Select Page
RPA DNA – What is Robotic Process Automation?

RPA DNA – What is Robotic Process Automation?

Robotic Process Automation (RPA) is a new software technology that has the potential, in conjunction with AI technologies, to transform business processes, policies, and Enterprise Resource Planning (ERP) systems.

Robotic Process Automation RPA

RPA removes workers’ mundane, time-consuming tasks so that they can alternatively focus on innovation and creation. With RPA, software robots, rather than humans, quickly and efficiently perform data system tasks. Simple software robots can log in to data systems, locate and move files, insert and alter information in data systems, and assist in analytics and reporting.

More advanced software robots, especially if they have AI technology, can interpret, organize, and make decisions in a cognitive, human-like way. Businesses will discover that RPA technology is relatively inexpensive to implement, and it is business-ready and scalable.

A variety of different industries — in manufacturing, finance, and healthcare — can benefit from adopting RPA technology into their business operations and processes. The benefits of RPA technology are expansive, and these benefits carry over into ERP system implementations and ERP processes. Ultimately, with RPA, businesses can focus on improving their workplace atmospheres so that they are more efficient and productive.

What are the benefits of Robotic Process Automation (RPA)?

As businesses seek to automate their work flows to become more efficient and productive, Robotic Process Automation (RPA) will continue to transform workplace atmospheres and advance processes and operations while increasing production and profits. By implementing RPA technology, businesses will realize the following benefits:

  • RPA is initially inexpensive to implement and is ready for use, with minimal coding, by most data systems.
  • RPA eliminates some of the monotonous, arduous tasks that fatigue workers.
  • RPA eliminates human error and encourages speed, efficiency, and accuracy of repetitive tasks.
  • RPA adapts to meet increased production needs and ultimately reduces costs and increases production.
  • RPA creates a happier working atmosphere in which employees can focus on customer relations and innovation rather than mundane tasks.
  • RPA encourages a strong increase in rate on investment (ROI).
  • RPA promotes consistent compliance with industry and government standards.
  • RPA enhances security by eliminating human interaction with sensitive, private information.
  • RPA can automatically generate reports and analytics that businesses can use to improve their processes and operations.

How does Robotic Process Automation (RPA) integrate with ERP systems?

Enterprise resource planning (ERP) systems are essential for businesses to tailor their workplace atmospheres, and by utilizing Robotic Process Automation (RPA), businesses can automate and reappropriate mundane tasks to software robots rather than humans.

Users will be able to realize the full benefits of ERP systems and focus on more foundational tasks while RPA accomplishes lower-skilled, mundane tasks. ERP systems will experience similar benefits that businesses have when integrating Robotic Process Automation (RPA). Some areas that ERP operations can utilize and benefit from RPA include:

  • Accurate data capture and transfer
  • Assistance with and automation of data migration
  • Inventory and supply chain management
  • Real-time data sharing
  • Real-time analytics and reporting necessary for compliance

Why should businesses integrate their ERP systems with RPA technology?

Many companies are hesitant to implement Robotic Process Automation (RPA) or fear that RPA will eliminate workers. RPA is cost-effective and easy for businesses to implement and integrate into their ERP systems. RPA software increases speed, productivity, and efficiency of processes and operations while encouraging a happier workplace atmosphere.

RPA doesn’t replace humans. It certainly is more consistent and reliable, but there will always be a need for human interaction. Although RPA will eliminate many of the lower-skilled, mundane tasks that humans must perform, workers will still be responsible for higher-skilled, fundamental tasks. As RPA streamlines workplaces and ERP systems, humans will be able to focus on more complex, meaningful tasks that will help businesses grow and maximize profits.

Combining an ERP system with new cloud-based technology allows businesses to experience all the benefits of both while approaching the future with automation and efficiency. Businesses will see cost reductions and great increases in rate on investment (ROI).

ERP systems with integrated RPA technology encourage streamlined workplace atmospheres, innovation, competitiveness, and ultimately, business growth. RPA lets workers enjoy their coffee, innovate, and communicate with customers while it does the grunt work.

Looking for answers to questions about how new technology can help your business? Fill out the form to meet with our team to learn how cloud-based solutions and services can help you achieve your goals!

ChatGPT Security? Tell Me About Your Motherboard

ChatGPT Security? Tell Me About Your Motherboard

ChatGPT security concerns reveal that business owners are hesitant to let AI replace humans.

In November 2022, OpenAI introduced ChatGPT, an artificially intelligent, natural language chatbot. ChatGPT interacts with its users in uncannily humanistic and intelligent ways. 

ChatGPT Security EstesCloud

ChatGPT (Conversational Generative Pre-trained Transformer) is a new type of artificial intelligence technology that is being developed to improve the way people interact with machines. While it is intended to provide faster and more intuitive responses to queries, it also carries potential security risks, especially for business owners. 

The main concern is that, due to its complex nature, it could result in the loss of private data at great cost to companies and their employees. Furthermore, the technology could lead to a lack of control over data and give hackers the power to manipulate user behavior. This could be particularly damaging to those who rely on personal data to make decisions, such as financial services.

Additionally, ChatGPT could potentially cause unintended consequences, such as decreased privacy, as well as a lack of transparency. Therefore, it is essential to understand the implications of this technology before it is put into use.

The capabilities of ChatGPT and other Artificially Intelligent (AI) platforms are truly astounding. Users can ask ChatGPT questions and expect meaningful, accurate answers. However, these advancements in AI and chatbot technology come with their own set of compliance, privacy, and cybersecurity concerns. 

For instance, as these AI platforms become more sophisticated, they may begin to store more personal data and analyze user behavior. This could lead to potential privacy violations and other security risks:

  • AI-powered chatbots are particularly vulnerable to malicious attacks, as hackers may attempt to exploit vulnerabilities in AI platforms in order to gain access to sensitive information, manipulate data, or disrupt operations.
  • Additionally, AI-powered chatbots may be vulnerable to social engineering attacks, wherein hackers may use techniques such as phishing, impersonation, and disinformation to gain access to systems or manipulate people.
  • Furthermore, AI-powered chatbots may be vulnerable to data poisoning attacks, wherein hackers may input malicious data into AI systems in order to corrupt their output.
  • Finally, AI-powered chatbots may be vulnerable to adversarial attacks, wherein hackers may use sophisticated methods to fool the AI system into producing incorrect results.

These attacks can be used to gain access to valuable data, disrupt operations, or even cause physical harm. As such, it is important for businesses to take the necessary steps to protect their AI platforms from potential cyber threats. 

The question and answer exchange feature of a chat-based AI tool allows users to exchange information and collect personal data, making it easier to target specific audiences with tailored content.

AI security issues surface greater challenges in company data management.

Sophisticated chatbots provide an efficient way to generate content quickly, allowing users to quickly respond to customer requests or create high-quality content. As AI systems collect data, threat actors can scavenge for personal data, such as payment information or an email address. Something immediately helpful in customer relationship management soon becomes a data management nightmare.

Aside from the entertainment and educational capabilities of this new AI technology, ChatGPT and its other rival AI platforms have the potential to revolutionize the internet and working atmospheres.

In the technology realm, IT workers can use ChatGPT to enhance their development by asking the tool to quickly write or revise code. Considering the capabilities of AI platforms, it’s no wonder why companies are investing in and implementing AI technology.

However, like many other technological advances in history, AI platforms have potential privacy and cybersecurity risks. Recently, Italy, Spain, and other European countries have raised concerns about the potential privacy violations that could arise from using ChatGPT, an artificial intelligence (AI) platform. As a result, these countries have sought to introduce new regulations to ensure that ChatGPT respects the privacy of its users.

In particular, these regulations would require the platform to limit the collection, use, and disclosure of users’ personal data, as well as to ensure that users are able to access, modify, or delete the personal data they have provided to the platform. The regulations would require ChatGPT to take appropriate steps to ensure that any personal data collected is adequately protected from unauthorized access, use, or disclosure. This includes implementing appropriate technical and organizational measures such as encryption, pseudonymization, and secure storage systems. 

ChatGPT would also be required to provide users with clear and detailed information about how their personal data is being used, such as the purposes for which it is being collected and processed, the categories of data being collected, how long it will be stored, and who it will be shared with. Furthermore, ChatGPT would need to ensure that users are aware of their rights in relation to their personal data, including their right to access and to request rectification or deletion of their data.

Many countries have banned ChatGPT. Under the Biden administration, the United States will roll out a comprehensive national security strategy to address the growing threat of hacking and malicious use of artificial intelligence (AI) platforms. This strategy will involve the coordination of multiple federal departments and agencies, including the Department of Defense, the Department of Homeland Security, the Department of Justice, and the Office of the Director of National Intelligence. It will also require close coordination with international partners and allies, as well as the private sector and civil society organizations to ensure that the strategy is effective and comprehensive in scope.

The strategy will include a focus on protecting critical infrastructure, strengthening deterrence and detection capabilities, improving information sharing and collaboration, and developing new technologies to protect against malicious cyber threats and malicious AI use. The strategy will also involve enhancing international cooperation and engagement to counter malicious cyber activities, as well as increasing public and private investments in cyber security research and development.

The Biden administration will also be seeking to build public-private partnerships to improve the security of both public and private sector networks and systems. AI platforms are increasingly becoming popular due to their innovative and highly capable nature. However, these platforms are not without their risks and need to be assessed by multiple parties.

Cybercriminals are constantly looking for ways to take advantage of these platforms, targeting them in order to steal confidential information, generate malicious software, or gain access to data systems. These types of cyber attacks can have serious implications for the security of the platform and its users, resulting in the loss of valuable data, financial information, and sensitive personal information. Therefore, it is essential that organizations take the necessary steps to protect their AI platforms against these types of malicious attacks. This includes implementing robust security measures and regularly monitoring the platform for any suspicious activities. Additionally, it is important to stay up to date with the latest cybersecurity trends and technologies in order to ensure that the AI platform remains secure and protected.

Although OpenAI has programmed ChatGPT with the appropriate rules to prevent abuse, hackers have already figured out how to “jailbreak” the platform. In as little as a minute, hackers can generate malicious code for criminal intent. Prior to utilizing ChatGPT, their efforts may have taken days or even weeks.

AI-generated malware and cybersecurity attacks have already occurred. For example, hackers recently used ChatGPT to generate apps that successfully hijacked Facebook users’ accounts.

Preventing cybersecurity attacks and data breaches are of utmost importance for companies that desire to protect their sensitive data and minimize their costs, and now that hackers are using AI platforms to further their criminal activities, it is imperative, now more than ever, for companies to seek the best security solutions.

EstesGroup offers EstesCloud services to protect companies’ private data and systems from cybercriminals who may use new AI platforms for malicious intent. EstesCloud protects companies in a changing society in which AI technology is accelerating and enhancing hackers’ criminal activities. ChatGPT security is included in the private cloud and hybrid cloud infrastructures that we create for our clients.

ChatGPT security isn’t an issue when your powerful, highly capable AI and ERP tools are protected in a reputable data center. EstesGroup is ready to protect companies from hackers who use ChatGPT and other AI platforms to attempt to breach their data systems. The new AI technology will inevitably advance in the future, and as companies embrace and implement AI platforms, security solutions, like EstesCloud, will be necessary to safeguard private data and protect data systems.

EstesGroup realizes that innovation requires responsibility and security solutions, and the Estes’ team of highly skilled and dedicated professionals are ready to assist companies that seek the best cloud protection. Only time will tell how AI platforms will transform company atmospheres, but companies can rest assured that EstesGroup is ready for an artificially intelligent future.

P21 Public Web Client Access – Who’s Your Proxy?

P21 Public Web Client Access – Who’s Your Proxy?

ERP systems have traditionally had a functionality-accessibility problem: ERP systems were highly functional, but not especially accessible – they normally required desktop fat-client applications for access, and these were often hamstrung by local access requirements, making applications far from mobile. 

As internet architectures became more and more robust, the possibility of web browser-based ERP became a reality, with new ERP vendors designing and building their software around the browser, and legacy vendors systems hastening to retrofit their existing ERP systems to accommodate the browser-based future. 

21 Public Web Client Access

But this introduced a new problem – one of accessibility vs security: the high levels of availability increased the possibility that threat actors could access a company’s ERP system remotely, and cause havoc to company data. 

Most load balancers make it relatively easy to have an app safely deployed publicly. Normally, you run a reverse proxy server that passes traffic to your web app. This obfuscates the info for the destination of the web app and basically acts as a secure gateway to the internal resource. At EstesGroup, P21 Web UI is protected by MFA via a reverse proxy to the identity provider as well. However, administration of the Prophet 21 application introduces additional challenges. The P21 web login page contains a gear icon.

Epicor Prophet 21 Create Connection

If a P21 user clicks the gear, they can access the Middleware server URL value, along with its port.

Prophet 21 Profile Name Server Name

This introduces several complications:

  • It basically shows users a free shortcut around MFA. A clever user can copy and paste the Middleware URL and port into their browser and access the P21 application directly, avoiding the MFA.
  • The Middleware server URL and port are resolved on the P21 client side of the P21 application when logging in. This means, even though the Load Balancer can reverse proxy to the internal resource, it’s not going to be able to resolve the specific Middleware server URL on the P21 client side to complete the P21 login.

To get around these challenges, you might initially think to expose the Prophet 21 Middleware server to the internet and add a public DNS entry for it. But to directly expose P21 Middleware servers to the internet in that manner is a monumental risk. Another option is required.

To address the above issue, we do the following:

  • We create a middleware reverse proxy to direct traffic to the middleware servers.
  • We direct the P21 Web configurations to use the middleware proxy for its respective Middleware Server.
  • We then expose the reverse proxies to the internet, creating DNS records for each of them.

By exposing the Middleware server proxies to the internet through a public DNS instead of the middleware servers themselves, you add a line of defense to the servers, only passing that needed traffic and keeping P21 Middleware Servers from being directly internet-exposed.

Another advantage of reverse proxying is the ability to intercept direct-access attempts. Theoretically, one might try to plug in the Middleware proxy URLs publicly and get access to the P21 API or the P21 Web UI. The reverse proxy allows for the functionality to block certain endpoints, such as the API or web client. When a user sees the Middleware URL in the P21 login settings, if they try to get around MFA and plug that URL in, they get a lovely 403 page, keeping them out of the Middleware. Alternatively, you can also redirect them back to the Web UI home page.

While there are other solutions for increasing accessibility, such as accessing through a VPN, these can at times be unreliable. If you are a decentralized company, with remote employees all over the country, speeds over VPN can be less than ideal on many occasions. Obviously, there are certain risks to opening any resource to the internet. It’s important to consider the attack surface, and the associated risks. At EstesGroup, we isolate any resources open to the internet, and implement Antivirus, Firewalls, and Threat Protection for all endpoints. Along with that, oftentimes, Geofencing helps cut out a lot of noise on any resource open to the internet, to prevent overseas attackers using botnets.

Reverse Proxy Web Server
Cloud Hosting Epicor Kinetic ERP Logo
Marshall Douglas EstesGroup

Marshall Douglas, EstesGroup Systems Engineer

Have questions about Epicor P21 public web client access? Schedule a free consultation or ERP cloud solutions demo with the author now. 

5 Ways Cloud Deployment Changes SYSPRO ERP

5 Ways Cloud Deployment Changes SYSPRO ERP

SYSPRO ERP Cloud Deployment vs. On-Premise Infrastructure

Top manufacturers and distributors are choosing private or hybrid cloud deployment for enterprise resource planning (ERP) software. This is especially true for cloud-ready ERP systems, like Epicor Prophet 21 and SYSPRO ERP. On-premise deployment can be limiting in the fast-paced world of manufacturing and distribution. Competition is fierce, cybercrime is rampant, and compliance regulations demand visibility and competition. 

Cloud Deployment SYSPRO ERP

Fortunately, cloud deployment of ERP systems like SYSPRO offers you a competitive edge with increased visibility, improved growth potential, enhanced control, long-term scalability and affordability. Moreover, fully managed ERP hosting in a data center gives your business speed, reliability, and a written 100% uptime service level agreement (SLA).

SYSPRO cloud-ready ERP helps your business leverage data while protecting it, and a private or hybrid cloud deployment ensures scalability, security, and long-term success. For instance, you can increase control and scalability while gaining valuable insights into every part of your manufacturing or distribution business. You gain insight into everything from inventory management to customer relationship management.

Are you cloud-ready but not fully in a cloud of your own? Read on to learn more about why cloud computing is the top trend for companies running ERP software systems like SYSPRO. Business owners, leadership teams, and steering committees continue to look to managed cloud hosting partners like EstesGroup. Why? Most importantly, you can get the ERP consulting and cloud services you need with a 24x7x365 support team ready to serve you throughout your ERP deployment or cloud migration journey. This ensures a good foundation for long-term success with both your software and your technology.

What a Private or Hybrid SYSPRO Cloud Looks Like

Manufacturers and distributors are constantly looking for ways to increase visibility, growth, control, and long-term success. One of the most effective strategies for achieving these goals is to invest in a managed hosting solution for your ERP system. SYSPRO managed hosting provides an array of benefits that can help manufacturers and distributors reach their business objectives.

Benefits of an Estes Cloud Deployment for SYSPRO ERP

An on-premise deployment might be the right decision for your business. However, EstesGroup has seen the following outcomes for manufacturers and distributors that choose to shift to managed hosting solutions. In addition to SYSPRO, we have created success stories for many other complex enterprise resource planning systems. Talk to us to learn more about successful cloud migrations in Epicor Kinetic, Epicor Prophet 21, and Sage ERP.

  • You can stay competitive in your industry by keeping up with digital transformation trends.
  • You get instant access to valuable tools that let you control and analyze security and compliance.
  • You can now gauge success with improved KPI tracking, benchmarking, and monitoring.
  • You can easily customize your business strategy with new access to remote worker enablement tools, offering employees ultimate portability.
  • You can quickly increase or decrease your cloud complexity with consumption-based pricing with no ingress or egress costs.
  • You will instantly gain a valuable external team of SYSPRO enterprise resource planning consultants and technology experts. Your internal team gets everything you need to support both immediate and long-term business goals.

What is SYSPRO in EstesCloud?

EstesCloud hosting (ECHO), also known as a private cloud for SYSPRO or hybrid cloud solutions for any ERP system, is a cloud-based service that provides businesses with the ultimate access to enterprise resource planning software and its related services. SYSPRO is a cloud-ready ERP and is easy to deploy in an external data center. Your EstesGroup data center meets your needs for everything from cybersecurity to backup and disaster recovery. EstesCloud managed cloud services help your business by taking care of your technology while also providing ERP consultants that are always just a phone call away.

With SYSPRO managed hosting, customers can enjoy the benefits of having their own dedicated server without the need to purchase or maintain hardware. The service also includes 24/7 support, automated backups, and scalability options so businesses can easily scale up or down as needed.

1. Increased Visibility

The first benefit of managed ERP hosting for SYSPRO ERP is increased visibility. Access to real-time data on operations, customers, suppliers, and inventory levels, gives manufacturers and distributors good data. You can make informed decisions quickly and accurately. This allows you to respond quickly to changes in the market or to customer demands while also staying ahead of competitors.

Additionally, with SYSPRO’s cloud-based platform, they can access this information from anywhere at any time – giving them greater flexibility when making decisions or responding to customer inquiries.

2. Improved Growth Potential

Another advantage of a hybrid cloud deployment option is improved growth potential. With a cloud-based ERP system like SYSPRO, manufacturers and distributors have the ability to scale up or down as needed. Basically, you won’t need to purchase additional hardware or software licenses. This allows you to save money while still being able to expand your operations as needed.

3. Enhanced Control

SYSPRO managed hosting also brings enhanced control over operations. Manufacturers and distributors gain complete control over their data security measures. This includes encryption protocols that help protect sensitive information from unauthorized access or misuse.

Furthermore, with its built-in disaster recovery capabilities, you can ensure that all data is backed up regularly. If there were ever an issue, your systems could be restored quickly without any disruption in service. This keeps operations running smoothly, even during unexpected events such as power outages or natural disasters.

4. Long-Term Success

Finally, one of the biggest advantages associated with a private ERP cloud is a long-term success thanks to scalability and affordability. Many private or hybrid cloud solutions operate on a pay-per-use model, enabling you to only pay for what you need when you need it. That way, you can avoid dealing with the massive upfront costs associated with purchasing the hardware and software licenses needed to maintain your own cloud network.

5. An EstesGroup Partnership

Ready to get started with a partnership that will bring you immediate access to the best SYSPRO consultants and technology experts in the nation? If you’re ready to get started with your own private or hybrid ERP cloud deployment, EstesGroup can help. We provide fully managed IT and cloud services to all companies across all industries that are using enterprise resource planning software. Connect with us and get access to a team of ERP consultants with years of experience in cloud services and managed IT. We are dedicated to helping you succeed with your ERP project.

How to Respect Data Privacy in 2023

How to Respect Data Privacy in 2023

Data Privacy Week is an annual expanded effort from Data Privacy Day — taking place from January 22 – 28, 2023. The goal of Data Privacy Week is to spread awareness about online privacy among individuals and organizations. The goal is twofold: to help citizens understand that they have the power to manage their data and to help organizations understand why it is important that they respect their users’ data.

As a Data Privacy Week Champion, EstesGroup recognizes and supports the principle that all organizations share the responsibility of being conscientious stewards of personal information.

Data Privacy Week Champion

Data Privacy in 2023: The Story of You that You Wish to Tell

All of your online activity generates a trail of data. Websites, apps, and services collect data on your behaviors, interests, and purchases. Sometimes, this includes personal data, like your Social Security and driver’s license numbers. It can even include data about your physical self, like health data – think about how a smartwatch counts and records how many steps you take. If you are a company owner, you hold the responsibility of protecting your employees and customers by keeping your business data private with the help of cybersecurity solutions that follow compliance regulations.

While it’s true that you cannot control how each byte of data about you and your family is shared and processed, you are not helpless! In many cases, you can control how you share your data with a few simple steps. Remember, your data is precious, and you deserve to be selective about who you share it with!

How Businesses Can Respect Data Privacy

Respecting the privacy of your customers, staff, and all other stakeholders is critical for inspiring trust and enhancing reputation. According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. By being open about how you use data and respecting privacy, you can stand out from your competition.

Be transparent about how you collect, use, and share consumers’ personal information. Think about how the consumer may expect their data to be used. Design settings to protect their information by default. Communicate clearly and concisely to the public what privacy means to your organization, as well as the steps you take to achieve and maintain privacy.

About Data Privacy Week

Data Privacy Week began as Data Privacy Day in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. NCA, the nation’s leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness, leads the effort in North America each year.

About the National Cybersecurity Alliance

The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world. We advocate for the safe use of all technology and educate everyone on how best to protect ourselves, our families, and our organizations from cybercrime. We create strong partnerships between governments and corporations to amplify our message and to foster a greater “digital” good.

Learn how a private or hybrid cloud strategy can help your business with data privacy management today. Please fill out the form below to schedule a free consultation with our ERP, IT or Cloud Services experts, and we’ll do all we can to help your business run better!

Data Center Strategy: How To Cloud Up For Uptime

Data Center Strategy: How To Cloud Up For Uptime

A Cloud is a Data Center and a Data Center is a Cloud?

Cloud applications ultimately sit upon the foundation of a server stack. You can view a cloud-based server as someone else’s computer, and picture these servers housed in a data center, which is their most likely location.

A data center can be simply described as a specified space within a building designed to securely house computing resources.
Data Center Considerations

Servers

Power

Communication

A large data center normally involves an extensive open area, which is divided into racks and cages, to hold the servers themselves, as well as the power and communication connections used to link each individual server with the rest of the data center network. This network would reside in a building with sufficient architecture to allow for rapid data communication, and similarly high-performing connections to the outside world.

The building itself is normally a large and highly secure edifice, constructed from reinforced building materials, as to prevent physical compromise. It is often located on a campus that is itself physically guarded with high fences and rigid gates.

Server

PHYSICAL SECURITY 

DATA CENTER HARDWARE

Cloud Security

CLOUD-BASED SECURITY

DATA CENTER STRATEGY

The Servers Themselves: What Is In Your Data Center?

Inside the building (the data center) exists a complex cooling and ventilation system, to prevent the heat-inducing computing devices from overheating. The campus is supported by redundant power systems, to allow the network to run, even if the main power grid experiences interruption or shutdown. The inner workings of the data center are designed to prevent downtime, but the materials used in construction can vary. Consider a pencil made from wood vs. a pencil made from plastic. Consider further a pencil manufactured from metal built to protect a thin and fragile graphite fragment. 

The ways in which end users can attain access to the resources in a data center can vary due to the fact that cloud provisioning can occur in many layers.

Option A: Cloud Provider = Data Center

Sometimes the cloud provider is itself the data center. Most often this is the case when you want to use server space from a data center, or else wish to collocate your hardware in a data center. For instance, as a customer, you might procure new hardware and move it to one of US Signal’s data centers in a colocation arrangement. This allows you to benefit from US Signal’s physical security, network redundancy, high-speed fiber network, and peering relationships, to allow for a broad array of high-speed communications. 

Option B: Cloud Provider = Data Center Management Firm

Sometimes the cloud provider is an organization that manages the allocation and management of cloud resources for you — they serve as an intermediary between the end customer and the data center. For instance, EstesGroup partners with US Signal. We help customers choose the right server resources in support of the application deployment and management services that we provide for ERP (Enterprise Resource Planning) customers.

Moreover, not all data centers are created equal. Data centers differ in countless ways, including (but not limited to) availability, operating standards, physical security, network connectivity, data redundancy, and power grid resiliency. Most often, larger providers of cloud infrastructure actually provide a network of tightly interconnected data centers, such that you’re not just recruiting a soldier — you’re drafting an entire army. 

As such, when choosing a cloud provider, understanding the underlying data centers in use is as important as understanding the service providers themselves. That said, what are some of the questions that you should ask your provider when selecting a data center? 

Is the provider hosting out of a single data center or does the provider have data center redundancy?

Geo-diverse data centers are of great importance when it relates to overall risk of downtime. Diversely-located data centers provide inherent redundancy, especially beneficial when it comes to backup and disaster recovery.

But what defines diverse? One important consideration relates to the locations of data centers relative to America’s national power grid infrastructure. Look for a provider that will store your primary site and disaster recovery site on separate power grids.

This will bolster you from the potentially of an outage to one of the individual grid locations. Think of the continental divide. On separate sides of the divide, water flows in one of two directions. When it comes to national power grids, support comes from different hubs. Look for a provider who has redundant locations on the other side of the divide to protect you in the event of a major power outage.

Are they based on a proprietary data center, collocated, or leveraging the state-of-the art technology of a leading data center? 

A provider of hosting services may choose to store their data in one of many places. They may choose to leverage a world-class data center architecture like US Signal’s. Conversely, they may choose to collocate hardware that they already own in a data center. Or they may choose, like many managed services providers do, to leverage a proprietary data center, most often located in their home office. 

Colocation is not uncommon among first steps in the cloud. If you own hardware already, and would like to leverage a world-class data center, colocation is a logical option. But for cloud providers, owning hardware becomes a losing war of attrition. Hardware doesn’t stay current, and unless its being procured in large quantities, it’s expensive. These costs often get passed along to the customer. Worse still, it encourages providers to skimp on redundancy, making their offerings less scalable and less robust in the event of disaster events. 

Proprietary data centers add several layers of concern to the colocation option. In addition to the hardware ownership challenges, the provider is not responsible for all the infrastructure responsibilities that come with data center administration, such as redundant power, cooling, physical security, and network connectivity.

Moreover, proprietary data centers often lack the geo-diversity that comes with a larger provider. Beyond infrastructure, security is a monumental responsibility for a data center provider, and many smaller providers struggle to keep up with evolving threats. In fact, Estes recently onboarded a customer who came to us due to their Managed Service Provider’s propriety data center getting hacked and ransomed. 

Is the cloud provider hosting out of a public cloud data center? 

Public cloud environments operate in multi-tenant configurations where customers contend with one another for resources. Resource contention means that when one customer’s resource consumption spikes, the performance experienced by the other customers in the shared tenant will likely suffer. Moreover, many multi-tenant environments lack the firewall isolation present in private cloud infrastructures, which increases security concerns. Isolated environments are generally safer environments. 

Is the cloud provider proactively compliant?

Compliance is more than the adherence to accounting standards — it is a means to guarantee that your provider is performing the necessary due diligence in order to ensure the business practices of an organization do not create vulnerabilities that can compromise the security and reliability assertions of the provider. What compliance and auditing standards does your cloud provider adhere to?

Is your cloud provider compliant according to their own hardware vendor’s standards?

Hardware providers, such as Cisco, for instance, offer auditing services, to ensure their hardware is being reliably deployed. Ensure that your provider adheres to their vendor’s standards. How about penetration testing? Is your provider performing external penetration testing to ensure PCI security compliance? In terms of industry standard compliance frameworks, such as HIPAA, PCI/DCC, and SOC I and SOC II, ensure that your provider is being routinely audited. Leveraging industry standards through compliance regulation best practices can go a long way to make sure they are not letting their guards down. 

What kind of campus connectivity is offered between your data centers and the outside world?

Low national latency is of utmost importance from a customer perspective. Efficient data transfer between the data centers themselves and from a given data center to the outside world is fundamental to a cloud customer. Achieving transactional efficiency is achieved in multiple ways.

For a network to be efficient, the data itself must take as few “hops” from one network to another. This is best achieved through tight partnerships between the data center and both the national and regional ISPs that service individual organizations.

Within the data center network, an efficient infrastructure is helpful. US Signal, for instance, has a 14K mile network fiber backbone connecting its data centers and connecting them to regional transfer stations. This allows US Signal to support 3 ms latency between its 9 data centers, and to physically connect with over 90 national ISPs. This results in an extremely low national latency.

What kinds of backup and disaster recovery solutions can be bundled with your cloud solutions?

Fundamental to a cloud deployment is the ability to provide redundancy in the event of a disaster. Disaster recovery is necessary to sustaining an environment, whether on premise or in the cloud. But a disaster recovery solution must adhere to rigorous standards of its own if it is to be effective. Physical separation between a primary and secondary sight is one such baseline need. Additionally, the disaster recovery solution needs to be sufficiently air-gapped, in order to hit your desired RPO and RTO targets, while avoiding potential cross-contamination between platforms due to an event of hacking, viruses, or ransomware.

What kinds of uptime and reliability guarantees are offered by your data center?

All of the above aspects of a data center architecture should ultimately result in greater uptime for the cloud consumer. The major public data center providers are notorious for significant outages, and this has deleterious effects on customers of these services. Similarly, smaller providers may lack the infrastructure that can support rigorous uptime standards. When choosing a provider, make sure to understand the resiliency and reliable uptime of the supporting platform. EstesGroup can offer a 100% uptime SLA when hosted in our cloud with recovery times not achievable by the public cloud providers.

Uptime has a planned/unplanned component that must also be considered. Many larger cloud providers do not give advanced warning when instances will be shut down for upgrades, which can be extremely disruptive for consumers, and result in a loss of control that conflicts with daily business initiatives. Ensure that planned downtime is a service that is communicated and understood before it happens. 

How scalable is the overall platform?

Scalability has to do with flexibility and speed. How flexible can the resources of an individual virtual machine (VM) be tweaked and how quickly can these changes be made. Ideally, your cloud provider provides dynamic resource pool provisioning — this allows for dynamic allocation of computing resources when and where they are needed.

Some provider environments support “auto-scaling,” which can dynamically create and terminate instances, but they may not allow for dynamic resource changes to an existing instance. In these cases, if a customer wishes to augment resources of any instance, it must be terminated and rebuilt using the desired instance options provided by other providers. This can be problematic. Additionally, provisioning, whether to a new VM or an existing one, should be quick, and not require a long lead time to complete. Ensure that your cloud provider specifies the lapsed time required to provision and re-provision resources.

What are the data movement costs?

The costs associated with the movement of data can significantly impact your total cloud costs. These are normally applied as a toll fee that accumulates based on the amount of data that moves over a given time. So these costs can be unpredictable. But what kinds of data movements occur?

  • Data ingress: data moving into the storage location, as it is being uploaded.
  • Data egress: data out of the storage location, as it is being downloaded. 

Data centers rarely charge for ingress movement — they like the movement of data into their network. But many will charge for data egress. This means that if you want your data back, they may charge you for it.

Sometimes these fees even occur when data is moving within the provider’s network, between regions and instances. If you’re looking for a cloud provider, check the fine print to determine whether egress fees are applied, and estimate your data movement, to understand your total cost. EstesGroup gives you symmetrical internet data transfer with no egress charges, so your data movement does not result in additional charges. This means that your cloud costs are predictable.

Does the cloud provider offer robust support?

Downtime can come from one of many situations. Your ISP could experience an outage, and may need to fail over to your secondary provider.  Or you may encounter an email phishing scam resulting in a local malware attack.  Or you may experience an outage, due to a regional power grid issue. In these extenuating circumstances, you may find yourself in need of contacting your cloud provider in a hurry.

As such, you’ll want a provider that offers robust pre-sales and post-sales support that is available 24/7/365. Many providers offer high-level support only if you subscribe to an additional support plan, which is an additional monthly cost. Wait times are also an issue — you may have a support plan, but the support may be slow and cumbersome. Look for a cloud provider that will guarantee an engineer in less than 60 seconds, 24/7/365.

Are you ready for a tour of one of the best data centers in the world? Meet with the EstesCloud team to get the right cloud strategy for your business.