Comments for Managed Data Center News, Trends, and Commentary

Comment on How Social Media Might Benefit Health Care and Be Meaningful to Patient Health by Social media and the business of health care - Intro To Business - Global Economic Crisis: Cengage Resource Center

Thu, 16 Feb 2012 20:28:57 +0000

[...] more accurate information, on a more timely basis, and establish better long term relationships. A strep throat story by April Sage illustrates all three of these points, from a personal perspective. One of her [...]

Comment on The Rise of the Healthcare App Industry by Thu Pham

Thu Pham — Fri, 10 Feb 2012 15:51:57 +0000

Thanks Andrea! Good to hear from you!

Comment on The Rise of the Healthcare App Industry by Andrea Sperl

Andrea Sperl — Fri, 10 Feb 2012 14:50:47 +0000

Great article Thu! At Lean Fox Solutions, we facilitate change management for healthcare and we’re very optimistic about the direction of mHealth toward improving patient care.

Comment on SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards by Richard Noël

Richard Noël — Tue, 07 Feb 2012 15:27:29 +0000

Hello,
The statement from this article quoted below is only partically correct and bears clarification …

“There is no minimum bar that the data center operator has to achieve and no benchmark to hold data center operators accountable to.”

While I agree that SAS70 was and SSAE16 continues to be misused for testing IT and business process controls, the Service Auditor is required per the audit standard to ensure ‘The description fairly presents the information technology system that was designed and implemented throughout the period’ and ‘The controls related to the control objectives stated in the description were suitably designed.’ If the Service Auditor determines that either the description of the system or the type or number of controls proposed by the Service Organization to be within scope is insufficient, and the Service Organization is unwilling to bring the scope up to a mutually agreed level, the Service Auditor is bound by the audit standard as to whether the engagement can be performed and what must be reflected in the final report.

Rgds,
Richard

Comment on How Social Media Might Benefit Health Care and Be Meaningful to Patient Health by John Frederick

John Frederick — Sun, 05 Feb 2012 13:14:55 +0000

Excellent piece, April ! I would only argue that docs offices are under huge financial pressures, ,and the jcurrent episode kpayment model really gums up lithe works of making the system better. For instance , not clear who pays and how much if you drop by for a quick strep test. Insures may balk at a visit for a test if no provider actiually saw you. Whatj if the doc is in the middle of a heartfelt cancerbdiscussion with someone and cant retweet you. Can the nurse see you only? Thats convenient, but copays may not be chargeable if the doc or a rendering provider is not in attanedance. And if you have medicare- what a fearful mess when we have to worry about 10000 fines for fraud if we bill something incorrectly.
lAnd who sees you and evaluates the test? Medico legal hurdle, there.
I love your blog, and you are exactly right! Let’s get third parties out of the picture so your fam doc can innovate to please you and give good service and get unpaid reasonably for it.

Comment on Preventing a HIPAA Violation in 2012 by Ethical Hacker Roundup - HIPAA Movement | Pivot Point Security

Ethical Hacker Roundup - HIPAA Movement | Pivot Point Security — Fri, 20 Jan 2012 15:14:39 +0000

[...] Preventing a HIPAA Violation in 2012 [...]

Comment on Recent Data Breaches Exemplify the Importance of PCI Compliance by Thu Pham

Thu Pham — Tue, 17 Jan 2012 20:28:14 +0000

Totally true, Phil. I changed the title to “Recent Data Breaches Exemplify the Importance of PCI Compliance” to better represent what I initially meant when I wrote the blog post.

I did leave the URL/permalink as the old title though, since I’ve already linked out and don’t want to deal with redirects! Thanks for your $.02.

Comment on Recent Data Breaches Exemplify the Importance of PCI Compliance by Phil Cox

Phil Cox — Tue, 17 Jan 2012 19:42:12 +0000

Not sure I really get the title. The fact that they were breached has really nothing to do with PCI compliance. PCI is a set of requirements; you either do them or you don’t. If you don’t and get breached, you have no safe harbor for fines. If you were doing them and get breached, then you have some level of safe harbor.

I think the best line in the article is “…your PCI compliant hosting provider should provide evidence…”. So true, for anything you cannot control, you need to get some level of attestation from the provider as to how they are protecting. As a matter of fact, that is a requirement of PCI. If you don’t have “proof” that your provider is doing what they need to protect CHD for the THINGS THEY CONTROL!

I agree that these breaches highlight PCI, but I don’t see the breaches “affecting PCI compliance”. Just my $.02.

Comment on Mobile Security: How Safe is Your Data? by Matt About Friday: The "How to Get Site Traffic" Edition | Matt About Business

Fri, 23 Dec 2011 16:46:46 +0000

[...] Mobile Security: How Safe is Your Data?: There’s been a lot of chatter lately about online data security. This post take a look the security of your mobile data, an area of concern as the number of smartphone users continues to grow. [...]

Comment on Risk Assessments to Achieve PCI Compliance in the Cloud by Rachel Denski, Sr.

Rachel Denski, Sr. — Fri, 23 Dec 2011 09:18:56 +0000

Comodo realizes that complying with the security measures set by the Payment Card Industry is no easy task, but we also recognize that maintaining high level security online for all e-commerce merchants and their customers is something that will benefit everyone. This is precisely why we have simplified the PCI scanning requirement and annual SAQ into accessible methods to help you validate your compliance.

Comment on Sutter Health HIPAA Breach: Lessons Learned by Thu Pham

Thu Pham — Tue, 20 Dec 2011 20:49:51 +0000

I’m sorry to hear that, Sherri. The Sutter Health website has a phone number you can call:

Sutter Health has established a toll-free helpline to answer questions and assist patients in determining whether their data was included. Any concerned patients can call toll-free at 1-855-770-0003, Monday through Friday from 8 a.m. to 5 p.m. PST. When prompted, patients should enter this 10-digit reference code: 7637111511.

And you can find more information about the stolen computer notice here:
http://www.sutterhealth.org/noticeforpatients

Best of luck!

Comment on Sutter Health HIPAA Breach: Lessons Learned by Sherri

Sherri — Tue, 20 Dec 2011 19:34:26 +0000

I was one of the 3.3 million patients. I didn’t know about the breach until I heard about it on the news. When I called Sutter to inquire if my identity was on that computer, the representative confirmed that my name, address, telephone number and name of insurance company was on there. I asked her to send me a letter detailing the breach, which she agreed to do. This was two weeks ago. I still haven’t received the letter!

Comment on Why is a PCI Compliant Environment So Expensive? by Della Lowe

Della Lowe — Tue, 13 Dec 2011 22:39:47 +0000

This is a very good article and I agree – PCI is worth it. Just consider the credit card breaches that you hear about (and I emphasize “hear about” which does not take into account those that are never reported, under reported or just not surfaced publically). It seems they are coming fast and furious every day.

When it comes to vulnerability monitoring and protection, however, there are ways to mitigate the costs. Automation is the key and cloud-based services also are a great help in this area. What you want to look for are systems and products which are easy to set up, need little intervention from IT and automatically – but accurately – detect and prevent threats.

Bottom line – almost anything is cheaper than a breach when you take into account legal fees, fines, lost brand reputation etc. Indeed, if you are a level four merchant for example and you get breached, you need to meet the PCI DSS requiremenst of a level 1 merchant for an entire year – not such a good thing for the smaller retailer.

Comment on Risk Assessments to Achieve PCI Compliance in the Cloud by Phil Cox

Phil Cox — Tue, 13 Dec 2011 05:26:30 +0000

Some very salient points. I think the biggest issue here is getting cloud providers that have gone through the due diligence in achieving a PCI level of compliance. As any QSA worth their salt will ensure the cloud provider can meet the need of proper isolation in a multi-tenant environment to limit scope of the Cardholder Data Environment. Right now, Amazon and a few other cloud providers can give that assurance, and organizations who are looking at going to the public cloud with PCI requirements, need to (as you said) find the providers that can support them.

The risk assessment part of the process should be nothing new to organizations, and is hopefully a well understod process for them. If not, then this may require a bit of “heavy lifting” to get to the point where they can articulate proper controls that will be needed.

As a side note, I am (almost daily) working with clients to design solutions that will met PCI compliance requirements while running in a public cloud. It is not a trivial task, but it can and is being done currently.

Comment on What’s in a Business Associate Agreement? by Agreement

Agreement — Tue, 13 Dec 2011 05:16:59 +0000

The need of business associate agreement can never be neglected. This article outlines its importance.

Comment on 2011 Cloud & IT Disaster Recovery Statistics by Schedulicity Releases 2012 Small Business Forecast |

Schedulicity Releases 2012 Small Business Forecast | — Mon, 12 Dec 2011 13:46:03 +0000

[...] via the cloud is moving businesses out of traditional media. According to survey by Aberdeen Group (http://resource.onlinetech.com/2011-cloud-it-disaster-recovery-statistics), almost 40 percent of small business have adopted cloud computing. Productivity cloud-based [...]

Comment on Midwest HIMSS 2011 Live Blogging by Bill Ryan

Bill Ryan — Wed, 16 Nov 2011 01:35:47 +0000

If you are in the medical field and haven’t had a chance to get educated about this changing industry, I’d urge you to either become a HIMSS member in Michigan or go to the HIMSS website and browse the listings and presentations that are available.

Comment on HIPAA 5010 Deadline Approaching: Taking Steps toward Implementation by Angela – Vee Technologies

Angela – Vee Technologies — Thu, 10 Nov 2011 08:54:33 +0000

Hi Thu Pham, this article is super! It clearly identifies and outlines the realities of the upcoming EDI / ICD-10 / HIPAA 4010 to 5010 conversion challenges. I work with a U.S. based strategic services company (headquartered in NY and with operations in India). At the moment we are working with over 20 payer/provider companies, most of which we have already successfully converted them to 5010. Even with our 10+ years of experience in the healthcare back office space, I’ve seen that with each conversion that new lessons are learned by our team on client specific peculiarities…and our process is now well matured. However, as time is growing short I think we are all starting to see more and more companies literally rushing now to ensure that they are ready to start submitting their claims electronically using the X12 Version 5010 and NCPDP Version D.0 standards by the January 1st 2012 deadline. We’ll keep checking back to see if you have any updates and suggestions for the industry. Cheers, Angela Carson, Head of Communication at Vee Technologies

Comment on Is Your Business Prepared for Cyber Monday Traffic? by Cyber Monday 2011

Cyber Monday 2011 — Sat, 29 Oct 2011 19:43:23 +0000

2011 is looking to be an even bigger year for Cyber Monday shopping. It will be interesting to see.

Comment on Free Webinar: Cost-Effective Protection Against HIPAA Enforcement by Free Webinar: Cost-Effective Protection Against HIPAA Enforcement | Upcoming Free Webinars - UPDATED DAILY

Mon, 24 Oct 2011 21:16:58 +0000

[...] See the original post: Free Webinar: Cost-Effective Protection Against HIPAA Enforcement [...]

Comment on HIPAA Compliant IT Security and Best Practices by HIPAA … – Managed Data Center News, Trends, and Commentary | voipsip.in

Thu, 20 Oct 2011 04:33:33 +0000

[...] Read More: HIPAA … – Managed Data Center News, Trends, and Commentary [...]

Comment on HIPAA & Health IT: $872 Million in Incentives by Heather

Heather — Fri, 14 Oct 2011 18:12:27 +0000

That’s a pretty big incentive to get healthcare providers to move forward with implementing EHR and other security measures for patient records. With all of the announced HIPAA audits already underway, there’s no better time than now to review your policies and upgrade technology.

Comment on Benefits of Managed Dedicated Servers by Dedicated Server Hosts | Web Hosting Information and Tips

Dedicated Server Hosts | Web Hosting Information and Tips — Thu, 13 Oct 2011 12:40:54 +0000

[...] computing capacity in small and mid-size businesses. We offer a full range of colocation, managed Dedicated servers and private cloud computing at our Michigan data centers. Industry leaders trust Online [...]

Comment on Passing a HIPAA Audit & Achieving HIPAA Compliant Data Centers by Roopashri

Roopashri — Thu, 13 Oct 2011 08:54:54 +0000

“Recently, I came across another site “”training-HIPAA.net”" that provides HIPAA training courses in multiple formats that include instructor led HIPAA training, online HIPAA training with instructor, online anytime HIPAA training, customized onsite training and HIPAA training kit for self study.
From their website, I found that they also provides HIPAA compliance kits, manuals, training, templates, and compliance consulting services in the areas of HIPAA security risk analysis, vulnerability assessment, contingency planning, and HIPAA security audits.”

Comment on Cloud Computing Prompts 2012 Data Center Expansion Plans by Cloud fuels Data Center Expansions

Cloud fuels Data Center Expansions — Mon, 10 Oct 2011 15:25:38 +0000

[...] find Thu’s article here. Share [...]

Comment on Cheap Hosting Case Study: You Get What You Pay For (And Sometimes Not At All) by Thu Pham

Thu Pham — Mon, 10 Oct 2011 14:10:45 +0000

Thanks for your comment, Jon. I agree that users should educate themselves on their pricing plans, and pair that knowledge against their own applications and business strategy to determine if it’s really the best fit. While the AWS product pages may not have extensive spot pricing information, if you dig a bit deeper, their Spot Instances page provides a much more comprehensive overview – http://aws.amazon.com/ec2/spot-instances/

A few things (excerpts you can find in the blog post above and info on the Spot Instances page):

1. You have your instance only for as long as your price is higher than the current spot price, and this is measured much more frequently than the bid interval of 1 hour. So you could launch an instance for up to $.15/hr it could run for 30 minutes, and then be terminated unexpectedly when the spot price is over $.15/hr

“The Spot Price changes periodically based on supply and demand, and customers whose bids meet or exceed it gain access to the available Spot Instances.”

2. People can, and do, bid HIGHER than the on-demand price for spot instances to get priority machine allocation. This means they get priority OVER all other spot prices, AND over “normal” on demand users.

“One major risk attached to this purchasing method is that you can be outbid by another person willing to pay more for the computers hosting your services. Meaning, at any moment, you could be kicked off and forced to rebuild your servers.”

3. Spot instances are terminated without a safety net, all data/jobs/processes on them need to be designed to be re-entrant, and fail-able. The mentality for typical spot instance usage is, there is a need, a spot instance is launched, it checks out a job from a queue (like SQS, but frequently a custom setup), it runs, *IF* it finishes, it returns success, *IF* it does not finish, another instance picks up the job.

“…as stated on Amazon’s site, ‘If you’re running Spot Instances and your maximum price no longer exceeds the current Spot Price, your instances will be terminated.’”

The better your application and plan meet the functionality of spot instances the more you can work the system and save a lot.

- It’s more of a question of why is SEOmoz investing their PRO member dollars in an inherently flawed hosting pricing plan? It’s almost as if they acknowledge they will continue to use a plan that is proven to be unreliable, instead of seeking higher quality hosting to guarantee better uptime. It’s a clear gamble and not the best business strategy to win over the loyalty of clients.

Comment on Cheap Hosting Case Study: You Get What You Pay For (And Sometimes Not At All) by My Comments on ‘Cheap Hosting Amazon AWS’ Blog Post | jon zobrist (dot) com

My Comments on ‘Cheap Hosting Amazon AWS’ Blog Post | jon zobrist (dot) com — Sun, 09 Oct 2011 16:43:23 +0000

[...] “Cheap Hosting Case Study: You Get What You Pay For (And Sometimes Not At All)” [...]

Comment on Cheap Hosting Case Study: You Get What You Pay For (And Sometimes Not At All) by Jon Zobrist

Jon Zobrist — Sun, 09 Oct 2011 15:10:53 +0000

These are all interesting points that anyone using AWS, and especially Spot Instances should know. The service provider (Amazon AWS) should not be blamed for the user mis-understanding how their service works.
There are 3 things about Spot instances that everyone should know, that Amazon is less than clear about on their product pages, and I found out at the AWS Summit in SF.
1. You have your instance only for as long as your price is higher than the current spot price, and this is measured much more frequently than the bid interval of 1 hour. So you could launch an instance for up to $.15/hr it could run for 30 minutes, and then be terminated unexpectedly when the spot price is over $.15/hr
2. People can, and do, bid HIGHER than the on-demand price for spot instances to get priority machine allocation. This means they get priority OVER all other spot prices, AND over “normal” on demand users.
3. Spot instances are terminated without a safety net, all data/jobs/processes on them need to be designed to be re-entrant, and fail-able. The mentality for typical spot instance usage is, there is a need, a spot instance is launched, it checks out a job from a queue (like SQS, but frequently a custom setup), it runs, *IF* it finishes, it returns success, *IF* it does not finish, another instance picks up the job.
The better your application and plan meet the functionality of spot instances the more you can work the system and save a lot.
Design and plan for failure, and you will love the cloud.
Design and plan like you have a physical server, and you will complain that the cloud let you down.

Comment on The War of Email Cloud Computing: Google vs. Microsoft by The War of Email Cloud Computing: Google vs. Microsoft « ImpartMe

The War of Email Cloud Computing: Google vs. Microsoft « ImpartMe — Thu, 06 Oct 2011 20:18:17 +0000

[...] The War of Email Cloud Computing: Google vs. Microsoft Tags : cloud, cloud-computing, cloud-resources, compliance, computing-benefits, data, private, [...]

Comment on 2011 HIPAA Violations and Audits by 2011 SMBs and Disaster Recovery in the Cloud | Data Recovery Tulsa

2011 SMBs and Disaster Recovery in the Cloud | Data Recovery Tulsa — Fri, 30 Sep 2011 14:15:47 +0000

[...] – or, if you lose or destroy patient data, it can result in lawsuits and costly fines (see HIPAA violations). Disaster recovery planning is no longer a luxury, but a serious preventive measure that needs to [...]

Comment on Lost Military Backup Tapes Results in HIPAA Violation Affecting 4.9 Million by Will a Government Contractor Make the Wall of Shame over Tape Backups? | About HIPAA

Fri, 30 Sep 2011 01:31:47 +0000

[...] and other jackapples out there are still backing up ePHI to magnetic tapes . "Lost Military Backup Tapes Results in HIPAA Violation Affecting 4.9 Million". Learn [...]

Comment on 2011 HIPAA Violations and Audits by OCR Audit Requirements Following a Self-Reported HIPAA Breach

OCR Audit Requirements Following a Self-Reported HIPAA Breach — Thu, 29 Sep 2011 12:28:45 +0000

[...] copy of a letter that the Office of Civil Rights sent to an organization following a self-reported HIPAA breach. I thought you would find some of their requests and the timing [...]

Comment on Rethinking the Outsourced Cloud, Part II: 2011 Benefits of Cloud Adoption by Online Technical Support

Online Technical Support — Mon, 26 Sep 2011 18:23:00 +0000

Thanks for sharing. A lot of useful information here and it helped me understand alot.

Comment on Rethinking the Outsourced Cloud, Part II: 2011 Benefits of Cloud Adoption by Rethinking the Outsourced Cloud, Part II: 2011 Benefits of Cloud … | F1 Help

Mon, 26 Sep 2011 15:28:02 +0000

[...] Read the original post: Rethinking the Outsourced Cloud, Part II: 2011 Benefits of Cloud … [...]

Comment on Benefits of Private Cloud Computing: Compliant & Cost-Effective by Benefits of Private Cloud Computing: Compliant & Cost-Effective » Welcome to privatecloud.com

Fri, 23 Sep 2011 12:04:46 +0000

[...] Read his blog here var addthis_brand = 'privatecloud.com';var addthis_language = 'en';var addthis_options = 'email, favorites, digg, delicious, myspace, google, facebook, reddit, live, more'; [...]

Comment on Upcoming Cloud Computing and Disaster Recovery Events by Xerex James

Xerex James — Wed, 21 Sep 2011 03:41:49 +0000

The thing with most people today is they have this false perception data loss only happens in geeked techy television shows and not in real life. BIG MISTAKE. Usually, when the files go missing, the flow of regrets (and blaming) were a dragging recollection of what-ifs or i-should’ve-listened-to-that-ad-eventhough-I-can’t-stand-the-speaker’s-hair. Today’s Backup software are available in many formats, each highlighting the need for installation.

Most people would label backups as something for the techy folks. Well, aside from the super easy steps during installation, there are options tailor-made for every user.

Comment on 2011 HIPAA Violations and Audits by Benefits of Private Cloud Computing: Compliant & Cost-Effective

Benefits of Private Cloud Computing: Compliant & Cost-Effective — Thu, 15 Sep 2011 15:02:31 +0000

[...] system have trended toward demands for a secure, reliable and compliant data hosting solution. With HIPAA violations costing healthcare providers up to $1.5 million in penalties each year, the healthcare industry [...]

Comment on Simplifying PCI Compliance with Tokenization by ISO Info - Simplifying PCI Compliance with Tokenization

ISO Info - Simplifying PCI Compliance with Tokenization — Wed, 07 Sep 2011 23:16:22 +0000

[...] See original here: Simplifying PCI Compliance with Tokenization [...]

Comment on PCI Compliance and Virtualization: New Recommendations by Simplifying PCI Compliance with Tokenization

Simplifying PCI Compliance with Tokenization — Wed, 07 Sep 2011 17:09:31 +0000

[...] the latest update on PCI DSS compliant standards? After little to no changes for years, save the virtualization update, the PCI Security Standards Council (PCI SSC) recently published a document on new technical [...]

Comment on SOCs and SASs: The New Standards for Service Organization Controls Reporting by Thu Pham

Thu Pham — Wed, 07 Sep 2011 16:07:31 +0000

You can find an overview of the AICPA/CA Trust Services Principles and Criteria (used for the SOC 2 report) here (it lists all security procedures/practices, including physical and logical):

http://www.aicpa.org/InterestAreas/InformationTechnology/Resources/TrustServices/DownloadableDocuments/FINAL_Trust_services_PC_Only_0609.pdf

Comment on SOCs and SASs: The New Standards for Service Organization Controls Reporting by mike kranz

mike kranz — Wed, 07 Sep 2011 14:47:40 +0000

We are looking at enabling a facility becoming soc 2 compliant. Where can we find the standards for the physical security demanded by these codes. Your help will be appreciated.

Thank you,
Mike Kranz

Comment on UPS Upgrade & Overhaul: Recommendations for a Successful UPS Upgrade by Brett Lee

Brett Lee — Wed, 07 Sep 2011 07:56:45 +0000

This is an informative article. The recommendations are really helpful and useful.

Comment on SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards by SAS 70 is Dead ? Long Live SOC 2 and SOC 3 - Cloud Hosting Comparison

SAS 70 is Dead ? Long Live SOC 2 and SOC 3 - Cloud Hosting Comparison — Mon, 05 Sep 2011 23:12:14 +0000

[...] designed around data center service organizations. I wrote a more detailed explanation of SAS 70, SSAE 16, SOC 2 and SOC 3 recently, but here’s the low [...]

Comment on Green IT: Cloud Computing Saves Time, Costs & Energy by Green Cloud Computing | Computer Blog | Computer Tips and Tricks | Everything you need to know

Thu, 01 Sep 2011 04:50:42 +0000

[...] the Cloud, elasticity and scalability allows businesses to control the amount of server usage. Companies can [...]

Comment on 2011 Cloud & IT Disaster Recovery Statistics by Compliance, Disaster Recovery & Business Sustainability: Cloud Computing for Healthcare

Wed, 31 Aug 2011 12:52:40 +0000

[...] Related Links: Benefits of Disaster Recovery in Cloud Computing 2011 Cloud & IT Disaster Recovery Statistics [...]

Comment on 2011 HIPAA Violations and Audits by Compliance, Disaster Recovery & Business Sustainability: Cloud Computing for Healthcare

Wed, 31 Aug 2011 12:50:09 +0000

[...] and process security measures implemented by IT vendors. As mentioned in an earlier blog post on HIPAA violations and cited in the U.S. Health and Human Services Department breach statistics, the greatest [...]

Comment on 2011 Cloud & IT Disaster Recovery Statistics by 2011 Cloud & IT Disaster Recovery Statistics « Quick Disaster Recovery.com

Wed, 24 Aug 2011 21:07:18 +0000

[...] here: 2011 Cloud & IT Disaster Recovery Statistics Comments [...]

Comment on Benefits of Cloud Computing (Virtualization) for IT Disaster Recovery by PhiL Cox

PhiL Cox — Mon, 22 Aug 2011 19:54:25 +0000

Some very relevant points. Some thoughts:

1. You need to consider if you are talking Public or Private clouds. If private, then you may not be getting the benefit discussed here (as you likely have the physical aspects to deal with)
2. When looking at using a Public cloud for DR, you need to look at how “placing” that data an applications in that environment will affect its overall security. There are a number of security aspects of having things in a datacenter that will vanish when placed in a public cloud environment. That loss of controls needs to be expected an architected for. In particular, answer the following:
- Does my datacenter (and systems in it) provide controls around the security of sensitive information in transit? Does my cloud architecture provide similar controls? For example, most people consider the network within the datacenters to be private. Unless specific services are utilized, this is not the case with Public cloud. Think about the protocols used within the application, do they require more protection in a Public cloud environment?

- Does my datacenter (and systems in it) provide controls around the security of sensitive information at rest? Does my cloud architecture provide similar controls? For example, do you need to do anything different for data in the DB? How do you do key management, if applicable?

- Do you have any compliance requirements that would change if you go from a private datacenter to public cloud?

I concur that using the cloud for DR is a great thing (IMHO), but you need to make sure that you plan ahead!

Also Thu, I think you meant that using cloud for DR is more cost effective that Hot site DR but stated the opposite in your last bullet

Comment on SOCs and SASs: The New Standards for Service Organization Controls Reporting by SOC 1, SOC 2 & SOC 3 Report Comparison

SOC 1, SOC 2 & SOC 3 Report Comparison — Fri, 19 Aug 2011 12:41:26 +0000

[...] Related Links American Institute of CPAs (AICPA) – SOC Reports (formerly SAS 70 reports) SAS 70 is Dead – Long Live SOC 2 and SOC 3 SOCs and SASs: The New Standards for Service Organization Controls Reporting [...]

Comment on SAS 70 is Dead – Long Live SOC 2 and SOC 3 by SOC 1, SOC 2 & SOC 3 Report Comparison

SOC 1, SOC 2 & SOC 3 Report Comparison — Fri, 19 Aug 2011 12:39:04 +0000

[...] Links American Institute of CPAs (AICPA) – SOC Reports (formerly SAS 70 reports) SAS 70 is Dead – Long Live SOC 2 and SOC 3 SOCs and SASs: The New Standards for Service Organization Controls [...]

Comment on The Six Benefits of Cloud Computing by Web2 and More Interview–Monica Svenmarck: Cloud Computing Views From An American Expat In Sweden — Web2, Cloud Computing and More

Fri, 19 Aug 2011 04:15:33 +0000

[...] going to quote Mike Klein of Online Tech, who I feel wrote a great article summarising the primary benefits of cloud computing for [...]

Comment on SOCs and SASs: The New Standards for Service Organization Controls Reporting by SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards

SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards — Thu, 18 Aug 2011 19:41:35 +0000

[...] You can read more detail on SSAE 16, SOC-2 and SOC-3 in the guest blog posted by our auditor, David Barton of UHY LLC – SOCs and SASs: The New Standards for Service Organization Controls Reporting. [...]

Comment on Five Reasons to Choose a SAS-70 Audited Colocation Provider by SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards

SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards — Thu, 18 Aug 2011 19:41:08 +0000

[...] of CPAs (AICPA) is that SAS 70 was never designed to be used by service organizations that offer colocation, managed servers or cloud hosting services in this manner. It was focused on internal controls over [...]

Comment on SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards by SAS 70 is Dead – Long Live SOC 2 and SOC 3

SAS 70 is Dead – Long Live SOC 2 and SOC 3 — Thu, 18 Aug 2011 19:39:14 +0000

[...] designed around data center service organizations. I wrote a more detailed explanation of SAS 70, SSAE 16, SOC 2 and SOC 3 recently, but here’s the low [...]

Comment on Commentary on Network World’s Article on “Cisco Secures Mobile, Cloud Apps” by Edward McBride

Edward McBride — Thu, 18 Aug 2011 09:52:20 +0000

I missed the article, but will go look it up for more information. Colocation is taking off like fire these days.

Comment on SaaS Value Added and Risk Management by Premium Audit

Premium Audit — Thu, 18 Aug 2011 07:25:22 +0000

Hey Mike, thank you for this, so good to get some knowledge under my belt, please keep updating..
Thank you.
Chris Harris

Comment on Health IT Stimulus Funding Increases Demand for HIPAA Compliant Hosting by Ruby

Ruby — Wed, 17 Aug 2011 05:33:41 +0000

Thanks for sharing it.

Comment on Fend Off Hackers with PCI Compliant Hosting & Virtual Private Firewall Security by ISO Info - Fend Off Hackers with PCI Compliant Hosting & Virtual Private …

Wed, 10 Aug 2011 19:27:01 +0000

[...] More: Fend Off Hackers with PCI Compliant Hosting & Virtual Private … [...]

Comment on Five Reasons to Choose a SAS-70 Audited Colocation Provider by SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards | Kastory

SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards | Kastory — Sun, 07 Aug 2011 18:48:28 +0000

[...] (AICPA) is that SAS 70 was never designed to be used by service organizations that offer colocation, managed servers or cloud hosting services. It was focused on internal [...]

Comment on Six Cloud Computing Trends – Mid-2011 Update by Cloud Computing Trends | Computer Blog | Computer Tips and Tricks | Everything you need to know

Sun, 07 Aug 2011 09:35:08 +0000

[...] Michigan data centers. We offer a full range of colocation, managed dedicated servers and private Cloud computing. Industry leaders trust Online Tech’s SAS 70 certified, HIPAA and PCI Compliant [...]

Comment on SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards by SAS 70 is Dead ? Long Live SOC 2 and SOC 3 | Kastory

SAS 70 is Dead ? Long Live SOC 2 and SOC 3 | Kastory — Wed, 03 Aug 2011 06:59:17 +0000

[...] around data center service organizations. I wrote a more detailed explanation of SAS 70, SSAE 16, SOC 2 and SOC 3 recently, but here’s the low [...]

Comment on Disaster Recovery in Cloud Computing by Disaster Recovery in Cloud Computing « Quick Disaster Recovery.com

Disaster Recovery in Cloud Computing « Quick Disaster Recovery.com — Thu, 28 Jul 2011 21:12:08 +0000

[...] here to read the rest: Disaster Recovery in Cloud Computing Comments [...]

Comment on VMWare Upgrades Cloud Infrastructure By Unveiling vSphere 5.0 by April Sage

April Sage — Fri, 15 Jul 2011 12:54:28 +0000

Does anyone have any plans for integration testing? Would love to hear feedback.

Comment on Six Cloud Computing Trends – Mid-2011 Update by Cloud Computing

Cloud Computing — Tue, 05 Jul 2011 13:33:21 +0000

Hey Mike thanks for sharing the Six different Treads Cloud Computing.

DyanDelaney
IT support
Go Key

Comment on Business Value of Cloud Computing: Where Does Initial Capital Expenditure Fit? by Lucas Chesterfield

Lucas Chesterfield — Tue, 28 Jun 2011 17:25:17 +0000

Is the cloud really that significant? All of a sudden it is all that I read about. I have my tech guys doing some research, because I do not understand all of the details. I have noticed that cloud hosting has become a sort of buzzword since Apple, Amazon and Google unveiled their plans to host music on the cloud. The word "cloud" just sounds friendly, inviting and simple like a fresh pillow waiting to cushion your head through slumber. The thing that I don't understand is, is it really any different than a server that lets your stream off of it? Is a cloud just a high-speed server with loads of storage space?

Comment on Three Benefits of Public Cloud Computing by Three Benefits of Public Cloud Computing » Welcome to privatecloud.com

Three Benefits of Public Cloud Computing » Welcome to privatecloud.com — Mon, 16 May 2011 12:16:53 +0000

[...] Read the article here var addthis_brand = 'privatecloud.com';var addthis_language = 'en';var addthis_options = 'email, favorites, digg, delicious, myspace, google, facebook, reddit, live, more'; [...]

Comment on SAS 70, SSAE 16, SOC 2 and SOC 3 Data Center Standards by James Schiavone

James Schiavone — Fri, 04 Mar 2011 00:59:00 +0000

Hello Mike,
I read your article earlier today titled “SAS 70, SSAE 16, SOC and Data Center Standards” on Data Center Knowledge regarding the transition from SAS 70 reports to the new SOC reports and I think the article does a good job explaining some of the marketplace confusion that was surrounding the issue as well as the reasons we’ve issued the new SOC report and what they are intended to be used for.

I am writing to you because there was one point that I wanted to clarify and see if it was at all possible for you to revise or update the article for clarification.

In the second paragraph you describe SAS 70 as being “First released in 1992, it has been the gold standard for data center users to assure that their data center is secure and operating under proper control systems. According to the American Institute of CPAs (AICPA), SAS 70 was never designed to be used by service organizations. It was focused on internal controls over financial reporting.”

I think the phrase “in this manner” is missing at the end of “designed to be used by service organizations” – which changes the meaning of the sentence.

In actuality, SAS 70 reports were never designed to be used by service organizations to market their systems (which you touch upon in the paragraph about organizations who would claim they are “SAS 70 certified). The primary purpose of these reports was to provide auditors of entities that use a service organization with information about the service organization’s system and assurance about controls over the system that are relevant to the user entities’ internal control over financial reporting. Such information and assurance is needed because certain controls at the service organization affect the quality of the information generated by the service organization, provided to the user entities, and incorporated in the user entities’ financial statements.

Please let me know if it is possible for you to revise the article for clarification – because I think otherwise it does do an excellent job of addressing the marketplace confusion and why the SOC reports are so important.

Thank you,
James Schiavone
Media Relations Specialist, Communications & Media Channels
AICPA

Comment on Amazon EC2 Confusing Price Model – How to Predict Computing Costs in the Public Cloud by Mark McClure

Mark McClure — Thu, 09 Dec 2010 12:15:00 +0000

Wow! That signup menu looks ideal for tech evangelists who’ll put up with a lot in order to try new stuff out. But I suspect it’ll be a tough internal sell to get both CFO and IT procurement on-board with that one.

Your Azure link had me looking around Msoft’s cloud case study links. There are some big hitters profiled there and I suspect ‘elasticity’ was a requirement for many.

Comment on SaaS Increasing Data Center Demand by Oscar

Oscar — Tue, 19 Oct 2010 19:52:00 +0000

I think that cloud computing is the future of the data centers. Microsoft and Oracle have made a smart move

Comment on A Guide to Managed Colocation and Unmanaged Colocation by Oscar

Oscar — Sat, 09 Oct 2010 17:47:00 +0000

That not only is a guide, but a interesting and easy to read article; thank you

Comment on Measuring Public Cloud Performance by Jim Schultz

Jim Schultz — Sun, 01 Aug 2010 05:58:32 +0000

Cloud is in early adopter stage but the mainstream will start moving to the cloud as solution for non critical apps and functions over next 2 years.

Comment on The Six Principles of PCI Compliance by Guide to Becoming PCI Compliant: A Historical Perspective and Introduction

Guide to Becoming PCI Compliant: A Historical Perspective and Introduction — Wed, 21 Jul 2010 19:05:44 +0000

[...] for all of our clients who hold and handle credit card information. The series will explain the six objectives of PCI DSS and how to maintain PCI compliance for your company. We hope that you find it useful and we welcome [...]

Comment on Guide to Becoming PCI Compliant: A Historical Perspective and Introduction by The Six Principles of PCI Compliance

The Six Principles of PCI Compliance — Wed, 21 Jul 2010 18:58:20 +0000

[...] first blog in this series provided a historical overview and introduction to PCI compliance. This blog provides an overview of PCI DSS, which is aligned into 6 principles of PCI compliance [...]

Comment on Guide to Becoming PCI Compliant: A Historical Perspective and Introduction by Della Lowe

Della Lowe — Wed, 31 Mar 2010 13:25:04 +0000

This article was very interesting IMHO in that Adam emphasized the security aspect of the PCI DSS. While it is not all that hard to get a checkmark in various areas, that often comes at the cost of real, ongoing security. If you take care of the security, especially in an automated 24×7 way, the compliance becomes just about free. If, however, you just want that checkmark, you may achieve PCI compliance on paper but you will not maintain it, as Adam suggests you should, or be safe from attack.

My company helps our customers meet and exceed the PCI requirements for wireless scanning by concentrating on security and I was glad to see Adam focusing that way as well. I liken the checkmark to putting an ADT sign in the front of your house and hoping that the burglars won’t find out that you don;t have a security system or that you leave the door unlocked most of the time.

Comment on Transparency in SaaS, IaaS, and all as-a-Service Companies by Delivering World-Class Service in the Managed Service Provider (MSP) Industry: Why Culture Matters.

Thu, 18 Mar 2010 14:18:26 +0000

[...] approach, which is a stated corporate value on our website. One of our employees said it best in this blog post where he describes how win-win or no deal is critical to focusing on earning our clients love each [...]

Comment on Why the Cloud Needs Colocation by Yan Ness

Yan Ness — Tue, 09 Mar 2010 14:43:27 +0000

If I was an executive at one of the cloud providers I would ask someone to show me why it wouldn’t make great sense to build a “front-end private cloud” appliance to my public cloud.

Seems like a venture fund thinks so too and wants to make a go at the concept. It may be a great idea but not a company in itself. One of the public clouds will do this (or they know it doesn’t make sense).

Comment on Why the Cloud Needs Colocation by Mike Klein

Mike Klein — Tue, 09 Mar 2010 14:21:46 +0000

Looks like this vision came one step closer to reality with this announcement:

Cloud Computing Start-up Creates Secure Tunnel between Data Center and Amazon Cloud
A start-up that moves VMware-based applications to the Amazon cloud and creates a secure tunnel between a customer’s data center and the cloud service launched a public beta trial last Monday. CloudSwitch, recently out of stealth mode, moves existing applications from internal data centers to the cloud without rewriting the app or requiring changes in management tools. CloudSwitch has raised $15 million in venture funding from Matrix Partners, Atlas Venture and Commonwealth Venture Partners. (San Francisco Chronicle – March 1st)

Comment on How Social Media Has Helped Online Tech Improve Server Hosting Customer Service by How Social Media Has Helped Online Tech Improve Server Hosting … Mortgage just to Me

Wed, 10 Feb 2010 01:04:25 +0000

[...] here to read the rest: How Social Media Has Helped Online Tech Improve Server Hosting … tags: case, fairly-active, form-web, host, molestie-eget, people, providing-maintenance, [...]

Comment on How Social Media Has Helped Online Tech Improve Server Hosting Customer Service by How Social Media Has Helped Online Tech Improve Server Hosting …

How Social Media Has Helped Online Tech Improve Server Hosting … — Wed, 10 Feb 2010 00:04:08 +0000

[...] Read more from the original source: How Social Media Has Helped Online Tech Improve Server Hosting … [...]

Comment on Transparency in SaaS, IaaS, and all as-a-Service Companies by How Social Media Has Helped Online Tech Improve Server Hosting Customer Service

How Social Media Has Helped Online Tech Improve Server Hosting Customer Service — Tue, 09 Feb 2010 18:10:03 +0000

[...] me back up just a bit. At Online Tech, we value transparency in everything we do. We run with a fundamental philosophy that our data centers are really our [...]

Comment on Five Reasons to Choose a SAS-70 Audited Colocation Provider by EasyStreet Passes SAS 70 Type II Audit | EasyStreet Blog

EasyStreet Passes SAS 70 Type II Audit | EasyStreet Blog — Wed, 20 Jan 2010 20:59:24 +0000

[...] articles about why SAS 70 is important can be found at TechNewsWorld and Online Tech Blog. post by karenk — January 20, 2010 @ 1:59 pm data center [...]

Comment on Managed Dedicated Servers or Colocation? A Look at the Spectrum of Managed IT Options by Colocation in Detroit, Michigan

Colocation in Detroit, Michigan — Wed, 06 Jan 2010 21:27:33 +0000

[...] Managed Dedicated Servers or Colocation? A Look at the Spectrum of Managed IT Options Add CommentPosted in Colocation | Tagged Detroit colocation, Michigan colocation, michigan data center, michigan data centers [...]

Comment on Managed Dedicated Servers or Colocation? A Look at the Spectrum of Managed IT Options by Colocation in Flint, Michigan

Colocation in Flint, Michigan — Wed, 06 Jan 2010 21:25:52 +0000

[...] Managed Dedicated Servers or Colocation? A Look at the Spectrum of Managed IT Options Add CommentPosted in Colocation | Tagged colocation, data center security, Flint Colocation, michigan data center [...]

Comment on Why Colocation? by Colocation in Detroit, Michigan

Colocation in Detroit, Michigan — Wed, 06 Jan 2010 21:23:23 +0000

[...] Why Colocate? [...]

Comment on Five Reasons to Choose a SAS-70 Audited Colocation Provider by What Does it Mean to be Hosted in a SAS 70 Data Center?

What Does it Mean to be Hosted in a SAS 70 Data Center? — Mon, 07 Dec 2009 12:35:43 +0000

[...] Five Reasons to Choose a SAS 70 Audited Colocation Provider 5 benefits of hosting with a SAS 70 audited data center operator. [...]

Comment on Online Tech Sells Web Site Hosting Business to IGD Solutions by Online Tech Upgrades Clients to More Efficient Data Center

Online Tech Upgrades Clients to More Efficient Data Center — Thu, 03 Dec 2009 15:55:11 +0000

[...] move is continuation of a larger business plan which began this past July when Online Tech sold its 15-year-old web hosting business to IGD Solutions to focus on its rapidly expanding colocation and managed dedicated server [...]

Comment on Lessons Learned from the Second Rackspace Outage by Has Rackspace Become a Fallen Hero?

Has Rackspace Become a Fallen Hero? — Tue, 01 Dec 2009 13:51:47 +0000

[...] few months back, we wrote about the lessons learned from Rackspace’s second power outage and subsequent downtime. We learned that Rackspace does a nice job with transparency and [...]

Comment on 5 Ways Colocation Can Help Cut Costs by A Guide to Managed Colocation and Unmanaged Colocation

A Guide to Managed Colocation and Unmanaged Colocation — Fri, 06 Nov 2009 19:00:47 +0000

[...] 5 Ways Colocation Can Help Cut Costs How to eliminate capital investments in your data center and reduce operating costs. [...]

Comment on Managed Dedicated Servers or Colocation? A Look at the Spectrum of Managed IT Options by A Guide to Managed Colocation and Unmanaged Colocation

A Guide to Managed Colocation and Unmanaged Colocation — Thu, 05 Nov 2009 15:26:40 +0000

[...] Managed Dedicated Servers or Colocation A look at the spectrum of managed IT options. [...]

Comment on The Costs of Owning and Operating A Dedicated Server by A Guide to Managed Colocation and Unmanaged Colocation

A Guide to Managed Colocation and Unmanaged Colocation — Thu, 05 Nov 2009 15:22:14 +0000

[...] but the costs to operate it can be overwhelming. There are many factors that go into the costs of operating a server but they all fall into one of four [...]

Comment on Why Colocation? by Colocation in Flint, Michigan

Colocation in Flint, Michigan — Mon, 02 Nov 2009 16:51:19 +0000

[...] Why Colocate? [...]

Comment on What to Look for from a SAS 70 Hosting Provider by SAS 70 Type II Audit Complete for Online Tech’s Three Data Centers

SAS 70 Type II Audit Complete for Online Tech’s Three Data Centers — Tue, 20 Oct 2009 14:59:58 +0000

[...] What to Look for from a SAS-70 Hosting Provider The importance of the intent of your hosting provider. [...]

Comment on What is a SAS 70 Audit? by SAS 70 Type II Audit Complete for Online Tech’s Three Data Centers

SAS 70 Type II Audit Complete for Online Tech’s Three Data Centers — Tue, 20 Oct 2009 14:58:56 +0000

[...] What is a SAS70 Audit? Explaination of the audit and why data centers should have audits. [...]

Comment on Does Your SaaS Hosting Partner Offer Professional Incident Management & Escalation Procedures? by Does Your SaaS Hosting Partner Offer Professional Incident … Hosting L

Does Your SaaS Hosting Partner Offer Professional Incident … Hosting L — Fri, 25 Sep 2009 18:11:33 +0000

[...] the original post: Does Your SaaS Hosting Partner Offer Professional Incident … By admin | category: Hosting, managed hosting | tags: center-news, escalation, Hosting, [...]

Comment on What Questions Should You Ask Your SaaS Hosting Provider? by Mike Klein

Mike Klein — Thu, 24 Sep 2009 14:42:04 +0000

Michael – Terrific comments – Thank you for adding to the discussion!

Comment on What Questions Should You Ask Your SaaS Hosting Provider? by Michael Lagunowitsch

Michael Lagunowitsch — Thu, 24 Sep 2009 14:41:04 +0000

Building on Tuomo’s comments I hope the following helps in developing a broad range of issues to address. There are many risk categories – as in finance !

1. SAS 70 was mentioned – but which one Type 1 and/or 2. Big difference (and cost for the DC provider). Is there a history of compliance – if not why not?

2. What Uptime Institute recommendations does the DC provider say they meet? Ask for proof and do a walk through – physical and procedural. Use your judgement. Do the DC staff know their subject matter?

3. Look for carrier neutrality – bandwidth is bandwidth but you should know the physical routing into/out of the DC. Do all carriers use the same physical cable ducts into the DC – what happens if manual works cut through a trench (has been known) and takes out all comms. Whats plan B ?
What happens with cable breaks – varies by country of course but get to know the carrier cable routing plans – it isn’t that complex when you start to really drill down. If a carrier cannot explain this to you go to another one. Grill the carriers about their resilience plans (this goes beyond the DC provider) eg earthquake derived cable cuts – not uncommon in certain regions in the world eg Taiwan/Luzon Strait.

4. Look at other plant issues (power/aircon/physical building/grounding/diesel reserves): – who supplies it, to what levels, growth, backup etc. It may meet external standards but use your judgement – if it was your personal money would you do it? Again varies by country – be pragmatic.

5. Scenario plan “what if disasters” eg flooding, typhoon/hurricane, civil unrest (if there are gas price hikes and rioting at the gas pumps how do staff get to work (happens in the West) – has the DC provider addressed such. If so ask “show me” where appropriate, if not then why not.

6. Ask for reference customers. What’s the word on the street?

7. Draw up a matrix of competing DC providers – how do they really compare quantitatively and qualitatively. Is using multiple DC providers realistic?

8. Seek out those carrier people who went through Y2K. Lots of lessons to be learned from that time that apply to DC practice.

+++

Comment on What Questions Should You Ask Your SaaS Hosting Provider? by Mike Klein

Mike Klein — Thu, 24 Sep 2009 14:39:34 +0000

Tuomo – Thank you for your excellent comments. You make some terrific points.

Visiting the data center(s) and getting a good understanding of the facility, people, and the company’s operations is crucial in selecting a SaaS hosting partner.

Understanding the financial strength of your SaaS hosting partner is also critical. The damage that can be done to your business if your SaaS partner is closed down can be significant.

I like to say that “a start-up working with a start-up is nothing but squaring the risk.” It’s important to select a stable SaaS hosting partner with a long history and solid track record. Then you can turn 100% of your focus to your SaaS offering.

Comment on What Questions Should You Ask Your SaaS Hosting Provider? by Tuomo Stauffer

Tuomo Stauffer — Thu, 24 Sep 2009 14:38:30 +0000

Very good white paper – thanks. Of course there are “millions other small things” which should / could be asked, the devil is in details, so, if possible, also a personal contact on all levels is a must. For a small company it may be, but should not!, just one person familiarizing with the SaaS provider but all levels in your company should have a (friendly) contact in provider – ask who they are, how to contact, etc – a help desk is not a good answer. Things happen and it’s not just the provider which could be the roadblock, it might be the communication with the provider if not enough channels are available.

One thing I didn’t see (maybe my blindness?) but the financial strength / escrow accounts for used software, configurations, licenses, etc / other business aspects – we learned a long time ago (SaaS is not as new as is commonly thought!) those things can come and bite hard one day. The (possible) compensation doesn’t help much (as promised in SLA or whatever) if the provider is closed down suddenly by financial, legal or other business reasons. Using SaaS is like business partnering, you want to cover all and not all is technical.

Comment on What Questions Should You Ask Your SaaS Hosting Provider? by What Questions Should You Ask Your SaaS Hosting Provider? Hosting L

What Questions Should You Ask Your SaaS Hosting Provider? Hosting L — Wed, 23 Sep 2009 00:20:38 +0000

[...] the original: What Questions Should You Ask Your SaaS Hosting Provider? By admin | category: Hosting, hosting provider | tags: before-selecting, companies, [...]

Comment on The Costs of Owning and Operating A Dedicated Server by VNOHosting » The Costs of Owning and Operating A Dedicated Server

VNOHosting » The Costs of Owning and Operating A Dedicated Server — Tue, 08 Sep 2009 20:05:03 +0000

[...] is the original post: The Costs of Owning and Operating A Dedicated Server This entry is filed under Dedicate Server. You can follow any responses to this entry through the [...]