Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

forgot password?



Reply


Old
  Post #1 (permalink)   02-12-2011, 07:45 PM
HD Amateur
 
Join Date: Jan 2011
Location: Escazu, Costa Rica
Posts: 61

Status: CRServers is offline
We are currently running over 100 hardware appliances and servers at our operation, some with different CP's for virtual hosting, VPS's, dedicated servers, routers, switches, firewalls, power strips, etc.

All this hardware implies an incredible amount of sensitive data that is necessary to have at hand at all times and at all places.
IP's, switches info, routers info, passwords, software installed on each server, Linux procedures, etc. etc. etc. etc.

We need an "Administration Online Knowledge Base" so all (or any) our staff can react quickly to solve any problem that might arise, even if the guy "that knows" is on vacation.

We use HostBill as our Billing and Support software right now, it has a public knowledge base, but it lacks an admin-only KB.

To handle all this we have several TXT and Xcel files right now, but we would love to have an online solution... where we would be certain that it will be safe and available to our staff at all times from anywhere they might be.

So, how do you handle your business private data?

Any recommendations will be greatly appreciated.

Regards,
__________________
Rodrigo Fernandez
CRServers.com
Technical Support
 
 


Old
  Post #2 (permalink)   02-14-2011, 07:06 AM
HD Amateur
 
Join Date: Jan 2011
Location: Escazu, Costa Rica
Posts: 61

Status: CRServers is offline
Wow!
No answers to this post so far .....
I hope it is not because this was a dumb question

Well, I have been reviewing and testing GroupWare and Collaboration software. I installed several on our servers, and after a couple of hours of testing and investigation, I have decided to give OfficeZilla a try!

Here are my reasons for choosing it:
1- Very simple interface
2- Free
3- Hosted elsewhere (if something happens to our system, it wont go down with it when we need the info)
4- Secure

Regards,
__________________
Rodrigo Fernandez
CRServers.com
Technical Support
 
 
 


Old
  Post #3 (permalink)   02-16-2011, 04:13 PM
HD Newbie
 
Join Date: Feb 2011
Location: North Kansas City, MO, USA
Posts: 34

Status: DataShack is offline
I have a friend that recently fired a technician because he accidently sent a vendor password list to a customer. So you also need to take into account security as well as availability.

You might want to look at Password Manager Pro. It can interface with your devices and randomly generate one use passwords. Then, if you lose an admin, you don't need to go in and change a bunch of stuff.

You might also try google docs. I know it's pretty simplistic but it's available, reasonably secure, and hosted offsite.
 
 
 


Old
  Post #4 (permalink)   02-17-2011, 12:57 AM
HD Management Staff
 
Artashes's Avatar
 
Join Date: Apr 2003
Posts: 9,814

Status: Artashes is offline
Have you considered Google Wave? I know Google has turned its back on, but it has recently received second life as it moves to become an open source application.
 
 
 


Old
  Post #5 (permalink)   02-17-2011, 06:25 AM
HD Amateur
 
Join Date: Jan 2011
Location: Escazu, Costa Rica
Posts: 61

Status: CRServers is offline
Quote:
Originally Posted by DataShack View Post
You might want to look at Password Manager Pro.

You might also try google docs.
Thanks for your recommendations DataShack. I will look into Password Manager Pro.

After using OfficeZilla for a couple of days, I've noticed that the system goes offline consistently Maybe there are fixing things or have technical problems right now. But I decided that we cannot rely on a service that might go down when we need the info.

After testing all applications reviewed at http://php.opensourcecms.com/scripts...gory=Groupware , I have settled with Feng Office.

Wow! I cannot say enough about this application. Beautiful and modern interface with all the functionality I need (except password management) and it is Open Source. It is worth looking into.

Regards,
__________________
Rodrigo Fernandez
CRServers.com
Technical Support

Last edited by CRServers : 02-17-2011 at 06:38 AM.
 
 
 


Old
  Post #6 (permalink)   02-17-2011, 06:37 AM
HD Amateur
 
Join Date: Jan 2011
Location: Escazu, Costa Rica
Posts: 61

Status: CRServers is offline
Quote:
Originally Posted by Artashes View Post
Have you considered Google Wave?
Thanks for the tip. I just looked at Google Wave. I find it simple to use, but basically orientated at open communities.

Also the warning "Google Wave is no longer being developed as a standalone product" makes you think twice about trusting your sensitive information to it.

Regards,
__________________
Rodrigo Fernandez
CRServers.com
Technical Support
 
 
 


Old
  Post #7 (permalink)   02-18-2011, 05:24 PM
HD Management Staff
 
Artashes's Avatar
 
Join Date: Apr 2003
Posts: 9,814

Status: Artashes is offline
Quote:
Originally Posted by CRServers View Post
Thanks for the tip. I just looked at Google Wave. I find it simple to use, but basically orientated at open communities.

Also the warning "Google Wave is no longer being developed as a standalone product" makes you think twice about trusting your sensitive information to it.

Regards,
Rodrigo, the Apache Software Foundation is taking in Google Wave as a project:
http://www.google.com/support/wave/b...answer=1083134

Google won't just let Wave die a worthless death, too many startups and developers are working with it. It will actually be more interesting as an open source application now.
 
 
 


Old
  Post #8 (permalink)   02-19-2011, 08:29 PM
HD Amateur
 
Join Date: Jan 2011
Location: Escazu, Costa Rica
Posts: 61

Status: CRServers is offline
Quote:
Originally Posted by Artashes View Post
the Apache Software Foundation is taking in Google Wave as a project
Great!
But I'm sold on Feng Office.
We are already getting all our stuff in there.

Regards,
__________________
Rodrigo Fernandez
CRServers.com
Technical Support
 
 
 


Old
  Post #9 (permalink)   03-02-2011, 05:50 AM
Account Disabled
 
Join Date: Jan 2011
Posts: 23

Status: Sushantg is offline
Sensitive data can be handled by encrypting or by encoding.
 
 
 


Old
  Post #10 (permalink)   03-02-2011, 12:19 PM
HD Management Staff
 
Artashes's Avatar
 
Join Date: Apr 2003
Posts: 9,814

Status: Artashes is offline
Quote:
Originally Posted by Sushantg View Post
Sensitive data can be handled by encrypting or by encoding.
How? What's your strategy?
 
 
 


Old
  Post #11 (permalink)   03-02-2011, 01:33 PM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
We use a number of different methods here in our company. Much like yourself, we deal with hundreds of servers and our staff are not in a single central office. Each level of staff are limited on what they can see and what they can do. Only a select few people have full control over every aspect of the company.

You had mentioned that you were looking for a stable and secure environment in which to post sensitive data, but then you went on to say that you're using OfficeZilla and it's not housed at your facility. This pretty much breaks EVERY kind of security that you thought you had in place.

For our company we use a dedicated server that is locked down from the public. We use iptables and .htaccess files to stop any prying eyes also. If any of our staff are not at their normal IP (or their IP has changed) they must contact a senior member to get their new information added to the system. It does create a lot of extra checks and steps, but when it comes to potentially exposing root passwords to hundreds of machines, those extra 5 minutes are worth every second!

In the past we used a VPN and a key system. Each system admin would have a digital readout on their keyring and when logging into the VPN they must enter the code on the keyring. This number changed every 90 seconds and once logged in, they could remain logged in for a maximum of 60 minutes before having to log out.

All system admins have their own specific logins to a central server, and all root/shell access to other machines must be initiated through a selection of 5 servers that admins can log into. All entries are echoed to a log file so all information can be tracked.

Security is a HUGE concern.

With regards to the knowledgebase for your admins, why not setup a password protected Wiki or KNowledgebase for your internal staff rather than trying to have everything in one system?
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 


Old
  Post #12 (permalink)   03-03-2011, 08:56 PM
HD Amateur
 
Join Date: Jan 2011
Location: Escazu, Costa Rica
Posts: 61

Status: CRServers is offline
Quote:
Originally Posted by handsonhosting View Post
You had mentioned that you were looking for a stable and secure environment in which to post sensitive data, but then you went on to say that you're using OfficeZilla
We decided not to use OfficeZilla for the reasons exposed by you and some others.

Now we are using Feng Office on our own VPS server used just for this software and with tight security measures.

Thanks for your very interesting points on this topic.

Regards,
__________________
Rodrigo Fernandez
CRServers.com
Technical Support
 
 
 


Old
  Post #13 (permalink)   03-04-2011, 08:20 AM
HD Guru
 
HostLeet's Avatar
 
Join Date: May 2009
Location: Florida, USA
Posts: 874

Status: HostLeet is offline
Quote:
Originally Posted by handsonhosting View Post

With regards to the knowledgebase for your admins, why not setup a password protected Wiki or KNowledgebase for your internal staff rather than trying to have everything in one system?
What Conor suggested is definitely a good idea. You can also place passwords and documents on an encrypted external hard drive, that will require a login and password in order to get access to the files inside anytime it is plugged into a computer. This has worked good for me, but then again, I don't have 50 employees under my belt that have to share this info, so I'm the only one with full access to any and all company sensitive data, for now.


Conor, it sounds like you run a state-of-the-art operation over there at HandsOnHosting! When I get that big I will come to you for advise and counseling!
__________________
HOSTLEET.COM, LLC - Elite Website Hosting Since 2008!
Fast Reliable Affordable Secure Friendly & Courteous
RISK-FREE Money Back Guarantee PCI-Compliant Checkout

Last edited by HostLeet : 03-04-2011 at 08:23 AM.
 
 
 


Old
  Post #14 (permalink)   03-04-2011, 10:15 AM
HD Amateur
 
Join Date: Jan 2011
Location: Escazu, Costa Rica
Posts: 61

Status: CRServers is offline
Quote:
Originally Posted by handsonhosting View Post
why not setup a password protected Wiki or Knowledgebase for your internal staff
We are using HostBill's Knowledgebase right now, and that's exactly what I suggested them to do.
They have a public KB only right now, and changing it to a Public/Clients-Only/Admins-Only KB seems not too far fetched to implement.
Let's hope they listen to my suggestions ....

In the mean time, I'm trying to get all our staff into using our secure and hidden Feng Office server. Not an easy task... but worth it

Thanks for all the sugestions!

Regards,
__________________
Rodrigo Fernandez
CRServers.com
Technical Support
 
 
 


Old
  Post #15 (permalink)   03-04-2011, 10:38 AM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
Hostleet - any time you want to talk shop, I'm all ears! I think everyone can learn something when a discussion is in progress! We run a tight ship, but much like the Titanic, nothing is unsinkable. There's always room for improvement somewhere!

Rodrigo - We use the Public/Private feature within WHMCS on our website for our knowledgebase. We have about 600 articles exposed to the public and at least that which can only be accessed by clients. Our staff policies, procedures and shortcut commands on how to do "X" are not included in those knowledgebases and never will be.

As for swapping people over to a new system, you just have to cut the chord and they HAVE to use the new system. Doing something by dipping your toes in the water rarely gives the exposure that someone needs. Have a small test core of users, see if it works, if so, everyone gets thrown in. Sure you'll hear the bitching for a day or two, but if it's a better system, it's a better system.
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 
 
Reply
Previous Thread Next Thread


Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: