Skip to Content

Blog

Cloudstar Adds Support for FreeBSD

Cloudstar is pleased to announce support for the ultra secure unix like FreeBSD operating system- when hosted in either our private cloud, public cloud, or within our customer’s infrastructure.

FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular open-source BSD operating system, accounting for more than three-quarters of all installed simply, permissively licensed BSD systems.

FreeBSD has similarities with Linux, with two major differences in scope and licensing: FreeBSD maintains a complete system, i.e. the project delivers a kernel, device drivers, userland utilities, and documentation, as opposed to Linux only delivering a kernel and drivers, and relying on third-parties for system software; and FreeBSD source code is generally released under a permissive BSD license, as opposed to the copyleft GPL used by Linux.

The FreeBSD project includes a security team overseeing all software shipped in the base distribution. A wide range of additional third-party applications may be installed using the pkg package management system or FreeBSD Ports, or by compiling source code.

Much of FreeBSD’s codebase has become an integral part of other operating systems such as Darwin (the basis for macOS, iOS, iPadOS, watchOS, and tvOS), TrueNAS (an open-source NAS/SAN operating system), and the system software for the PlayStation 3 and PlayStation 4 game consoles.

FreeBSD

 

0 Continue Reading →

Cloudstar Welcomes Director of Title Services

FOR IMMEDIATE RELEASE

January 8th 2021 – Jacksonville FL.  Cloudstar is proud to announce and welcome Nancy Allen as the company’s Director of Title Services.  Nancy will be responsible for managing the title service department which includes consulting, SQL reporting, and workflow services for ResWare, RamQuest and SoftPro along with developing innovative new technologies such as blockchain integrations, APIs, and machine learning.

Throughout her 15+ year career, Nancy has worked across a wide range of industries from real estate title, settlement services and mortgage default, to FinTech, Big Data, and blockchain technology. Nancy specializes in process improvement, data analysis, product and project management and technology implementation.  She is also a subject matter expert in the mortgage industry.  Prior to her current role, she served as Senior Vice President of Operations at Oversite Data Services, LLC., where she was instrumental in developing a docket-based legal compliance and management solution recognized by HousingWire as one of the most innovative technologies in the U.S. housing economy. Additionally, Nancy served as Director of Operations at Albertelli Law, a full-service real estate law firm.

“We are extremely excited to have Nancy on board as her industry and technical knowledge make her a true leader in the mortgage and land title space and a major asset to our team” said Christopher Cury, EVP at Cloudstar.

Nancy graduated Summa Cum Laude from Florida International University, obtaining her Bachelor’s degree in Finance, and is currently an MBA candidate, specializing in Business Data Analytics.  She holds Six Sigma Champion and Lean Black Belt certifications and has a distinguished record for successfully analyzing critical business needs, identifying deficiencies and opportunities, and developing innovative and cost-effective solutions to accelerate growth and drive performance.  Nancy is an incredible talent with the experience and ability to make an immediate impact on any operation.

Nancy Allen ResWare Consultant Cloudstar

0 Continue Reading →

Cloudstar Adds Support for Promox Virtual Environment

Cloudstar is pleased to announce the addition & support of Promox Virtual Environment to our suite of Cloud products and services.

Promox provides compute, network, and storage layers into one single solution and is part of Cloudstar’s strategy to embrace open sourced solutions meet the next generation of cyber security challenges.  This addition dovetails with the addition of Cloudstar’s Linux and open-source offerings through our recent acquisition of open sourced hosting company, CloudBunny.

“Banks, Credit Unions, Law Firms, and Title Companies, are facing more cyber security challenges than ever before, and by embracing the native security that open source solutions such as Linux provide, they’ll have one more tool in their arsenal of defense against ransomware and data breaches” said Gregory McDonald, CEO of Cloudstar.

Proxmox VE is an open-source server management platform for your enterprise virtualization. It tightly integrates KVM hypervisor and LXC, software-defined storage, and networking functionality on a single platform. With the integrated web-based user interface you can easily manage VMs and containers, highly available clusters, or the integrated disaster recovery tools with ease.

Enterprise-class features and a 100% software-based focus make Proxmox VE the perfect choice to virtualize your IT infrastructure, optimize existing resources and increase efficiencies with minimal expense. You can easily virtualize even the most demanding Linux and Windows application workloads, and dynamically scale computing and storage as your needs grow ensuring that your data center adjusts for future growth.

Promox

 

0 Continue Reading →

Cloudstar Publishes Work From Home Internet Guidelines

With COVID-19 lockdowns increasing, more and more people are choosing to work from home.  Some are not even choosing; they have no other option. With that being said, many are experiencing trouble connecting and have no idea where the problem may reside.

Cloudstar is pleased to provide new educational resources to help those working from home better understand the Internet technology they rely on to perform their day-to-day tasks.  These business related tasks are very different from traditional home Internet use such as streaming video content, or engaging with friends over social media.

Let’s take a look at what’s required of our Internet connection to use business applications, remote desktops, video conferencing, and VoIP.  Then, take a deeper dive in how it all works, and the steps we can take to make our Internet work even better.

Click HERE to learn more.

0 Continue Reading →

Cloudstar Launches Virtual CTO Service

Cloudstar is pleased announce a new service offering, designed to address business of all sizes, by offering virtual CTO’s on demand.

Is your business struggling with finding technology solutions to fit its needs? Do you believe you are losing money due to a lack of technological efficiency? A Virtual Chief Technology Officer, an outsourced, off-site IT manager, solves these issues and more every day.

Click HERE to learn more!

 

0 Continue Reading →

Cloudstar Introduces Support for End-of-Life Systems

A significant portion of the country’s businesses still rely on old, dead operating systems, which puts them at grave cybersecurity risk.

End-of-Live System and Obsolete OS Hosting from Cloudstar is the solution.

Research by Kaspersky found that four in ten of very small businesses (VSB), and roughly half of small and medium-sized businesses (SMB), still rely on operating systems such as Windows XP or Windows 7 which are nearing their end of life.  Many still are forced to run dangerously outdated server operating systems, some dating back to the 1990’s such as Windows NT, or Novell Netware.

Sometimes however, there are specific reasons why business must continue forward running these outdated operating systems.  Legacy line of business applications, custom software that cost millions to write, tends to drive the decision.

Security is not only the biggest concern. Often times, as employees retire, knowledge is lost, and today’s IT professionals simply aren’t trained on 30 year old technology- Hardware begins to fail, placing these companies between a rock and a hard place.

Cloudstar is here to help extend the life of your business applications.  Our team of experts can transfer outdated workloads from on premise hardware, to secure custom build cloud environments where it is forever preserved.  Our team is here to assist as an extension of yours, and through VPNs,  private circuits, and image based server imaging, we do our best to tackle the security challenges and recovery.

Click HERE to learn more.

 

.

0 Continue Reading →

Microsoft overhauls Excel with live custom data types

By 

Excel now goes far beyond text and numbers.

Microsoft is overhauling Excel with the ability to support custom live data types. Excel users have been using Microsoft’s spreadsheet tool for decades to import, organize, and analyze data, but the basic data types have always been limited to text and numbers. While Microsoft has added dynamic arrays and some custom stocks and geography data types previously, the company is now updating Excel to let people import their own data as a custom data type.

This means you’ll be able to manipulate data in Excel in new ways and hopefully without much of the hassle that exists today. You could import the data type for Seattle, for example, and then create a formula that references that single cell to pull out information on the population of Seattle.

These data types work by cramming a set of structured data into a single cell in Excel that can then be referenced by the rest of the spreadsheet. Data can also be refreshed to keep it up to date. If you’re a student who is researching the periodic table, for example, you could create a cell for each element and easily pull out individual data from there.

Microsoft is bringing more than 100 new data types into Excel for Microsoft 365 Personal or Family subscribers. Excel users will be able to track stocks, pull in nutritional information for dieting plans, and much more, thanks to data from Wolfram Alpha’s service. This is currently available for Office beta testers in the Insiders program.

Where these custom data types will be most powerful is obviously for businesses that rely on Excel daily. Microsoft is leveraging its Power BI service to act as the connector to bring sources of data into Excel data types on the commercial side, allowing businesses to connect up a variety of data. This could be hierarchical data or even references to other data types and images. Businesses will even be able to convert existing cells into linked data types, making data analysis a lot easier.

Power BI won’t be the only way for this feature to work, though. When you import data into Excel, you can now transform it into a data type with Power Query. That could include information from files, databases, websites, and more. The data that’s imported can be cleaned up and then converted into a data type to be used in spreadsheets. If you’ve pulled in data using Power Query, it’s easy to refresh the data from its original source.

The key to how this will all work in practice is just how well Power BI and Excel can handle the original data being fed into it by businesses. Excel and Power BI will need to competently detect patterns in data, apply its logic to structure that data, and ultimately transform it into something usable inside a spreadsheet. While Excel users will be able to clean up the data that’s being processed, that’s often easier said than done.

These new Power BI data types will be available in Excel for Windows for all Microsoft 365 / Office 365 subscribers that also have a Power BI Pro service plan. Power Query data types are also rolling out to subscribers. On the consumer side, Wolfram Alpha data types are currently available in preview for Office insiders and should be available to all Microsoft 365 subscribers soon.

SOURCE

0 Continue Reading →

Nitro PDF suffers massive data breach, exposing Microsoft, Google, Amazon documents

By 

1TB of documents allegedly stolen from the company’s cloud service and sold online

The Australian company behind the popular PDF software Nitro PDF has suffered a data breach that may have impacted several other well-known organizations.

As reported by BleepingComputerNitro PDF is used by over 10 thousand business customers, including the likes of Google, Apple, Microsoft, Case and Citibank, and 1.8m licensed users. However, the company also offers a cloud service that can be used by customers to share documents with coworkers as well as with employees at other organizations.

In an advisory published on the investor relations section of its site, Nitro Software informed its customers that it had suffered a “low impact security incident” though no sensitive financial data was impacted, saying:

“Nitro’s investigation into the incident remains ongoing. There is no evidence currently that any sensitive or financial data relating to customers has been impacted or that any information has been misused. Nitro has elevated its monitoring and security protocols and has not identified any further malicious activity connected to the incident.”

According to Cyble, the user credential database table contains 70m user records which contain the email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses and other system data from Nitro Software’s customers.

For instance, the database reportedly contains 17,137 documents from Amazon, 6,405 from Apple, 137,285 from Citi, 32,153 from Google and 2,390 from Microsoft. There is also a great deal of information related to financial reports, M&A activities, NDAs and product releases included in the database.

“Nitro continues to investigate an isolated security incident involving limited access to a Nitro database by an unauthorised third party,” Nitro told TechRadar Pro in a statement.

“The incident database does not contain any user or customer documents, which are hosted in a separate database in a different location.”

“The incident database is primarily used for service logging purposes related to Nitro’s popular free online document conversion services.”

“Usage of Nitro’s free document conversion services does not require users to create an account or become a Nitro customer. Users are required to provide an email address – converted files are delivered to the email address provided – and common email domains are frequently entered and will show up in these logs.”

“For clarity, the email domains in these logs do not constitute Nitro ‘customers’ or ‘accounts’, and the logs do not contain any documents.”

“There is currently no established evidence that any sensitive or financial data relating to customers has been compromised. There is no impact to Nitro Pro or Nitro Analytics.”

“Nitro’s environment was fully secured immediately after the incident was identified. While the incident database does not contain sensitive or financial information, and passwords are highly encrypted, we are communicating with customers and have implemented a password reset as a precautionary measure.”

Source

0 Continue Reading →

Finally: A usable and secure password policy backed by science

by Daniel Tkacik, 

After nearly a decade of studies, the passwords research group in Carnegie Mellon’s CyLab Security and Privacy Institute has developed a policy for creating passwords that maintains balance between security and usability—one backed by hard science.

Forget all the rules about uppercase and lowercase letters, numbers and symbols; your  just needs to be at least 12 characters, and it needs to pass a real-time strength test developed by the researchers.

The study will be presented at next month’s ACM Conference on Computer and Communications Security, which will be held virtually.

“The policy we developed allows users to create passwords that are both easier to remember and more secure against sophisticated attackers,” says Lorrie Cranor, director of CyLab and a professor in the Institute for Software Research (ISR) and the department of Engineering and Public Policy (EPP). “Interestingly, our data show that requiring more character classes—uppercase letters, symbols, and digits—doesn’t increase password strength as much as other requirements and it tends to have  on password usability.”

In 2016, the researchers developed a password-strength meter powered by an artificial neural network that was relatively small in size—a few hundred kilobytes, which is small enough to encode into a web browser. The strength meter gave users a strength score and offered suggestions in real-time. View a demo of the meter.

“It was kind of a game changer,” says Lujo Bauer, a professor in electrical and computer engineering (ECE) and ISR, “… because no other password meters until then offered accurate, data-driven, real-time feedback on how to make the passwords stronger.”

Equipped with this state-of-the-art password meter, the researchers then approached password policies from a whole new perspective: with the idea that a password must achieve a certain threshold score on their password meter. This new perspective led the researchers to discover a threshold between password strength and length—one that causes users to create passwords that are both stronger and more usable than they would under common password policies.

To reach this discovery, the researchers conducted online experiments, evaluating combinations of minimum-length requirements, character-class requirements, minimum-strength requirements, and password blocklists—lists of words that shouldn’t be allowed to be used in passwords due to their common use.

In the online experiments, study participants were asked to create and recall passwords under randomly assigned password policies. First, participants assumed the role of someone whose email provider had been breached and needed to create a new password according to their assigned policy. Then, a few days later, they were asked to recall their password as a way to measure the usability of the password policy.

“We found that a  requiring both a minimum strength and a minimum length of 12 characters achieved a good balance between security and usability,” says Nicolas Christin, a professor in ISR and EPP.

Although blocklist and minimum-strength policies can produce similar results, minimum-strength policies are flexibly configured to a desired security level, and they are easier to deploy alongside real-time requirements feedback in high-security settings.

“Now that we are providing concrete guidance on password policies, we’re optimistic that companies and organizations may adopt our recommendations,” says Joshua Tan, a postdoctoral researcher in ISR and CyLab.

0 Continue Reading →

Cloudstar Now Offering Open VZ Support

Cloudstar is please to announce support for pre-existing OpenVZ instances, as well as fully managed OpenVZ, and OpenVZ isolated container hosting.

OpenVZ is container-based virtualization for Linux. OpenVZ creates multiple secure, isolated containers (otherwise known as VEs or VPSs) on a single physical server enabling better server utilization and ensuring that applications do not conflict. Each container performs and executes exactly like a stand-alone server; a container can be rebooted independently and have root access, users, IP addresses, memory, processes, files, applications, system libraries and configuration files. For more information about the technology and how it differs from the others like Xen, VMware etc., see introduction to virtualization

While virtualization technologies such as VMwareXen and KVM provide full virtualization and can run multiple operating systems and different kernel versions, OpenVZ uses a single Linux kernel and therefore can run only Linux.

Containerized Applications benefit from being both highly portable, and sand-boxed for additional security.

Open VZ

 

 

0 Continue Reading →