What is IT? IT is the design, setup, maintenance, security, troubleshooting, fixing of computers, servers, networks, portable devices and the software that powers them.
"DevOps" / SRE / Systems Engineer / Operations Engineer
What is DevOps?
DevOps (a portmanteau of development and operations) is a software development method that stresses communication, collaboration and integration between software developers and information technology (IT) professionals. DevOps is a response to the interdependence of software development and IT operations. It aims to help an organization rapidly produce software products and services.
In simpler terms:
Development Oriented Operations that design and implementation of rapidly changing products/services. While the philosophy of DevOps dictates that there should be no "DevOps Engineers" as this creates a new silo, many call Operation Engineers who subscribe to this philosophy and methodology of DevOps "Devops Engineers". These "DevOps Engineers" are experts in SDLC (Software Delivery Life Cycle), automation, scaling, etc. They rely on writing code to automatically spin up and configure servers and applications. This is the adoption of "Infrastructre as code". By automating deployments you ensure that everything is repeatable and a server failure can be mitigated with as little human intervention as possible. This is also important when rapid growth is a concern as spinning up additional systems require minimal human interaction, and depending on the use case can automatically scale up/down as load increases/decreases.
Some tools in a devops bag: Bash (*nix shell), Ruby (Chef/Puppet/Capistrano), Python (Ansible/Saltstack/Fabric), etc.
When do I know when I have reached the point where I need a DevOps approach and culture?
If your product/service takes weeks to roll out simple changes and requires several outages to accomplish the upgrade then you are probably in need of DevOps culture.
What is Digital forensics?
It is the preservation, collection, examination, and presentation of evidence in an acceptable method that will uphold in court.
Why would I need that?
Do you have an employee that you think might be violating some company policies? We have experience in both covert and out in the open digital forensic investigations.
Couldn't I have my regular IT staff do that?
While they might know how to do it, they most likely will not have been trained in the methods the courts will accept. If this employee is fired, and later comes back and tries to sue you, your evidence might be inadmissible in court and you will have no acceptable evidence to help you. However, we have staff that have all been formally trained in digital forensics and will help protect you from the defense invalidating your evidence.
I prefer to think of myself as a "Security Conscious Engineer" and not a security professional. While security is interesting I like a more holistic approach than I can get as being the the security person. To me security is all about layering and making it cost more for an attacker than they are willing to pay. Rather than focusing on the perimeter firewall (which is still important) I take the stance that I will never prevent them from penetrating the first line of defense. The more hoops that need to be jumped through as an attacker the better. It is important to consider the user and how security decisions impact users. Without the use of password managers (I prefer using local and encrypting it before syncing it around) I do not recommend people use "random" passwords as they are hard to remember and lead to them being recorded in plain text. I encourage users to create very long passwords that are almost impossible to brute force and are easy to remember. For example: "I went to the store and bought 3 dozen eggs because it was 50 % off.". Even ignoring the potential of a dictionary attack (seriously with that many words, punctuation, optional/intentional typos, etc this is not really feasible) this will take a lot of computational resources and can be easily prevented with use of a good lockout policy and/or multi factor authentication.
If you have been breached
This is not really my area of expertise though I have helped individuals and companies deal with breaches so I will partner with a professional that this is their focus. I will work moreso on assisting their investigation, remediation, and outlining a plan for prevention.
Whether you're setting up your office for the first time, or are an established company, you need someone who understands software and networking. Those that only understand one or the other will not serve you well as it is very common to "blame the network" or the applications due to lack of understanding of both. Where possible I prefer dealing with Software defined Networking in environments such as aws. In other scenarios we will interface with your internet service provider to ensure you receive the quality of internet you deserve. Within your local area network we will setup anything you need from subnets, custom routing, VLANS, DMZs, etc.
Backup Solutions / Disaster Recovery
Lets face it hardware all fails at some point. Don't allow yourself to be cornered, be prepared for a hard drive, server, desktop, or laptop crash. With a wide variety of options today from take home backups, server backups, and cloud solutions we can help protect your data and your business in event of failure.
The unthinkable happened: your server, laptop, or desktop, crashed and now your business and livelihood are on the line. With many years of experience of data recovery and file carving we are your best local option.