2009年7月22日 星期三

要把伺服器架在自己家裡嗎?

以下是我剛剛收到的一封信,說的是它們網站 (基本上是內容不錯的月刊型和週刊型) 遭受駭客侵入,關站了一段時間,現在將陸續重新開放的公告。當中有段話是我一直的信念:
那就是用別人提供的平台來做電子商務是更安全的
這裡所謂的別人,當然是信譽卓著的虛擬主機供應商。以伺服器的管理和維護來說,虛擬主機供應商可以提供24小時的工程師團隊來維護並保障它的安全,但是即便是一個中型企業 (500 人 ~)都很難建立一個堅強的團隊,此外,專業的虛擬主機公司內部的伺服器甚多,一但有任何問題,要改用其他伺服器來執行也沒問題,但是如果只是一個小公司,這樣的硬體和人員的準備可能嗎? 成本會不會太高了呢? 唯一會讓人擔心的是資料外洩,話說回來,除非你的資料真的質與量都有很好的價值,不然誰在乎你呢,而且放在自己家裡,難道就是你自己管,難道你的程式也都自己寫,不然幫你做事的人難道就不會竊取你的資料? 所以這跟找個信譽卓著的第三方供應商比起來也沒太大的不同!

外包,其實有蠻多細節可談,不能簡單的說給或不給外包,但就這個例子來說,我認為應該外包最好。

If all goes well, iSixSigma.com will be back online by the end of this week. And CTQ Media’s other websites – RealInnovation.com, BPMEnterprise.com and Sourcingmag.com – will be up and running shortly thereafter.
It has taken more than a month to fix what hackers did. While it has been painful to be offline for so long, it was necessary to remove offending code and make our websites completely safe and reliable.

Though it is hard to see any part of a hack in a positive light, this one allowed us to discover and improve shortcomings in our servers and firewall. And it proved the value of using third parties to conduct e-commerce transactions to keep safe the personal data of our users.
We learned many lessons from this unfortunate situation. But now the job is to forget about “rootkits” and “beacons,” and get back to what we do best – supply the kind of Lean Six Sigma information that is needed by business leaders and other quality professionals.

Hopefully, for the last time, allow me to apologize for any problems we have caused for those of you who have been loyal users of iSixSigma and our other sites. Our staff is eager to get back to its regular work and we are equally anxious to have you as a regular visitor again.

Regards,

Frank Ducceschi
______________________
Vice President and Publisher
CTQ Media

沒有留言: