Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>disclaimer: I am not a network engineer. I skipped the questions I felt I couldn't answer</p> <p>The system needs to be reachable through the Internet. What should we think about when deciding on how to host it? (i.e. do we need our web host to have multiple physical paths connecting them to the Internet and similar questions.)</p> <blockquote> <p>I would scale up as needed. In your first stage, you're probably not going to need redundant everything. Once people rely on you for their business needs, upgrade the shakiest parts of your network. If your internet is unreliable, get a secondary pipe. If your switches have gone down, double them up. </p> </blockquote> <p>How high up time is good enough? 99.99% seems like a reasonable goal. But any downtime might result in loss of business for our customers.</p> <blockquote> <p><a href="http://en.wikipedia.org/wiki/Myth_of_the_nines" rel="nofollow noreferrer">The Nines</a>. Don't pay more for uptime than you will lose for downtime. If you'll lose 50K for going down unexpectantly for an hour, you should be paying around 50K to keep downtime under an hour. 4 Nines is 52 minutes of downtime a year. Is that reasonable for you? Five nines is extremely difficult. Four nines for starting out is probably more difficult. I work for a financial, and we run about 98% to 99%, with about 50-80% of the downtime planned. We get by well.</p> </blockquote> <p>How do we guarantee that each customer only will be able to access its own data? As the system will be able to access it's own database, it seems hard. A proper development process, involving lots of testing, is really all we have regarding user privileges.</p> <blockquote> <p>We have the same problem. Good developers, proper development practices, automated testing, manual testing, development tools (e.g. attributes decorating proprietary data that raise warnings when the object is used in a public context), code scanners (e.g. looking for procs and code that use tables with a proprietary indicator without referencing it), code reviews, and so on.</p> </blockquote> <p>Which backup strategy would you use?</p> <blockquote> <p>Best I can reasonably afford. If possible, I'd say hourly for 24 hours, Daily for 3 weeks, Weekly for infinity.</p> </blockquote> <p>Do you think hosting the system in a computer cloud is a good alternative? (i.e. as provided by Amazon, Google or others.)</p> <blockquote> <p>Joel likes to say that your core business should not be outsourced. If your core business is storing documents, maybe no. If your core business is ancillary to the documents, seems reasonable.</p> </blockquote> <p>Would you use hard disk encryption? And if so, which kind?</p> <blockquote> <p>This would only help if someone stole your hard disk, not if they hacked your system. You're looking at encryption incorrectly. You dont want encryption for encryption's sake - you want it where it will actually help. HTTPS is good encryption. Maybe (-maybe-) encrypt each document on a document-by-document basis and require a passkey from the user to decrypt it.</p> </blockquote> <p>Is providing the customer with a way to do their own backups as well a good alternative? These customers won't be technically oriented. So in that case downloading the information in a ZIP archive containing Microsoft Office files might be a good way?</p> <blockquote> <p>That's a good feature to have no matter what. Billing it as backup is reasonable, but if you really want to provide their netops with a backup solution it will need to be more robust than that.</p> </blockquote> <p>How would you monitor the solution?</p> <blockquote> <p>SMS alerts to my blackberry, sanity checks on usage, someone on-call 24/7 with the ability to troubleshoot the system.</p> </blockquote> <p>If you feel that the system is secure, as a technical person. How do you convince a non technical person that it's safe and secure?</p> <blockquote> <p>A non-technical person? Put padlocks all over the website. Alternatively, convince their technical friend it's secure (by letting them see your security), and have the friend vouch to the non-techie.</p> </blockquote>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload