Security in the Tendenci SaaS Cloud at AWS

Kibana OSSEC Tendenci

Cyber Security is based on Prevention, Monitoring, and Incident Response

Associations are part of the fabric of society. We take it seriously. And we also understand there are no “perfect” or “completely secure” systems. Not even air-gapped.

To guard our SaaS AMS clients’s sites we use redundant systems. These include SSL encryption, application isolation, containers, layers of AWS (Amazon Web Services) VPC, Security Groups, ACLs, Route53 DNS, custom AMIs, virus scanners, malware scanners, pentesting, auditing and more. All of these activities generate redundant logs which need to be monitored. To do that we run what is called the “ELK Stack” or now the “Elastic Stack“.

Network Monitoring with OSSEC Logstash ElasticSearch and Kibana

Cyber Security starts with Project Management

A Cyber PM, upon initial completion, never ends. It requires constant vigilance. The process of Cyber Security can be further explained as:

  1. Architecture – Start with Security In Mind
  2. Passive Cyber Defense – Systems that are in place
  3. Active Cyber Defense
  4. Cyber Intelligence Gathering
  5. Response

** Note: There is a longer explanation on our site at https://www.tendenci.com/security/

There are many resources available for cyber security training. We encourage you to look them up and take an active role in keeping your web site, company, family and country secure from cyber attacks!

For the expanded full version of the basics of cyber security in the Tendenci SaaS cloud, view at https://www.tendenci.com/security

Let’s Encrypt Passes 1 Million SSL Certs (thanks Shelly Palmer!)

Encryption is a good thing. You should if you don’t already, encrypt your website with SSL.

Excuses? Nope. As usual, we always learn something from Shelly Palmer’s Strategic Advisor newsletter. And today is was some wonderful news! The EFF‘s efforts with Let’s Encrypt is producing some great results.

letsencryptLet’s Encrypt just passed 1M SSL certificates issued for FREE.

That means anyone can get a secure site, the ones with the lock in the URL on the top left like your bank, without paying for the certificate itself. Pretty cool accomplishment!

letsencrypt1millioncerts

And a definite tip of the hat to Shelly for pointing it out!

 

Silicon Valley Fun: Who are You Rooting for to Win the Super Bowl?

UPDATE: Final Results and Congrats to our Winner Kelly!

Below are the results of the poll!

Super Bowl Poll Results

We picked a random participant using Random.org and the winner is Kelly P.!


Schipul California

The Big Game is on Sunday and whether you’re in it for the football, the commercials, or the real-life drama of two brothers coaching against each other in the Super Bowl for the first time ever… over 100 million of us will be watching (111.3 million last year set a new record!).

In support of our Silicon Valley California Office we are pulling for the San Francisco 49ers  in the big game on Sunday – And we want to know who you are rooting for!

Crave Houston football cupcakes

Who will you be rooting for in the Super Bowl Sunday?

Vote in our poll and we’ll send one participant something sweet!

Vote before 5 PM Central time on Thursday January 31. We’ll pick a random poll participant and send you something sweet – if you’re in Houston we’ll send you cupcakes from Crave in your team’s colors!

Thanks and happy voting!

NetSquared Connects Techies and DoGooders in San Francisco Bay Area

While Silicon Valley and the Bay Area can at times be a whole world apart from Houston, there are still many things the two areas have in common – tech, geeks, startups, non-profits, and people passionate about changing the world through technology. If you’re in the Houston area, hopefully you’ve made it out to one of the Houston NetSquared meetings that Schipul hosts. They’re always fun and informative – a great way to bounce ideas of others working at the intersection of technology and do-gooding. Ed & Katie started the Houston group back in 2006, and have kept it going strong since.

I was excited to check out the San Francisco NetSquared group when I moved to this part of the world, but unfortunately couldn’t make the meeting that took place right after my move. And then summer hit, which those of us in the Bay Area know, is traditionally a quiet time for groups and activities. At the end of summer, the NetSquared community managers sent out word to group members that the previous organizer was no longer able to run the group, and asked if there was any interest in taking over those duties. Being a NetSquared fan girl, I threw my hat in the ring and offered to take the reins. I was lucky enough to have a very enthusiastic community that offered support, and fortunately two awesome folks – Regina Walton and Dave Theriault – stepped up to serve as co-organizers too. Together, the three of us are totally awesome. And no, I’m not biased at all!

I am super excited to get things kicked off with the November Meetup. Young Han from GoVoluntr will be speaking to the group about how he got started in the technology startup space, and what challenges non-profits have today and how technology can help solve them. Young is an amazing guy; I first met him at a Mountain View Chamber event hosted by our friends at Westminster Promotions. Bonus points went to me for immediately understanding what he was trying to go with GoVoluntr; we hit it off from there and have since had several great conversations surrounding do-gooding in technology. Young’s philosophy with GoVoluntr matched the Schipul Core Values so well; it was clear we’d be friends!

GoVoluntr has had an exciting fall, being asked to join the 500 Startups class. They’ve moved in to the group’s space in Mountain View (bonus to being just down the road from us in Sunnyvale – closer for coffee!) and Young and his team are getting their brains crammed with all sorts of amazing training and knowledge. Check out the recent post about their class from TechCrunch, and if you’re a Bay Area non-profit or do-gooder (yes, that’s totally a word) be sure to check out GoVoluntr!! Young and his team have built an amazing tool for connecting volunteers with those who need them, and giving volunteers a way to share and track their activity.

If you’re in San Francisco or the Silicon Valley area, we’d love to see you at a NetSquared event! If you can’t join us on November 8th, no worries – we’ve got speakers lined up for December and January, so join us then! And if you’d be interested in presenting to the group, or know someone who might be, please do let me know! We’re always on the look out for new ways to geek out over tech.

Quack! Ducks race for non-profits

This past Sunday marked the 4th Annual Silicon Valley Duck Race. It’s a fun event held in Vasona Lake Park in Los Gatos, CA where attendees get to sponsor an iconic rubber ducky as it floats down the lake. Ducks are sponsored for $5 a piece, and sponsors can win great prizes if their duck is picked across the finish line – anything from a Tahoe vacation to a gardening gift basket. There’s even a chance to win a million dollars! Sadly, none of my ducks were the lucky millionaire ones. That’s why I’m still here to write you this blog post.

The Silicon Valley Duck Race is not just an opportunity to have fun, it’s also a chance to do good. The event is coordinated on by the JewishFamily Services of Silicon Valley, but benefits a total of seventeen different non-profits and charities in the area. Typically the race sells out and all 15,000 ducks in the race are sponsored before start, but this year sales were sluggish. Leading up to race day only about 11,000 had been sold – a strong showing but another example for non-profits how overall giving is down. Media attention surrounding the low sales plus a gorgeous Sunday led to a last-minute push for a total of 13,502 ducks sponsored.

This ducky is usually on top of the San Jose Children's Discovery Museum

It was my first time at the duck race, and I really enjoyed it! I was most surprised to see the giant duck that resides at the top of the San Jose Children’s Discovery Museum down at ground level. When I was first exploring downtown San Jose, I noticed this giant duck on top of a building and couldn’t imagine what for. Then it dawned on me – that had to be the Children’s Museum! It was really cool to see it up close. The duck race was such a fun event, and made all the better by the non-profit support. Plus a day in the California sunshine didn’t hurt either. I’m already looking forward to next year! Photos  from the Silicon Valley Duck Race are online at Schipul.com and you can watch the duck launch too!

Five Companies to Watch from Launch Silicon Valley 2011

Launch Silicon Valley event 2011

Yesterday was the annual Launch Silicon Valley event, hosted by the Silicon Valley Association of Startup Entrepreneurs. The event took place in Mountain View at the Microsoft campus, and had several big names in tech and startups speaking. At Schipul, we love building websites for entrepreneurs – we are one! – and we get totally geeky and excited about new technologies; so this was a must-attend for us. I took one for the team and made the trip to Mountain View (about five miles from our Sunnyvale office) and braved the 65 degree and sunny weather to check it out. Before you hate on me too much, please note that at one point there was no coffee available. NO. COFFEE.

In the morning, the agenda focused largely on panel discussions on the future of venture capital and entrepreneurship in Silicon Valley, as well as the rest of the world. You’ve likely heard it suggested that we’re currently in another “tech bubble”; based off of the recent LinkedIn IPO and a coming IPO from Groupon. While most everyone agreed that yes, we are seeing a bubble again, they felt that things would be different this time since the overall world economy is still struggling. That factor would keep the stock market in check; since no matter how excited you may have personally been to hear about these IPOs it’s highly unlikely that the average American is in a position to wager a big bet on them. For that matter, few companies would be able to either. There’s not a huge worry about throwing the breaks on this bubble, and the overall hope is that entrepreneurs who get large valuations will cash out quick and then reinvest back into the venture capital arena.

LT. Governor Gavin Newsom by Joel Henner

The economic talk continued with California Lt. Governor Gavin Newsom appearing at the conference to chat about development in Silicon Valley and California as a whole. Newsom mentioned that he had recently been visiting several states to see how the others work with their businesses, and mentioned Texas as one of those stops. Newsom stated that in California, 33% of residents have been unemployed for over a year. 33%. It’s a mindboggling figure, and one that many of us in Silicon Valley are isolated from, as unemployment numbers have actually been decreasing in this area. It speaks to the importance of  entrepreneurship and strong technical education; as those new startups who develop new technologies need folks to hire. Newsom’s talk is available on YouTube; I highly recommend you checking it out. He’s a great speaker and I’m excited to see what’s in store with him as Lt. Governor.

But on to the good stuff. The afternoon was full of startup pitches; companies who had been around for a year or more and those that just started last month – all presenting on their product, idea, technology. Presentations were limited to 6 minutes and then a panel was allowed to ask questions. Viewers in the audience then voted on the idea they think has the best chance of making it. You can view a full list of the companies who presented at the SVASE website (bottom of the page). Here’s five companies that I think you should keep an eye on:

1. Steelhouse – Steelhouse combines two things a Schipulite loves – web analytics and eCommerce solutions. Steelhouse enables a eCommerce company to get real data on their customers and then better target their promotions to them. As a company, you’ve got to love the idea of being able to really drill-down on the activity going on in your shopping cart. Who’s buying? What time? What made them click? Where did they travel to on the site? How long were they there? Do they come back late at night? How many people looked at this campaign in the last 30 days? How about the last 30 seconds? Think of it like Google Analytics on  steroids. Better yet, check out the site! The President of Steelhouse is Mark Douglas, who used to work for a little website called eHarmony.com. Maybe you’ve heard of it. It’s okay if you don’t want to tell us how.

2. Take The Interview – The former Operations Manager in me loved this one. Take The Interview is a cloud-based platform that enables employers to better screen job applicants. It’s hard to tell what someone is really like from just a resume. It’s hard for a jobseeker to stand out from all the other resumes, unless you use Comic Sans 16-point font in hot pink. [Please don’t ever do that.] Wouldn’t it be great if you could have applicants submit a little video of themselves answering some of your core interview questions? Wouldn’t you as an applicant love the chance to get your bright smile across right away? This platform makes it possible. I’m excited to see this one develop, and especially curious to see how some of our Tendenci job board users might be able to incorporate it in to their processes.

3. Innovalley – Did you ever see a video about a guy with a hoodie that had the controls for his iPod built right into the sleeve? Yea, that was these guys. They call it “smart apparel” and it can be anything from the  aforementioned  hoodie to a laptop bag that charges your laptop and sneakers with built-in GPS. I want it all.

4. Oomba – These guys? Well these guys are having some naming troubles, so the name was changed from Waba to Oomba literally the day before Launch 2011. The website doesn’t tell you much; but imagine a company that allowed you to trade those virtual objects you collect in games like FarmVille and World of Warcraft, or even auction them off to the highest bidder. Since you, of course, don’t play FarmVille you may not know much about these items  (at least not that you’ll admit, but don’t worry, your secret is safe with us. On the Internet.)

In many games though, you can earn or capture rare items like a sword or talking cow. Maybe you earn two talking cows and decide it’s too much, because they’re arguing all the time. So you want to sell one, because it would be virtually mean to just let one go wander in a virtual field. eBay however banned you from doing that, so where do you go? Oomba is your place. The company is headed up by Michael Williams, a guy who has written many computer games himself and who gave the best presentation I saw. Also on board with him is Nolan Bushnell, who founded Atari and Chuck E. Cheese. [No, really. And I was totally in the room with that guy.] And cause that wasn’t enough, they also brought on the guy who created Magic: the Gathering and Pokemon. I think it’s safe to say this is a team that knows a bit about gaming and collecting. I’m excited about this one.

5. Trutag Technologies – You know that medicine your doctor just prescribed for you? There’s a 10% chance that it is  counterfeit. On the surface, 10% isn’t a lot, right? But we’re talking about something that you’re taking to get better, something that if you take the wrong thing, could do you real harm. Now 10% is a massively large number, isn’t it? Trutag looks to fix that with a edible bar code that will authenticate medicine at the dosage level. While they primarily focused on the medical applications at Launch 2011, they detail other possible uses on their website. While I think it’s kinda weird to think that your medicine has been tagged with something that can be read by a scanner but is edible; the technology behind it all is amazing.

Steelhouse, TruTags, and Innovalley were all voted as “Most Likely to Succeed”, along with Sylvatex Biofuels, Warranty Life, and Flyvie (which I know our own Katie Laird will be interested in). It was so interesting to hear from these entrepreneurs and get an idea of some of the technologies being developed today. Innovation is still alive and well! If you’re interested in learning more about the start up culture in Silicon Valley, check out the SVASE website. The group is a great resource for those looking for venture capital funding, and for tips on how to navigate the many challenges of a startup. Maybe we’ll see you at Launch 2012!

Featured image photo courtesy of our own Ed Schipul //   Lt. Governor photo courtesy of photography Joel Henner from PR Newswire