-based virtualization is still a terrific way to reduce the costs of hosting your company’s infrastructure. And, unlike other, proprietary solutions, you won’t have to spend the money you saved on the hardware buying the software! And, of course, Data Cave provides a clean, secure, purpose-built place — with fully redundant power, cooling, and connectivity — to put servers for exactly this sort of thing.

_______

Data Cave is a privately owned and operated Tier IV data center located in Columbus, Indiana convenient to Indianapolis, Louisville and Cincinnati. Please contact us for more information at 866-514-2283.

I live and primarily work in Louisville, Kentucky. However, I serve clients across the region and U.S. If you haven’t already, come visit Data Cave and I’ll take you on a tour! You really need to see this place and meet the incredible people who are behind it.

Random things about me: I ride a Harley Davidson Street Glide. I have two dogs, Lola, a Boxer, and Harley, a Blue Nose Pit Bull. I love being outdoors. I spend a lot of time on the water in the summer, primarily on Lake Cumberland. I like, okay love, bourbon. I moved from Michigan to Kentucky in 2006. I am married to my high school sweetheart. My husband and I met when we were paired together as stunt partners on a water ski show team. I was a collegiate swimmer for Grand Valley State University and, I’m not sure how, but I still hold some records.  I started doing Crossfit last fall in attempt to get back in shape. I feel I have an eclectic taste in music. I enjoy Lou Rawls, Otis Redding, Al Green, AC/DC, Alice in Chains, Disturbed, Aaron Lewis, Eric Church, Beyonce, Muse, Kid Rock, Jack Johnson, Foster the People…

As Business Development Manager, I am here to help you throughout the process of utilizing our data center by making sure your experience is as smooth as possible, and adapting our services to change or grow with your business; while staying competitive on many levels.

You can reach me at 502-552-7362 or brittany@thedatacave.com. I would love to hear from you.

Best regards,

Brittany

Yes, this probably does happen, but I would image fairly infrequently. Plus, the governing body would have to pay a reasonable sum for the property, and that isn’t going to be a small amount of money for a data center facility. I think in general, data centers are safe.

However, it does bring up another good topic: ownership of the building. You see, a nasty little secret of almost every colocation data center out there is that they don’t own the building they occupy. Our informal and unscientific calculations say at least 80% of colocation data center operators do not own their own facilities.

What this means to you, as an end customer, is that you’re at the mercy and whim of a landlord on top of your provider. While many of the facilities are on triple net leases, it’s not uncommon for the landlord to drastically raise rent when the lease comes up – and that cost gets directly passed on to the end customer.

As well, the tenant is always at risk if the landlord wishes to change ownership, or repurposes other parts of the building.

I say eminent domain is not an issue in the data center world; non-tenant owned facilities present a much larger threat to an end client.

_______

Data Cave is a privately owned and operated Tier IV data center located in Columbus, Indiana convenient to Indianapolis, Louisville and Cincinnati. Please contact us for more information at 866-514-2283.

Redundancy: We really do have two of every piece of critical equipment. Two utility lines, generators, cooling towers, water pumps, chillers, Uninterruptible Power Supply (UPS) systems, chilled water pipes, etc. We have two Power Distribution Units (PDUs) and Computer Room Air Conditioner (CRAC) units per suite. Our data center is split into four quadrants, each of which runs independently of the other. That’s like four independent data centers within one building. Even our bathrooms are redundant.

Uptime: Data Cave has experienced 100% uptime since we opened. Don’t get us wrong, we have lost utility power but because we are constantly monitoring and testing critical (top of the line) equipment and maintain a high level of redundancy, the switch to generator power, when necessary, is seamless. Our UPS flywheels run more than long enough for our 2MW generators to start which takes about eight seconds.

Staff: We have an amazingly knowledgeable staff that includes programmers, technicians, electricians, plumbers, engineers, etc., who are able to handle facility issues without reliance on outside contractors. This is an important point because a lot of data centers don’t have this technical base to pull from when an issue arises. We don’t have to wait for a contractor to arrive, we can start working on a problem as soon as it happens. Most of our staff have been here since the planning stages of Data Cave. Working at Data Cave isn’t just a job. A lot of what we do in our jobs, we do as hobbies too. We love what we do and it shows.

Come see for yourself the advantages of choosing Data Cave. Call us at 866.514.2283.

Purpose-built: If you’ve seen our facility, then you know, it was meant to be a data center. Many people who see the building say it looks like a prison, and they aren’t wrong. The building is nondescript and menacing, as it should be. We want to keep the general public out of the facility for the security of our customers. No one should be around the building that isn’t employed by or working with Data Cave. Our customers feel safe when they visit and know their equipment is safe. Not only that, but because we custom-built the facility, we purposely installed 12-inch thick block around the perimeter of the data center. The rebar that continues through the middle of each block is nearly an inch thick and the blocks are filled with concrete. The rebar continues down into the ground and up into the roof. Too many data centers out there were retrofitted into existing buildings and don’t provide the safety and privacy that we believe a data center should have in order to give customers maximum protection.

Privately Owned & Operated: This speaks for itself. We own the land and the building. There are no liens on the property and we don’t have anyone to answer to, including a board of directors. A lot of data centers lease space which could potentially cause future problems when lease terms end. We also have continuity here. The same people who built Data Cave are still around today. Our facility manager has been working at Data Cave since the beginning and helped actually build Data Cave.

The Roof: We’ve blogged about this before but it’s pretty impressive so we’ll say it again: Our roof weighs approximately 4.5 MILLION pounds. This is fairly jaw dropping. As you can see from the above photo, no equipment sits on the roof and we have no roof access. We built Data Cave this way to mitigate any potential leaks that could occur. The rebar mentioned earlier actually helps hold the roof down in the event of high winds or tornadoes. You can read more here.

Data Suites: Instead of the traditional data center with one big room where customers have to cage their equipment, Data Cave is split into individual 1,300-square-feet data suites. We chose that size to minimize hotspots and provide a higher level of privacy and security for customers. This layout allows one client to lease a suite which only they have access to, at any time. One of our data suite customers must comply with HIPAA and HITECH acts, which means everyone going in and out of the suite is monitored. We send the customer a report at the end of each month listing who has been in the area. That’s just one of the suites that our staff stays out of unless absolutely necessary. This setup really benefits companies needing to comply with certain regulations.

Come see for yourself the advantages of choosing Data Cave. Call us at 866.514.2283.

Even small to mid-sized businesses are vulnerable to an IT disaster – whether caused by a simple gas leak, an extended power outage, a hacker or virus attacking a server,  or serious natural disasters such as devastating tornadoes, floods, ice storms and fires. Any one of these events can destroy an organization’s data, their software applications and connection to the internet. Think complete server loss or worse.

An IT disaster can cripple your business and most businesses aren’t prepared to respond. A study by the Info-Tech Research Group, found that nearly 60 percent of small to mid-sized North American businesses lack an IT disaster recovery plan. A disaster recovery center such as Data Cave can provide you services that will protect your data and make recovery quicker and more efficient. Midwest data centers can be particularly appealing to businesses looking for a disaster recovery center. Since Data Cave is located in rural Indiana, land, power and operating costs are substantially less than data centers located on the east and west coast. This allows us to pass on savings to customers.

An extended period of downtime can cost you big time — in lost revenues, lost credibility and ultimately, lost clients.

At Data Cave, we’ve just published a whitepaper entitled, “Top Ten Tips for IT Disaster Recovery Planning.” Check it out and learn the steps you need to take to protect your IT assets.

Friday, March 2nd resulted in even more havoc, with tornadoes hitting many parts of the Midwest, including the towns of Henryville, Marysville and Holton, Indiana, all about 30 miles from Data Cave. Again, at least one EF4 tornado was reported to have touched down. Many buildings, including the high school, were completely destroyed.

One thing that isn’t necessarily obvious from this type of destruction is that the wind energy from a tornado increases exponentially as the velocity increases. This means the destructive force of a tornado with 175mph winds is not 9 times more powerful than a 20mph “windy day”, but over 80 times more powerful. Pictures of the devastation prove that.

The towns of Henryville, Holton and Marysville will pick up the pieces, and rebuild. But how many businesses will be affected, forever? Even with insurance to pay for the possessions, many companies may never open their doors again.

It’s for this very reason Data Cave’s facility was built to withstand EF5 tornados, with a  207mph+ wind rating. Many companies trust us with their critical infrastructure, even during the worst types of weather. Is your data protected?