They Always Told Me That Lightning Never Strikes in the Same Place Twice. 

             Wow, were THEY ever wrong!

No other force in nature combines the ethereal beauty and incredible power of lightning. It is so fascinating and mesmerizing that it is easy to forget how dangerous it can be for both people and property if you happen to be directly under it (word of advice here, not a good place to be). And once and for all let’s put the never striking twice concept to rest. In 2010 the perimeter fence next to the gated entry to Data Cave was struck not twice, but three time all within a few feet of each other!  Talk about real world testing of our protection equipment. I became intrigued with this phenomenon of nature, and compiled some interesting information I would like to share with you.

Lightning is a phenomenal force of nature that can not only cause significant damage where it impacts, but can also transmit that power for some distance over TV cables, power lines, telephone lines, and plumbing. This can spread the damaging effect of a strike over a substantial distance, and poses a serious threat to electronic equipment and individuals. The following are fantastic but true facts about lightning.

Did you know…

• The Earth is struck by lightning 100 times per second (3.6 TRILLION per year)?
• The Earth is struck by lightning 1,800 times at any moment?
• The U.S. has approximately 100,000 thunderstorms PER YEAR?
• Lightning can reach temperatures of 50,000°F (5 times as hot as the Sun)?
• Lightning has been observed over 100 miles long?
• An average lightning flash has the energy of a 1-KILOTON EXPLOSION?
• Voltage in a cloud to ground lightning strike is 100 million to one billion volts?
• The average lightning strike is 6 miles long?
• In the U.S., lightning kills more than Hurricanes and Tornadoes, combined? Only floods kill more!
• There are more than 10,000 forest fires started by lightning each year?
• Lightning causes approximately $5 Billion of damage in the U.S. each year?
• FEMA estimates there are 200 deaths and 750 severe injuries from lightning each year in the U.S.?

Firstly, there’s Nagios. It monitors everything of significance in the building, and alerts us to any problems that may arise. At the time of this writing, it’s checking 240 services across 108 hosts. There are warnings if server room temps get out of range, checks to ensure surveillance cameras are online, notifications when there are changes in internet routing tables, just to name a few examples. Nagios is free and open software, and it’s become a sort of industry standard. Yes, there are shortcomings, which many alternatives try to address. However, it can handle any monitoring-and-alerting scenario you can imagine, and it never crashes. Just in case it does, though, we have an instance of monit watching it, and an automatically-synced failover Nagios instance, which has never engaged to date.

Secondly, there’s Cacti. Again, it’s become a bit of a standard, but, again, there are alternatives designed to address its weaknesses. While Nagios is a monitoring and alerting tool, Cacti graphs the data and reveals trends. It was designed for tracking networking bandwidth, but we’ve extended it to monitor power consumption as well. For graphing trends of less importance than bandwidth and power, we use pnp4nagios.

On top of Nagios and Cacti, we’ve created two Rails applications. The first is Haystack. It’s a dead-simple Simple Network Management Protocol (SNMP) polling application. Once a minute, it grabs all the SNMP data it can from each piece of equipment’s manufacturer’s SNMP counter tree, and simply stores it in a database. There’s a very simple interface for searching through and pulling out data of interest, but it’s primarily there in case something happens for which we need to review the data in detail.

ComHub Acknowledgements

The second custom package we’ve written is ComHub, which we’ve released as open-source software on GitHub. ComHub receives the messages from all of our systems, and then routes them to the appropriate people. Each person in ComHub can subscribe to various keywords, choose methods for receiving alerts, configure time windows for when to receive them, and setup filters for things they don’t care about. Rather than blindly sending SMS messages through the cellular carriers gateways via email, and hoping they arrive, the system uses Twilio to deliver text messages. With this service, we can not only get notification that the user’s cell phone actually received the alert, but also process responses to the alerts in the application. We use this primarily for acknowledging alerts in Nagios, or, optionally, putting the service or host into a planned downtime window.

ComHub Messages

Running hand-in-hand with Nagios and Cacti is SNMPTT. It receives any and all SNMP traps that might get sent out from any piece of equipment. It filters some useless informational alerts for us, and then routes the messages on through ComHub. It can be integrated with Nagios, but we found it easier to make ComHub the integration point.

In the coming months, I’ll talk more about how we integrate our smart door controller system into this setup.

On top of everything else, the weather had been unseasonably warm. All-in-all, not a bad time to be living in Indiana.

So, why should you choose a data center in Columbus, Indiana?

First, the Midwest is a logical location for a data center. Land, power, and other associated costs of building or leasing a data center are lower than places like California, New York, New Jersey, etc.  When leasing space from a Midwest data center like Data Cave, those savings get passed along to the customer. The Midwest is free of things like Hurricanes, Tsunamis and major earthquakes which is always a plus. Of course, we do have to worry about tornadoes which is why Data Cave was built to withstand 200+ mph winds (EF5 rating). I’m not kidding, if there’s a tornado coming, you can find me and my husband camped out at Data Cave. Typically, it isn’t the wind you have to worry about, it’s what the wind is carrying that can cause damage. Debris would have to go through 2 concrete walls (12″ and 8″ blocks) reinforced with one-inch rebar in order to get through to customer equipment. I’d also like to point out that there are also no windows around our customer suites. Seems logical, right? No one could bust a window to get in and debris can’t fly through easily. Okay, back to the tornado discussion. On this list of the 25 deadliest tornadoes in U.S. history, only one of them went through Indiana and that was in 1925. So, I would say that the chances of a EF4 or EF5 tornado in Indiana are slim. Actually, EF4 rated tornadoes and above account for 1% of all tornadoes and I’ve even seen that percentage as low as .1%.

I’ve shown some benefits of being in the Midwest but what about Columbus, Indiana? Columbus sits outside of Metropolitan areas. This means there is more “buffer acreage”, less people, no shared building space (i.e. strip mall) and it doesn’t affect your connectivity. All of this equates to higher security for your equipment. Data Cave sits on 21 acres on a private drive and gated entrance. You won’t find anyone randomly walking around our building at night or any other time for that matter. However, Data Cave is still within driving distance of Indianapolis, Louisville and Cincinnati. We have clients based in Bloomington, Indianapolis, Louisville, and more. One of our clients is even based in Seattle, Washington and another has locations all over the U.S. that need to be connected.

I’ve been working for Data Cave since September and I can tell you that it doesn’t take long to become impressed with the place. It’s a safe place for your equipment and we know what we’re doing. It also doesn’t take weeks to get things done around here. We have technicians, engineers, programmers who are so knowledgeable that it blows my mind. But seriously, don’t just listen to me, you should see it for yourself.

Call us at 866-514-2283 or fill out our little form and request more info.

Why, did you know Dell was a big supporter of OpenStack? Yep, and they have open source backing to show. Dell shows how they can put a team into looking like a scrappy startup.

Have no fear though, they also have a vCloud offering.  Who wouldn’t want to miss out on the enterprise space?

But wait, they also preship servers with Eucalyptus on them.

And HP, with their private beta Openstack based cloud. But don’t worry, they also offer at least 8 other cloud branded solutions.

I think it’s clear that..it’s not clear. The cloud concept has muddied the water so much, and created a cone of confusion for so many people. All of these vendors want to be everything to everybody, so they’re betting across the board in hopes one pays off.

I don’t necessarily chastise this approach, but I think it doesn’t help customers when a vendor offers so many solutions and says that all of them are the right approach. Sometimes you have to pick a side; sadly, the cloud space seems riddled with those who don’t.

I’m interested to see how this plays out over the next year; the cloud camp seems to be dividing between two sides: the enterprise high end space, and the commodity low end space.

Personally I think the commodity space is the better play. Let’s see if I’m right.

My external hard drive crashed. And apparently not a minor crash, but a-motor-head-came-loose-and-destroyed-my-platter crash. At least this is what a recovery company told me after examining the disk for a few days. Why, oh WHY, did I wait? I knew the external drives were getting old, and I knew I had sensitive data on them. But there is no vision like hindsight I guess.

So what do I do now? I back up. And I don’t just copy things from here to there. I made things a bit more robust. I now have two external drives that are mirrored, but they are attached with USB to my computer. I use Time Machine to backup all of my computers individually to these drives. But this only mitigates a drive failure. It obviously won’t protect against a fire or even a rambunctious three-year-old that has a high probability of knocking over one or both of these drives while they are writing, or some other home travesty. So to protect against onsite hazards I use Data Cave’s backup service to make sure my data is offsite. This also provides me with the capability to restore anything I want at any time I want.

I can restore everything, or just a folder, or just a file. I like this particularly well because we have all been at the point where we know we just had this certain file but can’t find it. No problem. I can access Data Cave online, grab my file, and bring it down within minutes (depending on the file size of course). This provides me with ease of mind as well because I know my data at Data Cave is being replicated, so there are multiple copies there as well.

Whew! That is a lot of my data being backed up in a lot of ways. And that makes me (and my wife) feel secure that our data will not suffer another family history loss. I am going to continue researching the best, most secure ways to backup, but what are your opinions? Do you see a better service or better way of doing things? Let’s discuss…

Wizard of Oz

I have been fascinated by tornadoes my entire life. Ever since my first exposure to the twister in the Wizard of Oz (don’t laugh it seemed quite real and scary to a seven year old), I have always wanted to see one first hand. You would think that growing up in the Midwest I would have had plenty of opportunities, but the closest I ever got was video from Storm Chasers and the Weather Channel. That changed this last summer when I finally had the chance to see one up close and personal.

It was the middle of the day when the tornado warning sirens went off and my first reaction was to run to the front of our facility, push open the door and ‘check it out”. Maybe not the smartest thing to do, but when you love storms, it’s almost an irresistible impulse (that’s my story and I am sticking to it). Getting the door open was no trivial matter in itself as the front of the storm was packing winds of close to 75 MPH. The light rain coming down was actually moving horizontally, and part of me wanted to run out into the parking lot to see what it was like to walk in those kinds of winds. Now I know some of you are shaking your heads and labeling me as slightly nutty, but I bet at least some of you would have been tempted to do exactly the same thing. Somehow caution prevailed (I think it may have had to do more with the look I could anticipate from my wife when I explained to her how I got soaked rather than any sudden streak of common sense) and I stayed in the doorway.

Low and behold, as I watched about a quarter of a mile away that horizontal rain suddenly started to move in a in a giant slow circle, and I was able to watch the entire process as the overhead cloud started rotating, and the dark funnel slowly descended until it touched the ground. Totally awesome! I am still at a loss as to why it never entered my mind to take a picture or a video.

It was absolutely perfect! Nobody was hurt, and most of the damage was limited to some trees.  Now, I have to admit that if I had been in my car or at home this experience would have brought with it a fairly high level of, well…fear. I have a great respect for the power involved in that type of storm and while I want to watch it, I don’t really want to participate in it. But I had the good fortune that day to be at work which is  the Data Cave data center, a facility designed and built from the ground up to withstand winds in excess of 207MPH. If the tornado had decided to make a turn, or had come down right in our front yard all I had to do was take two steps back, let the door close, and I would be protected by rebar reinforced, 12inch thick concrete-filled block walls rated to shrug off an EF5 tornado. Now I realize all that design and construction was implemented to protect our clients IT equipment, but let me tell you if you have to be in the vicinity of a tornado that is the place to do it from.

Next time, I promise to take some pictures.

Storm Photos from May 25, 2011

Midwest Tornadoes

Data Center Design by Design: Keeping the Roof Over Our Heads

Facility Infrastructure

But SOPA goes further than existing laws, in many disturbing ways.

Many people have opined that “SOPA” would spell the end of the idea of the internet, and will abrogate historical protections of due process. This really should come as no surprise. The government has been passing increasingly un-Constitutional laws and rulings for some time now. Earlier this year, the Supreme Court of the state of Indiana has ruled that there are no legal grounds to resist police entering your home, despite hundreds of years of precedence requiring a warrant as outlined by the 4th Amendment. Most recently, the federal government just passed “NDAA”, which, among it’s provisions, would permit the permanent detention of citizens under allegations of “terrorism,” despite protections under the 6th Amendment.

Despite this unsurprising power-grab by copyright holders, lots of outrage has been displayed over this particular proposal. Reddit led a boycott of registrar Go Daddy for their support, which has caused them to reverse their stance on the bill, proving nothing other than that they can be bought, and for almost nothing, since the number of domains transferred away from them was a drop in their bucket.

Despite these other laws, and the current trend of legislation in general, I’m actually more sanguine about the prospects of SOPA than other commenters. The problem is that the law is structured to use technological means to combat illegal activities, and it will only have jurisdiction in the United States. If internet service providers and domain name registrars in the US try to abolish infringing content, it will just pop up in a different place. The only people it will shut down permanently will be people who are at least trying to run a legitimate business, who have legal residences and identities within our borders. Illegitimate businesses and their illegitimate owners’ identities will just find a new way to setup shop online.

There are lots and lots of places to host content on the web, and only some of them exist within the jurisdiction of the US Congress.

As both a protocol and a software, DNS has a long history of problems. For a long time, people have warned that they could take down the system whenever they wanted. If SOPA passes, I expect the hackers of the world to unite to bypass, obfuscate, overwhelm, and otherwise circumvent whatever method of DNS meddling the government and the service providers can come up with. Programmers have been working for some time on an extension to DNS that  would prevent any interference with the system, including blackholing entries by government agencies. SOPA would target such software by making anything designed to bypass the law illegal, but I doubt its effectiveness. The Digital Millenium Copyright Act does this sort of thing as well, and we see how well this has worked. It’s still easy to find software to copy DVD’s, anyway.

I believe the law will prove to be ineffective in short order. Because of this, I’m hopeful that a better law would eventually replace it.

On the other hand, we can’t forget about the internet kill switch that was proposed in the Senate last year, where China was held up as a model of being able to control the flow of information during a time of war. (And here we thought that the internet was the great equalizing factor during the “Arab Summer.”) You can be sure that there are forces within both the corporate lobby pool and within the various military departments of the government that would love nothing more than to add this tool to their box. If this sort of law gets passed, then the government will be able to shut off internet traffic at our major backbone connections, which we already know they surveil, and this is the one we won’t be able to get around.

Let me give you an example. You have 50 racks of equipment and you are looking for a data center. You can rent an entire suite at Data Cave which allows you and your staff to be the only ones with access to that room (except our staff, or course). Not only that, but you can decide the layout of the racks and duct work. You can also choose which CRAC units and PDUs you would like. While our facility is 2N redundant, meaning there is two of everything (and I do mean everything), you can even choose the level of redundancy you desire. We are so flexible that Olympic gymnasts are jealous.

The other design feature of note is that the equipment that maintains your space (CRAC units, PDUs, generators, chillers, etc) are all outside of the areas that customers and vendors are able to access. No one could be within an arms reach of this equipment without being escorted by Data Cave personnel.

Every door within Data Cave has a key card scanner (with exception of the bathrooms and offices). The hallway accessing the customer suites also has a biometric hand scanner. The hand scan and key card must match in order to gain entry. We are serious about security and monitor anyone coming and going from the building.

Data Cave was designed and purposefully built as a data center. While deciding on a layout, our CEO, Angie and President, Caleb went on a number of data center tours and did a great deal of research. What they found was that having individual customer areas (or suites) made the most sense. A smaller space means heating and cooling is easier to monitor and control, the area is highly secure and customers still have the ability to only pay for what they use.

It’s always better to see it for yourself. Contact us or call 866-514-2283 for a tour.

So what do we think the cloud is? We believe the cloud is remote storage for absolutely any bit of information that you want to store. At Data Cave it’s remote storage that will always be available, always be secure, and always be safe. That means we always have power and internet connectivity, always keep data secure with industry standard security practices, and always keep data safe with our astounding structure. As Caleb noted in a previous post, Cisco agrees that Data Cave’s data center is the type of structure and infrastructure that cloud services will need in the future. And guess what; the future may be coming sooner than you think!

Courtesy of Forbes.com

In a Forbes article from earlier this month, contributor Joe McKendrick says that Cisco estimates that more than 50% of all workloads will be processed in the cloud by 2014. Uh..that’s just 2 years from now. If you don’t think that’s significant to the direction of where the industry (and the world) is going, then you should stop using your computer. Right now. There is a nice cabin in the mountain, away from the internets, just waiting for you to sit and quietly whittle away.

Another point to note, with the move to the cloud happening so quickly and so seemingly suddenly, data centers that were built without the cloud in mind will most likely have a hard time catching up to the cost savings and solid infrastructure built into Data Cave.

If you’d like to talk more about what the cloud means to us, or express what the cloud means to you, please do!

This is disturbing to say the least. SCADA is employed in a number of different systems to monitor and control things like utilities and medical devices. Back in August, a security researcher, Jerome Radcliffe, figured out how to hack his own wireless SCADA insulin pump. According to Radcliffe, he intercepted the wireless signals, reversed them and was able to insert fake data which he sent back to the pump. He was able to increase and decrease the amount of insulin without any warning from the pump. In essence, some evil-doer could kill a diabetic using their own insulin pump. A similar situation was found with wireless Pacemakers a few years ago. The study states that the researchers were able to reverse engineer the device’s communication protocols through an unauthorized channel and retrieve unencrypted information about the patient (name and diagnosis) and their treatment plan. They could even revise the therapies the patient was receiving through the device.

Some fixes are simple, like encryption, but other solutions can be very costly. I assume that’s why they weren’t implemented in the first place. We can all hope that no one would hack someone’s insulin pump or pacemaker but that doesn’t mean SCADA systems shouldn’t be more secure. Our utility infrastructure should be a major concern with these outdated systems in place.

Hacked construction sign in Austin, Texas.

Some related articles:

SCADA hack targets Iran

HP printers vulnerable to hacking

SCADA vulnerabilities in prison cells

Hackers break into SUV through text message

Need offsite backup with single or double encryption? Contact us!