Consider you are a tech savvy shopper & an online shopping website that doesn’t have SSL is asking for your credit/debit card information, would you enter the info? Off course the answer is no. We always think about our privacy & security when we are online. The ecommerce website owner should always show positive attitude towards security of sensitive information entered by their online customers & hence they should aware of the importance of SSL.
How Secure Sockets Layer (SSL) works?
SSL is a communication protocol that is used for securing communications (transactions) between two parties say client & server. Usually client is your web browser and server is website with whom you are interacting.
Let us consider a scenario where you are communicating with a website which is not secured. When you submit confidential information on website, the browser sends this information to web server through the network. As your information is not encrypted, any one (let’s say hacker) can read & alter it easily over network.
What exactly happens when you use SSL?
For accessing secure pages ‘https://’ is used. First step is user/browser request a web page to the web server. When transaction is initiated the server sends its public key along with its digital certificate. The next step is the web browser verifies that the digital certificate is issued by a trusted Certification Authority (e.g. RapidSSL, GeoTrust, GlobalSign etc.) & sends a message to dedicated hosting server. The web server sends back a digitally signed acknowledgement to initiate an SSL encrypted session.
After verifying the certificate of the site the browser & server uses a public key cryptography technique for communication.
In public key cryptography two types of keys are used one is public key & other is private key. When you sends sensitive information to server, server says “hey, before sending me the information use this public key to encrypt your personal information. As soon as I get your information message I will decrypt your message using my private key”.
Information encrypted with public key cannot be decrypted by any other key other than private key. So the intruders or hackers are unable to read the secured encrypted message.
Information security is very important for conducting online business. SSL helps to achieve 3 goals of secure communication -1] Authentication from both party 2] Message integrity 3] Privacy
URL of secure website start with https. Along with https browsers show a closed padlock sign in address bar that designates an encrypted connection.
You can view certificate information by clicking on the lock present in address bar. Position of padlock varies depend on browser. The latest version of SSL is also called as Transport Layer Security (TLS). In above image you can see the connection is using TLS 1.0. RSA, AES & SHA1 are the algorithms used for encryption & decryption of the text.
In conclusion we can say that the SSL establishes secure communication channel (tunnel) between customer & your website. Through SSL you prove that your website is safe & legitimate.
Changes in technologies have affected various sectors around us. Web hosting industry has also undergone several changes and has been forced to adapt to various technological upgrades. Most of the changes in the industry have occurred at the back-end and people dealing with data centers or resellers and service providers have felt it.
Listed below are the few major changes we have observed in 2013:
Shift from VPNs to Hybrid Clouds
We have been observing shift from the virtual private networks to private, hybrid, and public clouds. Most of the companies are now adopting one or the other kind of cloud computing. Competitors in this sector are constantly trying to switch workloads between private and public clouds to keep pace with changing markets. The emergence of cloud computing forces CIOs to redesign their fundamental IT strategies, creating opportunities for firms that can assist in the transition.
Cloud computing delivers software, platform, and IT infrastructure services through a shared network.
It lowers business costs and reacts swiftly to changes in business needs. Another major advantage of cloud is that it makes applications accessible from any location. While Interoperability and data security issues may hinder market growth but the cloud computing sector is growing rapidly as IT giants are actively developing new solutions to address these issues.
Dedicated Hosting Providers need to differentiate their offerings to stay in neck to neck price war. Competition from Large market players, like Amazon Web Services (AWS), Facebook and Google is heating up the place. Hosting service providers perceive this fact that unique product offerings would be the best way to fight against industry-wide pricing pressure. They have already started to offer value-added services, for eg. Advanced, proactive management, fully managed services and superior support to differentiate.
Markets are now moving to dynamic networks, persistent IP connections plus networks that are customized to serve consumers and businesses. So, Customers would certainly look out for customized deals than standard offerings, be it a small hosting package or a million dollar deal.
Security has become one of the mainstream essentials in IT industry .This would in turn mean that putting a very strong security in place is a mandate now and not just an option anymore.
Utility sector is one of the expanding sector. And utility management is one of basic need of the modern infrastructure management. Investment made on different utility supply lines ex. Water, sewage, power lines telephone lines and gas mains. So components of utility should be functional without any breakdown. And it very difficult to manage it manually, so geographic data provides spatial dimensions to its management.
Most of the case GIS maps of inferior quality without any documentation. Efficiency, environment protection and supply require good quality basic data. Reliable geospatial and location information of underground utility lines is helpful for avoiding excavation damages. GIS base utility mapping system is also important in repair and replacement of utility lines because of correct locational data. GIS modelling use for certain utilities management, in future all utility plans will be GIS based.
In GIS database, integrated information is stored and also database with functionalities of query making, statistical analysis with visualization capability and geographic analysis is the advantages of GIS maps. So we can recognize that GIS mapping is beneficial in utility management and information system. Satellite images and aerial photographs (i.e. Remote sensing data) is useful for digitization, analysis of networks and utility assets. This technology is useful for the correct representation of the infrastructure as well as geospatial information used in management system.
Through GIS actual distribution of utility lines can possible to show. And it can possible to represent with roads, buildings, and land ownership boundaries.
GIS techniques is ideal in terms of various aspects, representing infrastructure of utilities, problem identification with providing solution, in maintenance, technical problems, designing efficient meter reading. Successful utility management possible by using GIS techniques. GIS maps are important in management of underground utilities.
GIS is useful for management of daily operations of various utilities. It is useful for modeling of utility data with integration from other sources, i.e. satellite data, attribute information. GIS database with topology is beneficial in utility services as power outage, main breaks, and service stoppages.
GIS useful in utility projects:
Telecommunication industry rapidly expanding. For business growth company should know where their facilities and customers are exists. Also locational information about this data is useful. GIS database can having potential to work on this queries.
2. Water and wastewater utilities:
Integrating data from various sources and with geospatial data one manageable system is form by many water and waste water utilities. This system can be beneficial for management of flow of waste water to businesses and service homes by tracking location of water and meters, hydrants, valves. In Maharashtra government implementing Sujal and Nirmal Abhiyan Yojana, in this project consumer survey, water and energy examination, flow meter installation, hydraulic modeling and GIS mapping components included. Water flow connectivity and associated consumers can identified through maps is advantage of this GIS based project.
3. Electricity Mapping:
Restructured Accelerated Power Development & Reforms Programme (R-APDRP) project is central government project implemented in whole country. It includes preparation of Base-line data for the project area including indexing of the consumers, Mapping through GIS and Metering of Distribution Transformers and Feeders. Mapping of all electricity assets and the distribution of network over the entire assigned geography.
Collection of geospatial data of distribution network of electricity lines (i.e. HT-High tension line and LT-Low tension lines) which required DGPS survey and door to door consumer survey. In this, mapping of all electrical assets with electricity network distribution information using GIS techniques. So this project useful to mseb for actual location of the poles, electricity lines and actual consumption of the electricity. So due to this utility project good revenue generated in MSEB, also gathered correct locational and actual informative data. Using modems this electricity management system application is made live application.
In 2013, many big companies lost money & reputation because of hacking & cyber attacks. The vulnerabilities present in the website or web apps are act as back doors for hackers. There are some common threats that may affect your website. Lets see the main threats to web systems one by one.
SQL injection is one of the technique used by hacker in which SQL queries are inserted into input fields for fetching information from databases. In this technique hacker inject different SQL statements into input data field and try to read sensitive information from database. If hacker succeed in getting database credentials then he can perform administrative operations on database such as deleting the database (DROP TABLE) or making modifications in data.
e.g. Your website has ‘Contact us’ form and it takes information from user. In this contact us form the input fields like Name, Address etc are vulnerable to SQL injection. If application programmer has done proper input validations then your database is safe else hacker can compromise the database and he can expose sensitive information.
Remote File Inclusion (RFI):
Remote File Inclusion attacks are executed to target the application servers that host the website & web application. If your website is vulnerable to RFI then attacker can upload malicious scripts/file on your application server through your website. Attacker can grant access to the server and do anything with your website. The RFI threat has huge damage potential through which attacker can steal the stored data or he can hijack whole hosting server.
e.g. Your website have provision for uploading image/doc file. Through the ‘upload file’ field attacker can upload malicious script like shell script. Using the uploaded script attacker can get high privileged access to website.
Again poor field validation checks are the root cause of this RFI.
Malware is a malicious software program designed to damage the application system or to steal information for third party’s benefit. The most common types of malwares are worms, Trojans Horse, viruses, worms, spyware etc. Generally hackers inserts malicious links/softwares like invisible iframes, free tools and force users to automatically download malware software without their prior knowledge. Malware can be designed to monitor keyboard strokes through which hacker can steal the passwords of financial transactions. Such malware affected websites becomes blacklisted for hosting malicious content. You might have gone through the browser giving warning if the site is affected by malware.
Cross Site Scripting (XSS) :
Cross site scripts has potential to deface the website, hijack website user’s session.
Directory traversal allows hackers to access files in a directory using web browser. In this attacker tries to access restricted Web server files which are present outside of the server’s root directory.
The losses caused by above web threats are huge. Data centres and other stakes used for website hosting need to protected from all types of threats. Modern web sites & web apps are complex and it is not feasible to manually go through each line of code & scan for various threats. Information security professionals recommends use of automated application vulnerability scanner to identify potential security vulnerabilities & threats in the web portal. These scanners crawl through your website & report the security flaws in your website/web application. Using the scan report you can easily fix the vulnerabilities present in your web site & you can eliminate the risk of online reputation loss.
SDLC stands for Software development life cycle. It is a process that describes how to develop, design and maintain the software project ensuring that all the functional & user requirement, goals and objective are met. This methodology improves the quality of the software project and over all process of software development.
The figure shows various stages of typical SDLC
Different stages of SDLC
Requirement Gathering & Analysis phase: - 1st and important phase of SDLC for the success of software. This phase includes communication between project stakeholders, end users and project team, as requirements (both Functional & non functional) are being gathered from clients. This phase of SDLC includes:-
Design phase: – In design phase of SDLC, based on requirement captured in SRS, architecture design is proposed for project and captured in design document. This phase of SDLC includes:-
Developments Phase: - This is the longest phase of SDLC as in this phase of SDLC actual project is developed and build. This phase of SDLC includes:-
Testing phase: – The testing strategy is involved in almost all stages of SDLC. However this phase of SDLC refers to the only testing of system where bugs/defect of the system are reported, tracked and fixed. The system/project is migrated to a test environment and different type of testing is performed like functional, integration, system and acceptance. This is performed until the project reaches the quality standards as specified in SRS. This phase of SDLC includes:-
Deploy & Maintenance phase: - In this phase of SDLC, once the system is tested, it is ready to go live. The system may be first released for limited user, and tested in real business environment for UAT (user acceptance testing).This phase of SDLC includes:-
There are various SDLC models that are defined and designed to follow in software development process. These models are also called as Software development process models. Each model follows a series of steps ensuring the success of the project. Following are the list of most popular SDLC models used for software development:-
WordPress is a widely used content management system and is a favourite of all the bloggers. While many people are quite familiar with managing their many who do not know how to do many important things like optimizing the blog.
WordPress is quite famous for the sheer number of plugins available for it that allows users to perform many tasks with ease which would otherwise have been quite tedious.
I have made a list of some of the essential plugins that would be beneficial for every WordPress website:
This is a multi-purpose plugin packed with lot of cool features and is another must have for your blog.
Jetpack plugin is something worth every blog.
This is a must have WordPress plugin for any website. Akismet is used by millions of WP users to prevent their website from spam. It automatically filters spam comments and prevents spammers from posting without your permission.
Simply install the Akismet plugin and then register so you can get an API key. Once you receive your API key you can validate your account from the plugin configuration page and you are good to go.
Google XML Sitemap
Now generating and submitting sitemaps is not a mush of a task. You can use the XML sitemap plugin which will automatically generate a search engine friendly xml sitemap of your blog and also submit it to Google. Sounds good, isn’t it?
All in One SEO
This is one of the best plugin for all your SEO needs. You can optimize your post with the relevant keywords and Meta tags. It also optimizes your website by allowing you to rewrite the site title and description.
All in One SEO plugin helps users with little knowledge about SEO to do basic on page optimizations without much trouble.
Every blog needs to have social share buttons which allow the visitors to easily share the content across their social networks which in turn increase the traffic to your blog.
Sociable is a great plugin which provides social buttons of almost all the social networks including the top ones like Twitter, Facebook, Google+, Pinterest and Reddit.
To increase your traffic and allow easy sharing of content this is something you really need.
Easy Custom Auto Excerpt
This is one of my personal favourites. Most WordPress blogs have complete posts on the homepage which take up lot of space and often best the purpose of going to the individual post. Using the Excerpt plugin you can shrink your posts on homepage to show limited text and pack in higher number of posts on the homepage and get more exposure.
Increase interaction on your blogs and provide a incentive to your visitors. The CommentLuv plugin allows a reader to post a comment on your blog with a link to their latest blog post. This motivates readers to comment and also benefits them.
However, make sure that you moderate these comments so that readers do not simply spam your blog.
Fancy Author Bio
If you are accepting Guest posts on your blog and want to have author bio for the authors then Fancy Author Bio is the right thing for you.
It allows you to show author bio of each user on their posts and does this in a very stylish manner.
Despite of what type of contact you have with customer, whether it’s face to face, over phone, in a restaurant or shop, in an office or industry etc. good customer service skills helps everyone. When the customer is satisfied with the service not only they will help an organization to grow but also they will continue to do business. As we all know “there is only one Boss, and that is customer”.
So, in this blog we’ll see how excellent customer service skills will help your business to grow
Without positive language: – I can’t get you this product now, as it is re-ordered so it’s unavailable.
With Positive Language: – The product will be available in next month. But I will place your order now and make sure it is delivered to you as it’s available.
Don’t just sell products or services rather create an experience for customers
There are has been an increasing demand of cloud services and organizations are positive about moving their IT processes in the cloud. A major portion of this growth in demand has been fueled by IT outsourcing by many companies world over.
According to a recent report on Global IT trends, outsourcing was a major driver and cause of business growth. And it is estimated that within the coming five years a massive 69% of IT infrastructure would be outsourced. This is great shift by businesses and would ultimately boost cloud adoption.
Outsourcing which was earlier considered as a means to reduce costs is now used for achieving more than just cost savings. Businesses are now focused on gaining more efficiency and want to focus on the core business and as a result are looking to outsource the not so important processes.
The report estimates that, the trend of outsourcing will result in up to 69% of the IT process being outsourced within the next five years. Cost reduction, improved quality of service and reduced management time are the top reasons for this trend.
So how does the Shift happen?
Currently, majority of the companies still rely on traditional on-premise IT setup. Out of the survey respondents mentioned in the report a meagre 5% make use of a cloud service for outsourcing their IT processes. However, that is set to change within the coming years. The rate of cloud adoption is increasing but, more strangely, the private cloud which is now the second most used cloud model would be overtaken by a the outsourced cloud services in years to come.
The move to the cloud is a result of the flexibility of Hybrid Cloud which allows migrating processes and functions deemed appropriate to the cloud and retaining the other mission-critical application within the organization. Corporate email, websites and SharePoint are the top candidates which are suitable to be outsourced to a cloud solution.
What drives the Change?
A major driver for outsourcing was the cost savings which was above 10% of the annual IT spending. Security which was earlier a barrier to the adoption of cloud has now become a major determinant. In fact, it is the second important reason after cost savings, according to the report.
Furthermore, instant provisioning of resources is the need of the hour and business want the ability of quick scaling which is ideally best provided by a cloud solution.
The businesses of today are faced with global competition and are always short of resources, be it labor or capital. And technology is evolving at a rapid pace and one always needs to upgrade its IT setup with time which is a major reason for cash outflow. In such a situation a solution that offers to do more with fewer resources seems to be the ideal choice.
Need of the hour!
Every business needs to be abreast with the latest technological developments and adopt the best out of it. Cloud has enabled businesses to source the latest technology and applications without a high upfront cost. 90% of the businesses that outsource are expecting a revenue growth compared to those that still have in house setups.
And when your competitors are taking advantage of this then there is little reason why you shouldn’t.
There are various thing which you must consider before you go cloud shopping.
Have a plan of action- Identify what your focus areas are which can be moved over to the cloud
Choose the correct cloud hosting solution which would suit your business
Analyze and Improve- After successfully moving over to the cloud make sure you analyze the benefits you receive and ensure those are aligned with your long term goals.
You can read in detail about implementing a cloud solution here.
In my earlier article, we got the short and sweet understanding of Multi-Tenant database, its features and benefits. The intent of article is understanding the process of creating Container Databases CDB that can hold none, single or many Pluggable Databases PDB.
The creation of CDB databases is as almost same as those in previous releases, whereas there is difference in PBD databases. Also we shall further see the way we connect to this databases. And finally how to plug and unplug the databases.
We shall start with Creating Container Database. We shall make use of DBCA utility to create the both CDB and PDB databases. The very first screen we see the introductory screen prompting us selection of operations for creation and managing. Select “Create Database” and move ahead.
Select the “Advance Option”, this gives clear picture of the options with which we are about to create container database.
Here as we can select the template as our requirement. In our case “General Purpose or Transactional Processing” and get going.
Name the database as you wish, in our case here “CBD”. We also see the option to create the database as container database with or without any pluggable database. Here, I have chosen to “Create As Container Database” with “Create and Empty container Database”.
Select the option to Configure and Register with EM.
Provide the passwords for database users. Here, I have specified the same password for all the database users.
Again, you will notice on more textbox, where you need to provide the oracle password that you provided while installing database software. This is additional to Oracle 12c release.
Choose the listener name and port number on which listener will listen. And click “Next”.
Select the storage options and Archiving, as per requirement and click “Next”
If you are using database vault, configure the vault options else click “Next”, as default settings.
Configure memory and sizing for database.
You can save the database creation script for further reference.
You can see the summary of the options you have selected so far. If you wish you can go back and change the settings. Click “Finish” to start the installation.
You see the progress of installation step-by-step.
Click “Close” and here you have successfully created the container database. Now let us create the pluggable database in this container.
Creating Pluggable Database is very simple process. The only you specified to Container are directly applicable to pluggable database. From DBCA, select the “Manage Pluggable Databases” and move “Next”.
Select the option to create the pluggable database here.
Select the container in which you want to create the pluggable database. In our case, we only have CDB.
Specify “Create new Pluggable Database” and Click “Next”.
Provide the name of database as “PDB”, provide the username and password for this database.
Have glance at the options selected and modify if required. And “Finish” to create the database.
You can see the progress of database creation step-by-step.
Click “Close” to complete the creation of PDB.
Now once the both container and pluggable database are created, it’s important to understand the how to connect to both databases. We must know differences in the database. If it is container what are different pluggable database in it. How do we switch between containers? We shall learn about this in next article.
India is vulnerable to natural and manmade disasters. All disasters are spatial in nature. GIS techniques act as a decision support tool. Decision making can possible by analysis of different GIS layers. Currently socio-economic and geo-spatial data is useful for management and planning of disasters as well as tackling of disastrous condition. Various departments and agencies who are stakeholders using GIS in the disaster management process. GIS, RS & GPS is useful in disaster management applications & for decision making. Evolution of computer technology and availability of hardware is helpful for rapid expansion of GIS in both disaster research and practice.
GIS is useful for hazard zone mapping and during emergency conditions mitigation of people can easily possible using this maps. GIS and RS much beneficial in mitigation strategies and preparedness plans. Real time geographic data can improve the allocation of resources for response. GIS technologies is much useful in modeling of disaster risks and human adaptations to hazards. It is also provides decision support system in disaster management.
Disaster Management System:
Disaster Management is done by following steps:
GIS is the most complete information system for modeling, analyzing spatial data and displaying community vulnerability. When we identify hazard locations with critical infrastructure. Processed GIS Models can be useful for determination of event impact and necessary mitigation requirement. Preparedness is important when disastrous event occurs. On analysis of risk and hazards is beneficial in Emergency management program
Disaster and emergency management in situational awareness is essential thing. GIS techniques plays vital role to provide locational information of the event, that is, where is the event happened and what happening exactly in real time. Also by linking people, processes spatial information situational awareness established. GIS map interface important in handling emergency condition.
To achievement of preparedness, gathering of information and its advance data storing is important. In GIS, integration of information from other sources is possible. GIS solution is a standards-based. Accurate cataloging of GIS data provide useful information during emergency conditions.
Field data is very important in GIS applications and Mobile GIS provides crucial information. Field teams captures information and sent back to user. So ground information useful for recognizing actual event conditions. Then new data can be sent to operation teams in field (where disaster occur), so they have the information possible for protecting lives and providing safety to people. Whether its response or recovery phase, Mobile GIS provides right information
Important objectives of GIS database generation are,
Disaster managers from different state, city, village level using GIS database for disaster planning.
GIS database with various themes is helpful to disaster managers in decision making process when catastrophic event occur.
GIS database include following information which is beneficial in disaster management.
GIS solutions for different hazards: