Justin Germino Ramblings

Last week when one of the boys got sick it rapidly swept through the entire family, but this cold had a short duration and I think it had to do with the higher levels of organically derived liquid vitamin c I am taking lately. My wife was pounding down over 5,000mg of vitamin c capsules per day and I just derived mine from drinking it in liquid form.

Of course liquid form is easier to digest and gets processed faster than having to digest the hard pills which they normally come in which is maybe a theory on why the cold didn’t last as long but it could just be other factors too.  Vitamin C is generally a good to have supplement all the time as it helps fight free radical damage as well as support the immune system, you don’t have to wait just until you are sick to have some extra vitamin C in your system.

If you aren’t getting enough vitamin c from nutrition you should consider adding a supplement that you take, it is water soluble so leaves the body fast and is why you should take a dose every day to keep your vitamin c levels replenished.

I have taken vitamin c in so many forms over the year and I prefer it in liquid form instead of the hard pills, I also used to take vitamin c gummies just to vary it up a bit over the years. 

Being the fact that I run so many web properties I have templates and spreadsheets to hold much of the information that need to quickly show advertisers or potential clients at a moment notice, these could be analytics showing my traffic and visitors to my rates if a client wishes to purchase a featured article or a review on one of my properties or social media channels.

One of these templates I use I am offering for free to other bloggers if you are looking for something just easy to manage that has most of the information an advertiser looks for at your fingertips, just customize the template to suit your own online properties and it works from 1 – any number of blog sites you own.

I included instructions on how to update the template too if you need to.

At it’s core, it is simply a table of your site information, your contact information, stats, and your rates that you charge.  Domain Authority is increasingly becoming a number that advertisers are looking at over PageRank so this is definitely one you want to make sure is updated, the higher the number the better and anything over 50 is really good.

All you have to do is,

• Replace Property #x with the name of your website (include URL of base domain) like justingermino.com
• Replace [Your Name] with your actual full name
• Replace [Your Email] with your actual email
• Replace [PR#] with the PageRank for this site (prchecker.com to lookup your PR)
• Replace [PV #] with your average monthly pageviews from last
• 3 months from Google Analytics, must be able to back up with proof.
• Replace [DA #] with your domain authority for the site, use http://moonsy.com/domain_authority/ to lookup DA
• Replace [Social Media Channel] with your strongest social media channel links
• Replace [3rd option] with a 3rd sale option like [link in old post, or write you a guest post for another site]
• Replace [YouTube Video or Other] with some sort of other media content creation option you are selling
• Save Document and cut/paste the info to share to advertisers, potential clients and more
• If you have more sites, just select A16 – D21 and then copy, then insert under Row 22 and keep inserting to add more properties.

Here is the advertising template in excel format if you want to use it for yourself.

Download the advertising-template and let me know if you find it useful.

Some major changes to Google Analytics in the past few days and one of the most noticeable to blog owners was changing the traffic to channels and the delineation between referral traffic and social traffic now.

You can see in the social networks it now includes all social media channels, though strange how it considers deviantART a social channel rather than a referral website.  Even Disqus commenting system is considered a social network if traffic comes in from Disqus and this shows you my top social connections for last 30 days on DragonBlogger.

The other section still includes some thing Google doesn’t understand, like dlvr.it, buffer and twitterfeed should fall under Social as those are networks that broadcast to social networks alone.  T.co is Twitter’s URL shortener and Google should know better than to put that under other.

I have seen a lot of referral traffic from m.topix.com even though I never directly touched this site, logged in or even visited it to my knowledge.  I also get a surprising high amount of referral traffic from tomshardware.co.uk even though I don’t really know how other than when I have posted questions or answers on the comments in articles.

You still get information that you need, and one thing to pay attention to is just how much mobile and tablet traffic you are getting which I see steadily increasing on Dragon Blogger Technology and just shows how much the browser landscape is changing and how rapidly.

About 1/3 of all visits to DragonBlogger.com are now coming from mobile devices, this has to change your strategy in how you market and advertise, and my entire theme structure is very different on a mobile device with WP Touch Pro, but I also found it doesn’t always consistently and reliably work.

Take some time and learn the new Google Analytics information and lay out, see how you can leverage that data to help drive decisions and goals for your blogs and see where your traffic strengths lie and get ideas where you can be spending more time to help further reaching a target audience for your channels.

The number of data centers and cloud services providers have significantly multiplied during the last few years due to the time and cost savings the technology provides to businesses of all sizes. Yet, many organizations are reluctant to migrate to the cloud due to security concerns.

The cloud that continues to grow.

In recent years, business productivity has become increasingly integrated with technology in order to streamline tasks, save on costs, and stay competitive in today’s marketplace.  For this reason, many businesses have switched to cloud-based infrastructures but not without careful consideration of security risks.

If you were to poll a number of businesses which rely on technology for daily activities, you would most likely find conflicting points of view when it comes to cloud security.

Some businesses will claim that shifting IT infrastructure to the cloud actually helps to increase security since most cloud service providers have advanced security technologies in place which support this perception.  Other business owners believe that migrating to the cloud poses more security risks and as a result, they delay moving to the cloud despite the fact that their in-house IT infrastructure is costly to maintain.

Part of the conflicting perceptions which surround the issue of cloud security is the fact that there have been major security breaches within the last year which involved fairly large and well-known companies.  In light of this fact, we will take a look at some of the security breaches which have recently occurred along with some of the top security threats for 2013 and security technologies, which are being used by major data center providers.

What Are Some of the Recent Security Breaches?

The year 2012 marked a significant number of data center breaches which provided hackers with access to a massive amount of personal and financial information.  This year in particular left many businesses wondering whether or not the cloud is a secure place to do business.

Yahoo:  Yahoo suffered a significant security breach in which more than 400,000 Yahoo passwords were revealed on the Internet in an effort to remind people that information security is not 100% foolproof.  To breach the system, hackers deployed a Union-based SQL injection in order to carry out data collection.  As a result, many Yahoo users were urged to change their account passwords.

FBI:  Last spring, FBI devices were hacked by AntiSec, which is a hactivist group that successfully gathered more than one million Apple Unique Device Identifiers (UDID) which were stored on a computer at the Federal Bureau of Investigation.  The breach was believed to be carried out through a Java vulnerability, which allowed the hackers to access device names, phone numbers, user names, and personal addresses.

Nationwide Insurance:   Late in 2012, hackers breached the network for both Nationwide Insurance and Allied Insurance, which are major insurance carriers.  As a result, the personal information of more than one million customers including date of birth, Social Security number, place of employment, and other sensitive information which is used to apply for insurance was subject to unauthorized access.  The massive amount of information stolen from this activity made it a major security breach.

Zappos:  The online shoe and clothing retailer Zappos suffered a significant security breach in which hackers accessed information on more than 24 million customers.  The breach netted names, email addresses, home addresses, credit card numbers, phone numbers, and passwords.  Although Zappos took a proactive response, the fact that the breach involved 24 million customers made it one of the most significant security breaches for 2012.

These are a few examples of security breaches, which occurred within the last year. Top cloud vendors continue to follow the techniques which hackers use to breach security systems to continually improve how they offer services in the cloud.  Next, we will look at some of the threats for 2013 and the security methods which are being used by top cloud vendors for increased data protection.

Current Cloud Security Strategies

In an effort to pinpoint the top cloud threats for 2013, the Cloud Security Alliance (CSA) polled a number of cloud security experts on the most significant threats to the cloud for 2013.  The survey results report was compiled to identify the most current security concerns in the industry.

The main concern of the Cloud Security Alliance is to promote best practices for securing cloud technologies.  The CSA also provides guidance to companies for the implementation of cloud computing in addition to assisting cloud vendors with addressing security models for cloud computing and the delivery of software applications.

That said let’s look at five of the top cloud security threats for 2013 and some of the strategies which are being implemented by major cloud vendors such as Google and Amazon to mitigate the risks associated with cloud services.

Data Loss and Data Breaches: Data loss and data breaches continue to be the top concern of both consumers and businesses partially because of the recent security breaches we discussed earlier in this article.  The reality is that data loss and data breaches can occur outside of malicious attacks by hackers and can be the result of human error, inadvertent deletion by the cloud service provider, physical disaster such as an earthquake or fire, a technology failure, or other type of issue.

Interface and API Vulnerability: Most of the primary cloud vendors use a set of software and application programming interfaces (API) which provide a gateway for cloud customers to manage and access cloud services.  The interfaces help to streamline implementation, management, interaction, and monitoring for cloud services.

The level of security which is used with an API determines the security of the cloud service delivery.  This means that the interfaces must be designed with the appropriate security architecture to prevent both accidental and malicious activities from bypassing policies and protocols.  If the interface is not designed with the proper architecture, this can pose a number of security threats related to integrity, confidentiality, and availability.

Hijacking: Hijacking is an attack method used by hackers to hijack cloud accounts and/or cloud service traffic.  In this instance, the hacker steals the cloud provider’s credentials to gain access to critical areas of a customer’s cloud computer services.  The technique is used to hijack client traffic to websites that appear legitimate but instead are laced with malware designed to steal sensitive data.  It is also used to gain access to servers to eavesdrop on business activities and transactions or access cloud accounts to leverage the power of an organization’s reputation in order to propagate additional attacks.

Shared Technology Susceptibility: Cloud vendors often deliver services by sharing applications, platforms, and infrastructure.  This provides a way to offer services which are scalable which makes it easy for businesses to change services as business needs change.  The shared technology can involve components such as Graphics Processing Units (GPU) Central Processing Unit (CPU) caches and other technologies which do not offer solid isolation platforms to support a multi-tenant infrastructure.  Additionally, the services can be delivered in the form of Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and/or Software as a Service (SaaS).  This presents an additional set of issues for each service which requires an in-depth security configuration since one vulnerability can compromise the entire cloud infrastructure for a business.

Denial of Service: A Denial of Service attack is also known as a DoS attack and is designed to prevent cloud service users from accessing data and services.  When a DoS attack is carried out the attacker overloads the servers with information packets.  This results in excessive consumption of resources such as bandwidth, processing power, memory, and disk space which, in turn, causes an extreme system slowdown.  The end result is a system outage which impedes business processes and prevents data and application access.

So, what should cloud services providers be doing to ramp up security and data protection?

There are many different security strategies and technologies that cloud providers use to circumvent the latest cloud threats.  Most cloud service providers use what is known as layered security processes which provide added assurance for data integrity while still maintaining scalability in order to meet the individual requirements for businesses.  Some of the processes include but are not limited to:

Access Audits:  For businesses which use PaaS (Platform as a Service) some cloud services providers such as Amazon implement auditing strategies which monitor all access activities by using a log which tracks all access instances.  If the business discontinues their authentication processes, then they are automatically discontinued by Amazon. The audit process is carried out without compromising data integrity and access by other users of the platform.

Customer Controlled Commands:  Some of the major cloud service providers such as Google and Amazon provide architecture for virtual commands which are strictly controlled by the cloud service customer.  This means that the customer has full control and at no time can Amazon intercede by logging into the business customer’s operating system.  As a result, a set of practices is used to guide the business customer through the necessary authentication processes in order to access the virtual commands.

Complex Firewall Configurations:  Cloud services providers offer customers a complex firewall solution which can be customized to meet the specific security needs for every business. For example, if the firewall is configured to block all traffic by default and the business wants to initiate inbound traffic, they must open the necessary ports to designate specific inbound traffic while preventing unwanted traffic. It is also possible to configure specific protocols such as IP address identification for inbound traffic.

Automated Intrusion Detection:  Many cloud vendors use automated security applications, which monitor the activities of the cloud servers and report and suspicious activity.  The cloud services provider employs staff to monitor the reports to enable a breach to be immediately detected and mitigated.

Redundancy:  The larger cloud service providers implement servers, which offer redundancy or RAID (Redundant Array of Independent Disks).  If one disk fails, the system will automatically access a new disk, which stores a backup copy of the data.  Such configurations are quite expensive for most businesses to implement in-house which makes securing data in the cloud attractive to many organizations.  Cloud service providers which offer RAID also deploy multiple servers.  In the event one server fails, a secondary server will automatically kick in.  The last layer of this type of data protection system involves an underground vault where data is protected in the event of a natural disaster.

Encryption:  Encryption is the process of scrambling data during transmission to prevent interception by hackers.  When an encryption process is deployed by the cloud services provider, the data is encrypted during transmission and then again when it reaches the storage area.  The customer is then provided with an encryption key which is password protected.  When the encryption key is used is decrypts or ‘unscrambles’ the data so it can be interpreted by the end user.

(Credit: Thanks to the people in Our IT Department for providing the above valuable insight into strategy data)

These are a few of the most common technologies cloud vendors use for data protection. The security strategies will also vary according the cloud services vendor and the type of industry such as government, retail, healthcare services, and others.

It is also important to note that cloud vendors are held to higher standards known as security compliance standards.  This means that they must deploy the latest technologies for protecting data and applications.

This is one aspect which makes cloud services a viable option for many businesses since applying security technologies in-house can result in a large capital expenditure for IT resources in order to meet industry-specific compliance standards.  This option is cost prohibitive for most businesses in today’s economy.             

How Many Business Are Using Cloud Services?

Over the last five years new technological innovations have placed scalable IT infrastructures and services within the economic reach for many enterprises. The new technologies include but are not limited to:

• Increased availability of high speed broadband networks.
• Flexible IT management and delivery.
• Business application virtualization.
• Better security monitoring and management.
• Advanced interfaces which provide better control over cloud infrastructure and services.

For these reasons, more enterprises have been choosing to set aside legacy IT systems which are operated and maintained on the premises. Instead, they are moving toward cloud infrastructures and services to reduce costs while increasing business productivity in order to remain competitive in today’s marketplace.

Can the cloud ever be safe? Is it safer than using a local network?

Cloud services can be quite safe provided the implementation is executed properly.  Businesses which have successfully migrated to the cloud have used careful planning and risk management strategies prior to implementation which significantly reduces the risks associated with this type of venture.  A carefully planned cloud architecture can, in some cases, be much safer than using a Local Area Network (LAN).  This is especially true for companies with limited IT budgets that cannot afford to implement the security technologies necessary to ensure data protection.

Cloud services can also be a safer alternative to local networks if you choose a cloud service provider which deploys the latest security technologies and has passed numerous security compliance standards.  This requires an investment of time on your part to locate a reputable and trustworthy cloud service provider who can supply your business with a secure and reliable infrastructure.

Some helpful resources.

Cloud computing Wikipedia page – http://en.wikipedia.org/wiki/Cloud_computing

A beginner’s guide to the cloud – http://mashable.com/2013/08/26/what-is-the-cloud/

About the Author

Claire is an expert in cloud technologies and network communication. Claire has worked in the IT services sector for numerous years, writing technical articles in her spare time.

That Game Technician who I happen to follow both on Forbes and on his personal blog is giving away a $1500 ASUS Gaming rig to one lucky reader.

Valued at more than $1500, this mid-tower gaming system features the Corsair Carbide 200R case, liquid CPU cooling, the brand new ASUS Maximus VI Gene and ASUS GTX 770, Corsair Force SSD…it’s loaded.

• CPU: Intel Core i5-4670K 3.4GHz Quad-Core Processor
• CPU Cooler: Cooler Master Seidon 120M 86.2 CFM Liquid CPU Cooler
• Motherboard: Asus MAXIMUS VI GENE Micro ATX LGA1150
• Memory: Corsair Vengeance Pro 8GB (2 x 4GB) DDR3-1600 Memory
• Storage: Corsair Force Series GS 128GB Solid State Disk
• Storage: Western Digital Caviar Black 2TB 7200RPM HDD
• Video Card: Asus GeForce GTX 770 2GB
• Case: Corsair 200R ATX Mid Tower Case
• Power Supply: Corsair Professional 650W 80 PLUS Gold Certified ATX12V / EPS12V

RoundsDownRange is co-sponsoring this giveaway with 3 free games: Saints Row IV, ARMA III, and ARMA Tactics!

Click to ENTER THE ASUS GAMING RIG Giveaway and do as many entries as possible to increase your odds of winning!

I am constantly testing new services, advertising mediums and platforms on DragonBlogger.com and recently my last combination of services I am testing have unfortunately dropped my PageSpeed Insights score from a solid 95 to like 80. I am still working on improving where I can but the limitation unfortunately comes with the number of external script calls which are made to serve up content on my site.

Particularly Incentivibe lately cost some latency as does the Lijit networks advertising and the BuySellAds banner takes over a second to render a single 125×125 ad that is hosted on their network which is pretty lousy performance wise. I am limited in my ability to cache or compress content hosted and called from external sources so I am doing everything else I can to try and improve performance until my experimentations and trials run out. Meanwhile, I am still suffering from a staggering drop in traffic and Dragon Blogger is about 30% of the traffic it used to have at the beginning of 2013, the last several months traffic is at an all time low and I can’t tell if it is Penguin, Hummingbird or just my site load times / SEO optimization issues that are really costing the traffic. I don’t have time to actually research and vest, so simply write for the sake of writing.

What I actually think is my five or six articles which generated a large source of traffic simply weren’t trends and as highly sought after anymore which affected the whole site, this is why having so much reliance on SERP traffic and too much traffic to individual posts is far worse than if you can steer that traffic to your homepage. It is so imperative to diversify traffic sources and bring in readers from Social Media, Email and Direct rather than rely completely on Google Search.

I found no penalties at all in Web Master Tools, no indication of anything amiss and my inbound links are amassing more than ever before, so I find that I just simply get lucky with some article hits and some article misses. Two things I know for sure however is that my traffic started decreasing when I switched to Suffusion WordPress theme from my Breaking News WordPress theme, and my traffic dropped when I switched to Synthesis web hosting from Bluehost Web Hosting. I don’t know if coincidence or not but my traffic slide coincided within 30 days of the theme and hosting switch. I did also change to WordPress SEO by Yoast a few months earlier and switched from Livefyre to Disqus as well. So to test I have switched back to AIO SEO to see if it does a better job choosing default descriptions and titles for my older content.

My content production has also decreased as well as site income, my AdSense has dropped by about 1/3 as a result of the traffic loss but fortunately I am still getting quite a few review articles and posts and my small GiveawayContests.net blog is starting to bring in some AdSense which helps offset a little bit (just a little).

My oldest son’s birthday is coming up this Friday and he has been asking for a long time to get Guild Wars 1 for his birthday and wanting to dive into the origins of the original Guild Wars game and see how it compared to the sequel. The idea of having to hunt and capture skills and elite skills by questing appealed to him and he didn’t take to the living world and way Guild Wars 2 presented quests though he loves the game he doesn’t like the skill acquisition and limitations and would have preferred to find and acquire a wider variety of skills that can be used with weapons rather than each weapon having it’s own skills you can unlock very quickly and early on.
[easyazon-image align=”center” asin=”B008Y43IMG” locale=”us” height=”500″ src=”http://ecx.images-amazon.com/images/I/51Ad243MY9L.jpg” width=”357″]

Also his wish was for a copy of the game for me to have and play with him, I found that over the years my boys and I have developed such a close gaming relationship, I almost feel lost and bored when I am not gaming with them and they always have a better time when I am gaming with them as well. Though we all have differences of what our favorites games are and I play as much Minecraft as I can with them it never is enough.

My youngest son Oliver spent an hour playing Guild Wars 2 with me on my birthday not because he loves the game as much as me but because he wanted to do something with me that I wanted to do for my birthday, we had a good time leveling his guardian up 2 levels in his personal story quests while my Gorghost character who is a Charr Necromancer hit level 53 and will likely be the first character I bring to level 80.

So I decided to get all 3 of us a copy of the Original Guild Wars on Friday which is my son’s birthday. The funny thing is I remember when my oldest who turns 10 was just a baby and I used to play the original Guild Wars back then, with his little bouncy chair and I used to rock him at night to help him sleep while I gamed late into the wee hours of the morning.

They grow up so fast.
[easyazon-block align=”center” asin=”B008Y43IMG” locale=”us”]

I have a lot of training on my plate as of late and this includes a short course on learning how to do stop motion animation, a SANS Mobile Security and Ethical Hacking course and working on my Google Analytics certification and my CISM courses for certification. I find my interests and avenues in learning have broadened into so many fields and topics and I am pretty much shotgunning my knowledge around anything and everything that interests me or that I wanted to do.

[easyazon-image align=”center” asin=”B00D6PTMB4″ locale=”us” height=”500″ src=”http://ecx.images-amazon.com/images/I/51ToTtYM6xL.jpg” width=”436″]

I do really want to learn how to play the Guitar and I am actually waiting on Rocksmith 2014 to release and will try leveraging this game/tool as a method to learn how to play the electric guitar from scratch and hopefully also inspire my son to learn how to play by watching how I learn to play a real instrument with this game as well. I always knew that the evolution of games such as Guitar Hero and Rock Band would be real instruments plugged into your consoles and combining learning with gaming. Rocksmith 2014 I envision will be the tool that would put all those wasted hours of Guitar Hero 3: Legends of Rock to shame where I really should have spent that time learning to play a real guitar.

I think the first certification I am going to go for is the Google Analytics certification because I think it is the easiest to achieve and gain. Then will work on my Mobile Security one which is a 6 day 60 hour training course and an option to take the certification after some review and practice exams. The CISM test is in December and my goal is to knock that one off at the end of this year as well.

[easyazon-block align=”center” asin=”B00D6PTMB4″ locale=”us”]

Apparently I rubbed Carl Hancock the wrong way when one of my routine posts that promote Formidable Pro WordPress plugin mentions that it is less expensive than Gravity Forms for an unlimited site license.

So I wondered and thought about when talking about products readers need to be aware of alternatives.  Gravity Forms is popular for sure, but readers may not realize that you can get 90% of the features of Gravity Forms in Formidable Pro for a faction of the cost, especially when features that include some of the Paypal and Mailing List integrations are part of the standard $47 purchase of Formidable Pro but are only included in the $199 version of Gravity Forms.

Now the single license version of Gravity Forms is only $39 but it’s functionality is much more limited than the $47 Formidable Pro.  Gravity Forms does have some features that Formidable Pro does not, such as the ability to hook an action like publishing a post only after confirmation of Paypal payment received.  Formidable Pro can only redirect and send user to the payment screen for payment but cannot confirm the payment if user cancels and leaves.

Still, overall I work with many many bloggers and 99% of the functionality of forms they need is met by Formidable Pro at a fraction of the cost for multiple site license.  The few that need the advanced functionality for the developer license of Gravity Forms are likely to be small businesses that have that exact need for that functionality and have the budget to not break a sweat to pay just about $300 for the license.

But asking someone to not compare a product based on price is like asking someone not to showcase an Apple iPad, or Kindle Fire HDX compared to a Google Nexus 7, they are both Android tablets, one has a faster processor, and more features than the other.  You can compare anything to anything as long as what you point out is true and you are raising awareness.  It prevents people from being stuck thinking that only 1 product exists and raises awareness for alternatives.  It can be a selling point, and also it can cause people to open up debate and arguments or conversation.

I have no problem defending my statements, but let the product sell itself goes against the nature of blogs that specifically do reviews and comparisons of products, comparing products and showcasing differences is what we do.

Working from home used to be a unique and envied situation. With the modern digital working environment working from home is becoming routine in many professions; an increasing majority of people now work from home for one day a week.

Working without a daily commute is blissful but it can make time management a challenge when trying to juggle your workload as well as household tasks and demands of children. If you work from home, the discipline of a strict schedule could help with time management and organization.

Schedule your time

Most people who work from home say that domestic distractions are a constant source of interruption. There is nothing wrong with putting the laundry in or calling the dentist. These little jobs can even serve as breaks in your working day. The important thing is to put it all in a schedule.

It really is the little ways of managing day-to-day life at home which make the biggest difference, as the Everyday Effect campaign points out. Deal with pressing house work, but ensure that it is scheduled in between professional tasks and responsibilities. This will lead to better efficiency on both the home and work fronts.

Have both a start and end to your working day. This may vary according to workload and household duties but it is important that you have both a beginning and a cut off point.

You need your space

First things first; you need a work space. This does not mean a comfy seat in front of the TV with a cushion serving as a laptop desk!

It’s great if you have an extra room which can serve as an office. You can park all of your professional paraphernalia within and have a desk designated for work. At the end of the day, you may want to clear everything away or leave it as it is; it’s up to you.

If you don’t have a spare room make sure you have a clutter-free surface where you can work. You can put it all away at the end of the day and convert it for domestic use. It may be a home office space; it may be a table in the corner of the kitchen. Wherever you have your home workspace, make sure that it is kept clean and tidy with help from Everyday Effects in order to help you concentrate.