Amazon Glacier: Great for Data Archiving or Last Resort Backups…But Nothing Else

As most people know, I’m a digital hoarder. I never delete anything. I have around 4.6 terabytes of data stored in my Google Drive alone. That’s cool and all but it becomes interesting when I start looking at backup solutions for my data.
One of the best solutions out there (in my opinion) for data archiving and data backup is yet another product from Amazon Web Services called Amazon Glacier.

Glacier let’s you store your data securely for a whopping $0.004/gb/month, however there are drawbacks. Since this service is meant for data archiving, it is stored in what’s known as “cold storage” meaning your data is not accessible on-demand. Instead, you (or more likely, your application) will tell Glacier that you would like to download a certain file from your “vault” (your archive) and then 3-5 hours later (unless you pay for expedited), your application will receive a notification that your file is ready for it to download and it has 24 hours to do so.

Another catch is that even though it will let you download the entirety of your vault as fast as you can download it, it will cost you. To get your data back out of Glacier, it costs an additional $0.0025-$0.03/gb. That may not sound like a lot but when we get to talking about terabytes or petabytes of data, it adds up quick.

To sum up, I still think that Amazon Glacier is a great product if used correctly. For instance, if by law your organization is mandated to keep archives for x number of years and you know the chances of actually having to dig them up one day is slim? Glacier is perfect. Or as a last resort backup, meaning you have two or three other backups you can try to extract your data from before you have to dig into Glacier, then yeah.

Freshbooks: Stop Creating Invoices in Microsoft Word

I’ve always been surprised of how many people have a business on the side either consulting or graphic design and the like and still use Microsoft Word to create and send their invoices. Stop it! There’s a better way! It’s called Freshbooks. I’ve used it for most of my business career and it’s quite honestly the best tool for the job.
With FreshBooks you can:

  • Create and send professional looking invoices
  • Have Freshbooks automatically generate and send recurring invoices
  • Track expenses and upload receipts
  • See when a client has or has not opened your invoice
  • Allow your clients to pay their invoices by credit card
  • Generate reports for profit and loss statements, expense reports, revenue by client, etc

I can’t say enough good things about Freshbooks, it is one of the best business tools that I’ve ever used! It starts at $15/month and you can try it free for 30 days. If you have to send out invoices every month, I highly recommend you check it out!

Desktops-as-a-Service: Amazon Workspaces

One of the technologies that I’ve been fascinated with for the last few years is Desktop-as-a-Service or DaaS. This is where like most servers are moving to the cloud, individual workstations are also moving to the cloud slowly but surely.
One of my favorite services for this comes from infrastructure giant, Amazon Web Services with their Amazon Workspaces product. From $25/desktop/month (I’ll be the first to admit that it’s a bit pricey) you can have Amazon host your Windows 7 desktops.

There’s several reasons why I’m excited about this:

  • Zero reliance on individual hardware. Instead of buying each employee a new computer every few years to refresh their hardware or dealing with hardware breakdowns, all your desktops are safe in the cloud. For local clients you can either A. Recycle old computers and configure them as thin clients or B. Buy new thin clients for a couple hundred dollars for each workstation.
  • Minimal usage on your local internet connection. I can’t believe that I’m saying this in 2017 but there are still some businesses that can only get low bandwidth internet connections because of their location such as a single T1 line. But if your desktops are in the cloud, the only thing that your local connection will be used for is viewing the remote session. This means activities such as web browsing, downloading files, backing up to a remote service, etc. are all performed using the DaaS provider’s internet connection, not your local connection.
  • Mobile ready. It is incredibly simple for your users to access their desktops on their personal devices. Whether it’s an iPad or their home computer, they just download the client app, login and they’re at their workstation from wherever they are.

Those are just some of the few reasons that I’m completely intrigued about this new trend. My hope is when services like Amazon Workspaces get more and more popular, the price per desktop will fall. Again, $25/desktop/month adds up pretty quickly if you have more than a handful of users but I can see it becoming more of a no-brainer solution if the cost were to drop down to $5-$10/desktop/month.

Electronic Frontier Foundation’s Let’s Encrypt

In the early days of my business, one of the first services that we offered was web development and design, to be quite honest because it was fairly easy to sell at a large profit margin. However, with me being me and having an intense background in system and server administration, we not only designed and developed the websites, we would also provide the hosting and maintenance for those sites.
All well and good except that some of those websites had either e-commerce built into the site or collected sensitive information from their customers or patrons. So it was a must to use SSL certificates to secure the data while in transport from the user’s browser to our servers (I’ll get into securing and encrypting that data at rest some other day). Back when we were doing it, you had to go find a trusted certificate authority that you actually trusted such as Verisign or Norton that usually came out to a few hundred dollars every year, generate your public and private certificates on your server then getting them to work with whichever web server you had. It was a mess. By far the thing that I hated doing the most for web hosting.

That’s why I was so stoked when I found out about a year and a half ago that The Electronic Frontier Foundation (EFF), in an effort to make SSL connections the new default, not only was becoming a certificate authority, they developed a tool called Lets Encrypt that makes it ridiculously simple to enable SSL on your website. All you have to do is go to, choose your operating system and web server and it will download the appropriate script. Oh yeah, it’s completely free!

Since Let’s Encrypt has came out, I have used it for every web server that I’ve set up whether it needs it or not. It literally on takes about five minutes to setup so why not?

3CX Phone System

Back in the day, when I first started with VOIP, I really wanted to go with some form of asterisk like Trixbox or Elastix but after months and months of trying, I just couldn’t get it stable enough for companies to be able to rely on.
Then a buddy of mine suggested that I look at a system called 3CX. At that time they were just on version 10 and it only ran on Windows but I tried it out anyway and it seemed pretty stable so we went ahead and bought a license for it (I believe it was $1,200 at that time).

Fast forward to today, about a month ago I had to rebuild a phone server for a non-profit in Bakersfield. Beforehand, I did a bit of research and found that 3CX was not only now on version 15, but they now supported Linux as a platform! Moreover, since this non-profit only had a handful of employees, I could get them on the free tier! Some of the more advanced features aren’t included in the free tier such as the fax server and it limits the number of simultaneous calls to eight but for this particular project, it was perfect!

Within an afternoon, I had wiped one of their old servers, installed Debian 9.0 on it, installed 3cx on it and was provisioning phones. I built it on a Friday but waited until the weekend to change over their SIP trunk provider (Nexvortex) just in case something went wrong.

That following Monday morning, I made sure to wake up extra early and clung to my phone all day knowing that there had to be something that was overlooked or left un-configured. 8:00? Nothing. 12:00? Nothing. 3:00? Nothing. I finally sent the director a text and asked how the phones were today? She just said, “Good, no problems.” Trust me, that’s a miracle!

It’s been up and running solid for a good month and a half except for one issue: if you’re running 3CX on a server with two NICs, be sure to only have one interface hooked to the network.

For the past few years, I had been using RingCentral for most of clients just because it was pretty much friction free but I’m thinking that for now on, I’ll use 3CX on top of Debian.

PFSense: My Go To Firewall for SMB

Given that I’m an open source junky, it should be no surprise that PFSense is without a doubt, my favorite firewall for both home and small business use.
During the last three years of my business, instead of buying a Cisco SMB or a Sonicwall firewall, what I’ve done is buy a refurbished Dell Poweredge server with typically around 16 gb of memory and usually a RAID array that has the usable capacity of 500 gb for around $200-$300 and popping PFSense on it.

Aside from it being completely open source, some of the things that I love about it are:

  • It being rock solid given its FreeBSD foundation
  • It’s bandwidth monitoring and rule-based policies
  • VPN built in with both OpenVPN and IPSec
  • Web caching built in with Squid
  • Web content filtering to block people from visiting unwanted or inappropriate websites
  • It’s on-demand virus scanning, blocking viruses and malware before it reaches the client’s computer
  • Limit traffic by country
  • A programmable intrusion detection system
  • VLANs completely built in

I could go on and on and on. There are literally hundreds of available plugins that extend the core of PFSense’s functionality. Knock on wood but I’ve had some PFSense servers running for years without issue. I know that a Poweredge server is a bit overkill for a firewall for a small business, but at that price, why the hell not?

iPads and Chromebooks: A Glimpse into the future of Small Business IT

I remember the day that Steve Jobs unveiled the iPad. I remember watching the keynote saying that this is going to change things, just like the iPhone changed the mobile phone industry.
I bought one right out the gate. In fact, I think that year I bought my dad one as well as both of my siblings. However, I found myself “looking for a reason to use it” and eventually just put it into a drawer and forgotten about it. Throughout the years, I kept trying to fall in love with it, but every time I’d buy a new one, I’d end up not using it again and giving it away. I kept saying, I don’t use it because whether at home or at work I’d be less than ten feet away from a desktop so the need wasn’t there.

Seven years later, late last year, I decided to try again and purchased a 9.7” iPad Pro. I was doubtful that I’d actually use it other than when I was sitting on the couch watching TV. I was pleasantly surprised. The reverse had happened. Instead of not using the iPad in favor of my computers, I was using the iPad instead of my computers. In fact, at home for all of this year, that 9.7” iPad Pro, now a 10.5” iPad
Pro is the device that I’m on from the time that I wake up until the time that I go to bed. I even hardly touch my iPhone while I’m at home since everything also goes to my iPad.

I think there are several reasons for this but if I had to narrow it down to two: it’s the maturity of professional, desktop class apps and the fact that the cloud has become more prevalent in our lives, allowing us to access our data from whichever device we have in front of us.

Here’s the thing though, if you put my use case aside. I see the trend of iPad-like devices on the rise in the consumer technology market. In addition to Apple with their iPads, Google has their Chromebooks and now earlier this year, Microsoft came out with their Windows 10 S laptops. Despite these three giants having their own approaches to their own versions of next generation devices, I see a lot more in common with the three than you might think.

All three of these platforms restrict what you can install on them. In the case of iOS, you can only install apps from the App Store, in the case of Windows 10 S, the Windows Store and the Chromebooks you can’t install anything, you just have the Chrome browser. These restrictions make it almost impossible to install anything malicious on the devices. On top of that, they all update automatically and aside from Windows 10 S, Chromebooks and iOS backup automatically to the cloud. Can you see the trend, yet? The three biggest tech giants in the industry are creating manage-less devices. What happens when you physically break or lose one of these devices? You go and buy a new device, enter your login credentials, everything restores from the backup and you’re back to square one.

The reason that I’m so fascinated with these new era of devices is because I can see them impacting small businesses in a large way. Think about this, say a small business with 5-10 employees, instead of buying their employees traditional desktop computers, they bought them one of these devices instead with an LTE connection? And if you add to that a cloud based phone system such as Grasshopper or RingCentral, you would eliminate the need for an office network all together. No more ISPs, routers, firewalls, servers, switches, etc. Plus, since these devices are secure by default, you have a lot less reliance on IT people.

I’m the first one to admit that all the pieces aren’t quite in place yet. For instance, there will still be a need for printers and copiers to have some type of network connection. And the wireless providers need to be a lot less restrictive on data caps and data throttling. I do see the pieces falling into place sooner rather than later. If you look at the typical small business productivity software such as Office, Quickbooks, communication and file sharing and collaboration, all the biggest software providers have cloud and/or app equivalents of their products.

Something to think about.

Disk Imaging

I’m beginning to feel old here but I remember my first IT job at my high school. At that time, Windows XP had just came out and all the computers on campus were running Windows ME. My first year working there, we spent the whole winter break manually formatting the existing computer lab computers, installing Windows XP, installing all of the Windows Updates, installing Microsoft Office, Adobe Reader, Flash, installing all of the network printers, etc. Over and over and over, again all by hand (I still have that damned Windows XP product key memorized).
This was before I discovered imaging. Fast forward 15 years, I very rarely ever rebuild a system from scratch because I developed a new habit. Whether it be for my personal computers or computers for clients, I get the system setup perfectly the first time, create an image for that system and store it. This way, if that computer ever crashes or it becomes time for a client to buy new systems, I just pop start the image restore, come back half an hour to an hour later and vola! A perfect, clean system already configured.

When I started working at California State University, Bakersfield I started in the “installs” department. Our job was whenever departments would order new computers, we were tasked with getting them configured with the necessary software both for the departments standards as well as the campus standards. At that time, we used Symantec’s Ghost to create an image for each particular model of a system that the campus would buy so when we would get that model again, we would already have an image for it. However, by the time my tenure of working there completed, we had signed a contract with Dell where every six months or so, we would send a master image off to them and Dell would do the imaging for us prior to shipping. Because the campus was constantly buying new computers, we could do that.

For small businesses, however, they only upgrade their hardware once every few years, if that. So I highly recommend that when you do purchase new computers for your small business, create an image and try your best to have everybody on the same model and vendor of computer (even though there are utilities to create universal images to be able to create and restore images to and from different hardware).

My go to imaging software for both personal practice and for my IT clients has always been Acronis True Image because of its simplicity and price, it starts at just $50.

So, start using imaging! Your future self will thank you!