The plan where I work is to roll out first IOS and then Android apps to securely run corporate email, calendar, etc (?) Over the VPN. Then kill the BES servers.
Security is a very big deal here. That's why the mobile apps are taking so long to be finished. BES is no longer worth the money, and we all want to use our own phone anyways.
Yes we have, if the array is installed in your backup corporate PKI server, in a shielded and locked cage with video, electrostatic, and laser monitoring and alarms. And the keys to the cage are in another state. And it requires EVP approval to deliver the keys to the authorized tech for a flight to the DR site to change a failed drive.
A real world example. You would recognize the name of this corporation in the first three letters. They take their corporate security very seriously, so much so that bumping into the cage earned you a visit from armed security, an escort out, and full debriefing until they were satisfied you would never take the cart with the stuck caster again...
"A recent academic study [1] of 1.5 million HDDs in the NetApp database over a 32 month period found that 8.5% of SATA disks develop silent corruption. Some disk arrays run a background process to verify that the data and RAID parity match, a process which can catch these kinds of errors. However, the study also found that 13% of the errors are missed by the background verification process. When you put those statistics together, you find on average that 1 in 90 SATA drives will experience silent data corruption not caught by the background verification process. So when those data blocks are read, the data returned to the application would be corrupt, but nobody would know. For a RAID-5 (4+P) configuration at 930 GB usable per 1 TB SATA drive, that calculates to an undetected error for every 67 TB of data, or 15 errors for every petabyte of data. If a system were constantly reading all that data at 200 MB/sec, it would encounter an error in less than 100 hours."
4 years was my recommendation for disk replacements from about 198 onwards. Some arrays had drives >8 years old, but if failure was not tolerated, 4 years was enough.
Mind you, if the customer specified IDE drives, I warned them that failure was inevitable. SCSI 10K drives, I would still swap but that was for five-nines.
And those stupid IDE RAID cards, well, that's too cheap. We are no longer talking reliable. Let someone else have that business.
It seems that one assumption in the study is predictable or consistent failure rates or timing. This would make sense if the drives were all the same make/model/manufacturing dates, but if not, well, then the model changes and they would be needing more intelligence to deal with unpredictable failure rates and having to spin up cold spares at different rates, predicting failure.
Which all makes a world of sense to me. When I hovered over Raid 5 arrays with cold spares, especially in NetWare servers where 'device deactivated due to non-media defect' errors were not uncommon, I would add spares to save on windshield time to swap them out. Not all customers were comfortable going to the supply locker, grabbing a drive tray, and swapping out the tray with the flashing red light.
A. The Internet permits people to organize faster than the oppressors can react to prevent it.
B. The Internet permits people to discover like-minded others. They will find each other offline if necessary, putting to death the lie that 'everyone is happy'.
C. Encryption will at least complicate the oppressors' surveillance.
So denying access at least serves the oppressors. And denying access is the foundation of efforts against child pr0n and other 'undesirable' activities.
Slashdot Mirror
I take it you have never heard of proper secured accounts, reasonably obscure passwords, and well managed file system rights.
People who think the command-line shell is somehow a magical escape from all limitations are a blight.
Having bad teachers means paying taxes.
What WAS your point with that?
Even if they had push apps, the value proposition isn't there any more.
These ATMs are in steel or concrete booths. Without A/C they are ovens. Even when covered. Add the electronics and the heat up a lot.
If you don't live in Phoenix stop pretending you do. If you do, you should know better.
BES 1x doesn't do our corporate apps.
The corporate VPN already does secure connections fine. Just a new client.
And people want tablets that are not worth trying to shoehorn into BES.
Oh, and it's all cheaper.
It's on my phone as an app, and Exchange wasn't specified.
if your compdoor fired you because you accessed their Exchange server on your phone, they are doing it wrong.
Then come to work here. That's our plan.
You had me at Mozilla
That's pretty much the normal air flight experience today on U.S. carriers. I'm sore for more than a day after a 6 hour flight.
The plan where I work is to roll out first IOS and then Android apps to securely run corporate email, calendar, etc (?) Over the VPN. Then kill the BES servers.
Security is a very big deal here. That's why the mobile apps are taking so long to be finished. BES is no longer worth the money, and we all want to use our own phone anyways.
It's called Google Inbox, and it Sorts. Based. On. Categories.
Around here it gets to 121â occasionally. An ATM in an enclosure doesn't have much of chance without active cooling.
If it has a sun exposure, expect internal temps of 160-180â. My car gets that hot.
And if you send a tech, not the local admin, all the numbers change.
Yes we have, if the array is installed in your backup corporate PKI server, in a shielded and locked cage with video, electrostatic, and laser monitoring and alarms. And the keys to the cage are in another state. And it requires EVP approval to deliver the keys to the authorized tech for a flight to the DR site to change a failed drive.
A real world example. You would recognize the name of this corporation in the first three letters. They take their corporate security very seriously, so much so that bumping into the cage earned you a visit from armed security, an escort out, and full debriefing until they were satisfied you would never take the cart with the stuck caster again...
This from an NEC white paper in 2008:
"A recent academic study [1] of 1.5 million HDDs in the NetApp database over a 32 month period found that 8.5% of SATA disks develop silent corruption. Some disk arrays run a background process to verify that the data and RAID parity match, a process which can catch these kinds of errors. However, the study also found that 13% of the errors are missed by the background verification process. When you put those statistics together, you find on average that 1 in 90 SATA drives will experience silent data corruption not caught by the background verification process. So when those data blocks are read, the data returned to the application would be corrupt, but nobody would know. For a RAID-5 (4+P) configuration at 930 GB usable per 1 TB SATA drive, that calculates to an undetected error for every 67 TB of data, or 15 errors for every petabyte of data. If a system were constantly reading all that data at 200 MB/sec, it would encounter an error in less than 100 hours."
Sometimes, I just want to weep.
4 years was my recommendation for disk replacements from about 198 onwards. Some arrays had drives >8 years old, but if failure was not tolerated, 4 years was enough.
Mind you, if the customer specified IDE drives, I warned them that failure was inevitable. SCSI 10K drives, I would still swap but that was for five-nines.
And those stupid IDE RAID cards, well, that's too cheap. We are no longer talking reliable. Let someone else have that business.
It seems that one assumption in the study is predictable or consistent failure rates or timing. This would make sense if the drives were all the same make/model/manufacturing dates, but if not, well, then the model changes and they would be needing more intelligence to deal with unpredictable failure rates and having to spin up cold spares at different rates, predicting failure.
Which all makes a world of sense to me. When I hovered over Raid 5 arrays with cold spares, especially in NetWare servers where 'device deactivated due to non-media defect' errors were not uncommon, I would add spares to save on windshield time to swap them out. Not all customers were comfortable going to the supply locker, grabbing a drive tray, and swapping out the tray with the flashing red light.
(you can't virtualize the actual disks)
Sometimes the data is worth more than the power costs.
The electronics do, and the compartment doesn't isolate them. No, it does not.
Where I live, in the summer it gets to 115Â. Pumping in air will need a bigger A/C unit. Not worth it.
I'm not comfortable using a version that was abandoned.
A. The Internet permits people to organize faster than the oppressors can react to prevent it.
B. The Internet permits people to discover like-minded others. They will find each other offline if necessary, putting to death the lie that 'everyone is happy'.
C. Encryption will at least complicate the oppressors' surveillance.
So denying access at least serves the oppressors. And denying access is the foundation of efforts against child pr0n and other 'undesirable' activities.
I'm guessing Bitlocker is not useful for encrypting my data sufficiently to keep the government(s) out of it.
And the Truecrypt substitutes are all marginally trustworthy, as well as not quite so fully functional.
Not many good alternatives here.