Entries by RPacitto

The Day the Cloud Went Down

7:33 AM, August 31, 2019, a power failure hit Amazon Web Services (AWS) US-East-1 datacenter in North Virginia. As expected, the datacenter’s backup generators kicked in.

Then at about 9 AM the generators started failing

The result was 7.5% of Amazon’s data storage units were unavailable for several hours. Some of the affected websites and services included Reddit, Styleseat, Fortnite, Sendhub … and many smaller sites and services. Power was restored, and around noon most of the drives were functioning. But the outage rendered some data unrecoverable. For those that had not backed up their data, the power failure was a disaster.

Your Windows 10 Transition

Using Windows 7 and Windows Server 2008/R2 after January 14, 2020 puts your systems at risk of vulnerabilities and cyberattacks. When over 200,000 computers were infected by WannaCry in 2017, it was the result of a Windows vulnerability. If a WannaCry-type attack occurs that affects Windows 7 after January 14, 2020, your Windows 7 installations will only have had access to the patch if you are paying for Extended Security Updates. 1

One in three breaches is due to unpatched vulnerabilities. For an organization, the average cost of a data breach is $3.86 million — the average cost for each lost or stolen record is $148. This makes data breaches worse for most businesses than floods, fire, and transit strikes combined. 2 Data breaches end businesses.

Crunching the Patching Numbers

There were 16,516 Common Vulnerabilities and Exposures (CVEs)1 published in 2018. The time needed to analyze the relative importance of these to your organization would be something like 16,516 alerts times fifteen minutes to read and assess each one, which works out to about 500 days of work. If you decide that your organization is affected by twenty percent of these, that’s 3,304 vulnerabilities times an average of about an hour to patch each one — that will take about 40 days. And how many devices do you have that need this patch deployment? 2

The Curious Case of Windows 7 Legacy Apps

“Support for Windows 7 is Coming to an End. … January 14, 2020 …” nagged a Windows 7 screen last week.

Like any other piece of technology, Operating System software gets obsolete. The obsolescence comes in the form of vulnerabilities to hackers, who get rich knowing how to look for and exploit these weaknesses in the code, compromising the contents of your computer and network.

Did You Feel a Drop? BUDR Pt. 2

Remember the panicked manufacturer with a progression of computer problems that recalled the proverbial “perfect storm”? Today I’m going to sort those problems out, and recommend ways to help keep those things from happening to you. To refresh, here’s what went on with that manufacturer:

The installed version of their ERP (Enterprise Resource Planning software) was too old to receive application maintenance and support. They hadn’t wanted to interrupt their workflow, and so hadn’t upgraded the ERP in more than five years.

Avoiding the Perfect Storm

A nearby manufacturer called Bryley panicked. The problems started with a failed upgrade to their ERP (Enterprise Resource Planning software). Because they hadn’t wanted to interrupt their workflow, the company hadn’t upgraded the ERP in more than five years. But the installed version was now beyond maintenance and support, so they bit the bullet. Only, during the upgrade there was a power fluctuation so that the upgrade did not complete. In fact no computer on the network would boot normally. In addition while trying to resolve the failed upgrade, they found a flaw in their in-house back-ups. Now the business was losing days and money to downtime.