IT Jobs
AG Research is looking for developers in the Sydney area. For more information.
Phishing Story
Another phishing story, just proves you can’t be too careful.
Tweak your resumes. There’s IT jobs in Cape Breton!
The Cape Breton IT community is heating up. I’m leaving my current employer and they have posted a Network Administrator job.
Also, according the Cape Breton Partnership, a leading global IT services company is interested in connecting with new and experienced IT professionals on Cape Breton Island. They have also posted a job ad.
Interesting times ahead.
Fortune Cookies Tell No Lies
Join us on May 16 at the Delta Sydney for a presentation from Travis Barlow, Director of Security Consulting Services: eSentire Inc.
Fortune Cookies tell no lies – or how China may not be behind the majority of Internet borne attacks
Is China really behind all the attacks that the mainstream media would have you believe? During his talk Mr.Barlow will review recent happenings and the results of his research that provide some insights into what may be one of the largest Internet security assumptions in recent history.
Mr. Barlow is also the founder of the Atlantic Security Conference, Halifax Area Security Klatch, and the recently launched Halifax Hack Labs.
His presentation will run from 5:30-6:30 PM, with complimentary snacks and coffee/tea, then join us from 6:30-7:30 PM for complimentary appetizers, drinks, and networking. There will also be a draw for a $100 gift card from Future Shop!
A big thank you goes out to Check Point for sponsoring this event and to eSentire Inc. for providing an excellent presenter!
You don’t want to miss it! REGISTER TODAY! Seating is limited and your registration ticket is required for the door prize draw. You must print it and bring it with you to the event.
What is Security Posture
What is Security Posture? It is your overall security plan – the approach your business takes to security, from planning to implementation. It is comprised of technical and non-technical policies, procedures and controls, that protect you from both internal and external threats. No business, large or small, is safe from potential security breaches. Anyone is fair game.
Why do you need to worry?
- Hackers – Hackers scan networks for vulnerable systems that can be easily breached for malicious purposes. This can result in compromised data that, in turn, can cause lost customer confidence.
- Disgruntled Employees – Employees bearing a grudge could easily walk out your door with company data on removable media. They could send internal company data to an external source (ie. FTP, SSH, or email server) or simply destroy company data from within.
- Script Kiddies – Typically inexperienced hacker wannabes use tools which are freely available on the Internet (ie. LOIC – Low Orbit Ion Cannon or BackTrack 5). In the wrong hands, these tools can cause significant damage.
- Spammers – Exploit vulnerable email systems to relay spam email through your network infrastructure, often resulting in a network outage due to the traffic generated from your compromised network.
What can you do to protect yourself?
Determine what needs to be protected. This could include credit card numbers, confidential customer data, or corporate assets.
Figure out how your data might be acquired. A risk assessment should be conducted to determine any potential weak points in both your IT and physical controls.
Install controls to protect your data. This may be as simple as implementing a security awareness program for all employees, or as complex as installing a hardened network perimeter (ie. DLP or IDS systems). The scope of the controls will be determined by your financial situation and the likelihood of compromised data.
In the end, you need to decide how much risk you can accept. This will determine a security posture that suits the needs of your business.
Building a server? SAS vs SATA
Most servers that have RAID controllers with Hot Swap bays will support both SAS and SATA drives. First I’d like to say that if you are looking at a server, you should really consider one with hardware RAID and hot swap bays for the drives as a minimum requirement. A properly configured RAID system will allow you to replace a faulty hard drive without powering down the server and without data loss, how much is downtime worth to you?
I’m going to assume you picked the right server and now the question is “Do I go with SATA or SAS drives?”
A SATA drive can connect to a SAS interface, a SAS drive cannot connect ot a SATA interface. Most SATA drives are designed for the consumer market where cost is a big factor. Most consumer drives are based on 8 hours per day usage with a 10-20%* workload. They are designed to run at half duplex (one data direction at a time) with an I/O per sector of 77*. Enterprise based SATA drive improved on these specs by being design for more usage, higher workloads and can run at higher temperatures, and cost more. SAS drives are designed to be enterprise drives where performance and reliability are much more important than price. SAS drives are design to be running 24 hours a day with a much higher workload and to withstand higher temperatures. SAS drives use full duplex and have an I/O per sector of around 319*, 3 to 4 times faster than SATA. If you ever pick up a SAS drive, one of the first things you’ll notice is that they are much heavier than the SATA counterpart.
I guess you can see where this is going. From personal experience, SAS based RAID system out-perform SATA based RAID systems.
Joe Clarke
*Some of the numbers used above are from Intel.
