Hosting Provider Due Diligence (Part 3)

In the previous phase we looked at how we were going to measure providers against our needs, and create an initial list of potential candidates.

Having had some time to review each of the providers against some basic criteria available either online or by speaking to them, we've been able to reduce the list to three providers. Some providers were eliminated on offering but we've actually created accounts on some to do a more detailed test of their services.

We've also had a chance to review some of the responses from current and former clients about the kinds of capability & services they expect. No great surprises here but a common theme is business agility and enterprise-wide adoption of a given technology. So in short, make sure the business isn't driven by technology but rather the technology by the business - and make the technology acceptable by all departments.

So we're going for the easy ones then?

eUK Host
We've actually worked with this provider …

Scam Alert - Blaze / E-Prospects Media / Ocapo

[Updated 2nd October 2019 re: Heritage Gold Solutions]
[Updated 4th October 2019 re: Wise Advise Services]
Background I thought this one would be interesting as there's a bit more information to dig out, and that shows how these scams work a little better. Most people are already well aware but I thought this might help expose some of the nuances.

So I got a call last week which followed a familiar pattern.... "Hi this is [insert madeupname here] calling from [madeupcompany]. Yeh - I understand you've been in an accident. Is that right?". It's a recorded automaton which wants you to say "yes". If you say "No" or an answer it can't recognise it simply ends the call and tries the next number in it's list.

If you say "yes", it'll connect you to a real person and that's where the real fun can begin. Generally there's two types of purpose for this call - either they're trying to get you to disclose personal details …

Hosting Provider Due Diligence (Part 2)

In part one we established our goals and principals, which now need some sorts of measurements and assessments to be defined - these will essentially help us prove we've met our goals and are delivering the correct vision.
Assessments We'd normally apply measures, goals and assessments at high, mid and low level to capture everything from strategic goals to non-functional assessments. However in this case we have a simple set of functionals, non-functionals and are focusing on strategic validation. So directly against our goals and principals then we should measure by:
Selecting a new IaaS provider (or providers?), and migrate all our existing infrastructure & servicesComplete a successful penetration test of our own infrastructureAssess the responses from our client surveys to ensure that the capabilities they will need in 2-5 years are viable & supportableMigrating all domain ownership and closing down the accounts with US-based providers for internal use only (some …

Scam Alert - Winchester Tax Boutique

Updated 19th September 2019: New information regarding corporate structures Background This is an interesting one as Winchester (a.k.a, a.k.a have appeared on our radar before. Whilst there wasn't sufficient direct linkage to the target of that particular investigation, we dropped a stick into the digital river and wandered to the other side of the bridge.

Some two years later that stick reappeared, having floated out from under the bridge.

We can't at this stage mention the name of the organisation who are actually the focus of this current investigation, although as soon as the situation resolves we'll open the book a little. What's interesting is that - for the sake of reference we'll call them Company A - this new investigation involves unsolicited marketing emails using specific details provided to a number of companies.

It appears that is no longer in use - originally registered in …

Hosting Provider Due Diligence (Part 1)

Updates Last year we had a look at our options regarding the IaaS position vs. politics. Once the dust had settled in Q3 2018 two things became clear:
President Trump would go on to make good use of the White House to further his own stock portfolio. Well played.US-based IaaS organisations sit between a rock and a hard place in such a privacy hostile environment, despite providing excellent capability and support It still means we offer goods and services hosted - or based on - Amazon, Google and Microsoft cloud offerings in EU & EEA data centres. We decided not to invest any further in Oracle cloud as Big Reds historical approach to its re-sellers and clients has not been positive (as well as the fact that the IaaS offering simply isn't at the same level as everyone else).
A lot of US tech companies are using tax devices which shuffle the (technical) profit away from the tax authority related to the country where the revenue was made e.g. Amazon, and it doesn't seem right…

Scam Warning - Jobsite a.k.a. TotalJobs (Update)

Update May 2019: Jobsite has merged with TotalJobs
Original Article Jan 2018

Over the course of the last 1-2 years I've discovered that most spam starts from online jobs boards. Some are better than others - was appalling and I've stopped using it but there are still two or three that are shiny lights of privacy.

I've had a lot of support from some, such as Monster, who were able to apply their own T's and C's to unlawful acquisition of personal data. In some cases repeat offenders who had a complete disregard for the law - even after being told to stop by ICO.

However one jobs board sits on the fence, seemingly unable to go forwards or backwards,
Soft Opt-In The first issue is that you cannot apply for a role on their boards without creating an account / job seeker profile. Ok, well that's no big deal I guess...however when you look deeper the default profile settings are to opt-in to newsletters, unsolicited marketing from 'care…