RDA Supports Important Professional Associations

Group of different profession adult people seamless pattern illustration

RDA is a big supporter of our customer’s professional associations.  The meetings held by these organizations are a great opportunity for learning!

In addition, I believe it is important for our customers and their peers to get together for networking opportunities to share new ideas, best practices and what is working and not working.

Below is a list of the conferences we plan to attend in October and November.

Conference Dates Location
Georgia Government Finance Officers Association Oct 4-6 Jekyll Island, GA
Virginia Association of School Business Officials Oct 15-16 Newport News, VA
Tennessee Government Finance Officers Association Oct 21-23 Franklin, TN
Virginia Government Finance Officers Association Oct 21-23 Stauton, VA
North Dakota School Boards Association Oct 26 Bismark, ND
Georgia Association of School Business Officials Nov 3-5 Augusta, GA
Virginia Association of Counties Nov 8-10 Highland, VA
Tennessee Association of School Business Officials Nov 17- 19 Murfreesboro, TN

If you are attending one or more of these conferences, please stop by our booth and say hello.  We would love to hear from you.

Security and the Cloud

http://edcetera.rafter.com/wp-content/uploads/2013/02/cloud-computing-security.jpeg

 

“The Cloud” has become an essential part of IT infrastructure over the past few years. Many consider it a household name while others are unknowingly storing data in “The Cloud”.   Knowingly using “The Cloud” or not, “The Cloud” and the security surrounding “The Cloud”, are two of the most misunderstood items in the information technology industry today.

If you were to take a survey and ask our users where they think their data is when it’s supposedly in “The Cloud”, the majority of people probably would not be able to answer the question. The correct answer is the data is stored on a server in a high-security data center on the east coast of the United States. The facilities are biometrically secured and monitored 24 hours a day, 7 days a week, and 365 days of the year.  In simple terms, the data is stored on a server that is virtual, or outside, of your location.

The data center has many security certifications such as the SOC 1/SSAE 16 report, PCI DSS Level 1 compliance, Safe Harbor certification, and the Health Insurance Portability and Accountability Act (HIPAA).   If you elect to implement OpenRDA in a cloud environment,  RDA ensures that they are the only ones able to access the backend of the virtual server.   In addition, RDA does not use password based authentication. but a much more secure method of accessing our customers virtual servers, IP address based authitication.

The main point to take away is “The Cloud” is not any less secure than an on-site server. In fact, it is actually more secure due to the additional security provided by the data center versus keeping the server in an unsecure storage closet.  The centers have security in place to make sure only the necessary staff have access to the hardware.  RDA also ensures that the access keys are rotated on a regular basis to help prevent unauthorized access.  RDA can further limit remote access to the virtual server by only allowing access from your external IP address ranges and RDA’s IP ranges.  With that limitation in place, your site is not visible to other internet users.

Please do not hesitate to contact us if you have any questions or would like further information on transitioning to the cloud. You can contact us at support@rdasys.com or by calling 1-800-338-4984 Ext. 1 and we will be more than happy to assist you.

Do You Have A Backup Of Everything You Need?

We all recognize the fact  that we are completely dependent on technology functioning properly in order to do our jobs.  And we all know that there is a chance that technical equipment can fail, many times without warning. Its easy to think “it won’t happen to me”. But the reality is it might.  And sometimes hearing a real life story keeps us motivated to have a backup plan…and even a backup for our backup!

A Customer’s Story

A RDA customer recently had an in-house server that suffered an unexpected catastrophic failure. Their data could not be recovered from that server. Fortunately the RDA user backed up her live OpenRDA data directory nightly on a CD. But she also had an MBGUI directory containing data from 2004 – 2008 on that server that she still needed to occasionally access. This was not a part of her normal backup routine.  Luckily she had a CD from 2010 that contained the 2004-2008 data she needed. This story ended well but unfortunately it does not always happen that way. The good news is that losing data is the result of improper planning and it can be prevented.

So, in hopes of preventing future issues we will ask you…do you backup your historical directories at least once a year?  Do you backup your live data directory daily?

While backing up your live OpenRDA data on a daily basis is a must, we are all guilty of getting in a hurry and forgetting things.  And many of us may completely forget about other important yet less used data that is stored on a server, such as historical information.  While you don’t need to back up static data that does not change on a daily basis, it would be a good habit to make it part of your annual “data housekeeping” process.

So thanks to our customer mentioned above, here is your friendly reminder: Make sure you have a backup plan in place to:

  • Backup your live data directory daily
  • Backup any other data on your server on a regularly scheduled basis

Our Customer Care Group Can Help

Need help? RDA has options to make backing up your data easier for you. Part of hosting your data in the cloud is that your data is automatically backed up nightly. This backup service is included in your annual cloud cost and does not require any time commitment on your end.

For those of you that currently have an in-house server and/or plan to continue to host your data on an in-house server, we offer our Internet Backup Service (IBS). We keep at least 5 days worth of data available at all times.  We also store your last 12 monthly backups.  This process takes place after business hours and will not interrupt your day.

And if you need to backup your historical directory but are not sure how, send in a cyber support ticket under utilities  and we’ll be glad to show you.

If you have any questions about backing up your data or how RDA can assist you with this process, contact Mimi English for more information.  Things happen, be prepared!

The Shellshock-Bash Bug Security Vulnerability

Here are the basics of the Shellshock-Bash Bug Security Vulnerability:

  • It affects more machines than the Heartbleed issue did
  • It is significantly harder to exploit than Heartbleed was

Bash has been a part of Unix-derived systems for more than 20 years, with this vulnerability just recently discovered. There is a very good overview of the issue on the ABC News website:

http://abcnews.go.com/Technology/wireStory/cyber-experts-warn-bash-bug-25750992

If you are running a solution that we host, the updates needed to fix this issue are now available and we will have them installed today. If you are running on an internal server and you are running up-to-date security software, you have done what you need to do at this point. As patches come out for this issue, we will keep you updated.

If you have any questions, give us a call.

Cloud Security – What You And Your Staff Need To Do

With the recent Heartbleed incidents, we expanded the scope of this post to include cloud security for all of your online activities. No matter what you are doing online, you need to take these basic safety precautions.

Protect Your Passwords

Passwords can be a nuisance to keep up with. But there are some things you should not do to jog your memory. Do not write passwords on a post-it type note and put them on your monitor, in the top desk drawer or in your wallet.  Research studies show that 20%-30% of password theft happens inside the office.

If you have to write your passwords down (and most of us do, whether or not we want to admit it) put them in a safe but accessible place. A locked desk drawer, a small lockbox, out in your car – any place secure and not right next to your computer. Or you can use one of the software packages designed to help manage passwords. Dave, our CEO, is very happy with a system called 1password.

You need to use different passwords for different sites. And, unfortunately, passwords need to be changed on a regular basis. There are a lot of hackers out there and they are all trying new ways to break into databases. Changing your passwords regularly minimizes potential problems.

If you have any sites that may have been affected by Heartbleed, change your password as soon as your vendors tell you they have completed the updates. For our self-serve sites, we completed the updates less than 24 hours after we heard about Heartbleed. The chance of a problem is very slight but we cannot rule it out. When in doubt, change your password.

Keep Your Browsers Updated

Many potential security issues center around your web browser. The browser developers know this and spend a lot of time, effort, and money fending off security risks. Take advantage of their knowledge and resources. Keep browsers updated and secure. Check in with us if you aren’t sure if we support the new release.

The same applies to the operating systems on your workstations. Windows XP is a great example. Support has been dropped officially by Microsoft, which means no more security updates. Since XP has had a long life lots of hackers know the system well. They will get in, and soon.

Don’t Use Unsecured WiFi For Sensitive Data

WiFi is available in a wide number of locations. Most of the time these free services are unsecured because it makes it easier for customers to log in. It is OK to look up directions or browse online but do not go to sites that require access to sensitive data like your bank account or credit card number.

Be Safe Out There

We are taking every opportunity to make sure our portion of your web experience is safe and secure. You need to take precautions as well. Let us know if you have any questions.

Heartbleed Internet Bug Update

You have probably seen the news story about the Heartbleed bug that has found a vulnerability that impacts a large number of internet providers. While likelihood of a data compromise is minimal, security issues are a high priority for us.  We have completed our first level review and tests.

We are currently repairing the potential breach on individually hosted sites and should have all secure shortly after lunch time. Your site will be unavailable for a couple of minutes while we complete this process.

If you are running from an internal server, this issue should not be a concern.

If you would like to know more about the bug, you can go to www.heartbleed.com to hear it from the people who found the problem. You can also go to http://filippo.io/Heartbleed/ to check any sites you currently use.

If you have any questions, let me know.