As a Linux administrator, one task you will most certainly be required to know is the controlling of services via the command line. Because many of the servers you will work with will be headless, the services contained within won’t have a GUI app to help you out. So when the likes of Apache, NGINX, MySQL, and Docker need to be started, restarted, or stopped, you’re going to need to have this skill in your back pocket.
As with many Linux tasks, there’s more than one way to take care of these services. Some services have their own control commands, while others depend upon the likes of systemctrl.
Thing is, you have to consider what init system your distribution uses. For those distributions that work with systemd (which is a vast majority), the primary control command is systemctl. With non-systemd distributions, the control command is service. And then, you have to consider that some applications might have their own control command.
This article from TechRepublic Premium takes a look at some of the ways you can control the start, stop, and restarting of services with the Linux operating system.
IT market intelligence agency, IDC, conducted a global study of 2800+ IT decision makers around the world and found that companies at all levels are considering PC as a Service models to reduce costs, shorten refresh cycles and drive IT transformation for their business.
What is PC as a Service?
Dell PC as a Service (PCaaS) combines hardware, software, lifecycle services and financing into one all-encompassing solution – providing a single, predictable price per seat per month provided by Dell Financial Services.
As the name suggests, PC as a Service (PCaaS) from Dell Technologies gives you access to the latest Intelbased hardware, software, lifecycle management and financing services – installed, maintained, and fully supported for a predictable and affordable monthly fee.
PCaaS helps IT meet end users’ changing device needs and preferences; offering maximum business flexibility with lifecycle management for 1-299 devices.
While technology presents today’s businesses with many opportunities, it also presents many challenges. Purchasing IT equipment up front can mean tying up large sums of your annual budget. And maintenance often results in unexpected repair costs.
Learn more about Dell Technologies solutions powered by Intel®.
IT delivers mission-critical business services that an enterprise needs to engage customers, drive innovation, and unleash business potential. These services have to be highly available and responsive,
and the long-term impact of frequent service degradations can be enormous.
To manage business service availability, IT needs event management to be service-aware.
Learn what you need to deliver intelligence and service visibility.
A service level agreement (SLA) is a proven method for establishing expectations for arrangements between a service provider and a customer. Service level agreements involve identifying standards for availability and uptime, problem response/resolution times, service quality, performance metrics, and other operational concepts.
Service level agreements streamline operations and allow both parties to identify a proper framework for ensuring business efficiency and customer satisfaction. On the flip side, businesses can identify where problems lie if service level agreements are not adhered to, then make the necessary decisions to find additional budget funding, impose penalties, or seek alternate providers and staff.
These agreements can exist between businesses (such as between a company and an external cloud provider) or entirely within an organization (such as between an IT department or help desk and its user base). They can be unidirectional (one party assuming responsibility for all details) or bidirectional (both parties share the responsibility for certain elements or actions).
This service level agreement (SLA) policy from TechRepublic Premium provides guidelines for service level agreements and responsibilities for both providers (whether external or internal) and customers.
You can customize the policy to fit the needs of your organization. Since service level agreements can vary depending on the scope or services involved, it is recommended to delete the elements that do not apply to your company.
SaaS replaces the need to physically purchase, install, and deploy application software throughout an organization. Learn more about SaaS, which is now a mainstay for businesses large and small.
With few exceptions, the IT business tools of the modern enterprise, whether a multinational conglomerate or a one-person operation, revolve around cloud computing and the “something-as-a-service” delivery method. Network infrastructure, platforms, application software, and everything in between can all be accessed from anywhere, at any time, with nothing more than an internet connection.
While much of the cloud services available replace the need to purchase expensive hardware, Software as a Service (SaaS) supplants the need to physically purchase, install, and deploy application software throughout an organization. In theory, SaaS transfers the costs associated with initial purchase, regular maintenance, and security management to a third-party vendor, which allows the client to expend resources on other, possibly more productive, endeavors.
This Software as a Service cheat sheet explains what SaaS is, why it is important, who provides it, and how you can get it.
Put simply, Software-as-a-Service is a licensing model in which access to an application is provided to the customer or client on a subscription basis. A third-party vendor controls access and takes responsibility for security, maintenance, and feature upgrades. The software is located on external servers rather than on servers located in-house and is generally accessed with a web browser over the internet.
While the source code for the SaaS applications is owned and maintained by the vendor, the data going into, and being generated by SaaS applications, is generally the responsibility of the customer or client. The data may be stored locally, in the cloud, or in some combination of both.
SaaS applications tend to fall into one of two categories:
Vertical refers to SaaS applications built to serve a specific industry such as healthcare or financial institutions.
Horizontal refers to SaaS applications built to serve a specific market such as office productivity or customer relationship management.
When is SaaS useful?
A number of applications are well-suited to the SaaS distribution model, and in many cases the ability to access software that would otherwise be too expensive to obtain offers a substantial competitive advantage. SaaS levels the playing field for all businesses and gives access to important applications and tools like email, messaging, collaboration platforms, productivity suites, customer relationship management, billing, payroll, sales management, human resource management, content management, and database management.
SMBs, professionals, consultants, and individuals working as part of the gig economy can use SaaS to gain access to sophisticated software, applications, and tools vital to the management of their respective businesses. Large enterprises can transfer some of the costs of software development and maintenance to third parties and concentrate resources on managing and securing data.
The most obvious and most-often cited advantage of the SaaS distribution model is the reduction in initial costs from the development, deployment, and maintenance of software applications. Because the vendor handles those aspects, costs are supported by customers and their subscriptions. The more customers under contract with a vendor, the more funds are available for security, maintenance, and feature upgrades.
SaaS allows more businesses to adopt the economic and strategic theory that suggests business growth can be achieved through the development of new technologies and improvement in production efficiency. Under this strategy, technological innovation is the engine that spurs and drives growth and access to more and better tools though SaaS can only accelerate innovation.
Supplementing this strategy is the ability of SaaS vendors to periodically deploy feature upgrades to customers. As innovations in big data, Internet of Things, and artificial intelligence become more mainstream, tools and features designed to take advantage of them can be developed and deployed by vendors and subsequently used by customers—innovation spurring innovation.
Even before the global coronavirus pandemic, mobility, remote workers, and telecommuting were increasingly important trends for the modern business–that trend has now greatly accelerated. Because SaaS applications can be accessed from anywhere with an internet connection, they are perfect tools for a mobile and remote workforce.
In general, modern SaaS applications and platforms may be modified to fit the needs of your business and often the needs of individual workers. Depending on the SaaS application, customization options may include features such as:
Interfaces can be modified to fit certain job roles and situations;
teams can create virtual collaborative workspaces with their own additional level of access control;
dashboards and reports can be updated dynamically and generated for specific audiences; and
SaaS applications can be integrated with other software using application programming interfaces (APIs).
In addition to reducing the initial costs of development, the costs associated with deploying software is also reduced significantly. Because the application itself is accessed via a web browser and internet connection, there is no need to install or deploy the software on each individual computer or mobile device. While there may still be certain performance requirements, most of the heavy lifting is done by the vendor’s cloud-computing hardware.
Cloud computing also accounts for another advantage of SaaS—scalability. If your business suddenly requires additional application access, a cloud-based SaaS application can ramp up to accommodate the activity. Just as importantly, the capacity could then automatically drop back to normal levels when activity decreases. Customers only pay for the SaaS capacity they use and not for idle capacity they may use in the future.
While the ability to connect to SaaS systems from anywhere there is an internet connection is considered an advantage, it is also the root of the system’s greatest and most common disadvantage. Without a reliable internet connection, the SaaS distribution system is practically useless.
A business relying on SaaS for vital business applications must consider the quality and reliability of their chosen internet service provider (ISP) carefully. Mere minutes of lost productivity because your ISP has an equipment outage could cost your company thousands, perhaps millions, of dollars.
Beyond reliability, and depending on the nature of your business applications, it is also vitally important to evaluate the capacity provided by your chosen ISP. Querying large databases or moving large media files will require more bandwidth than is typical for less-intense applications like email; however, even extremely large bandwidth may not be enough, if there are also latency issues.
There are similar reliability concerns when choosing the service provider for the SaaS applications themselves. Business organizations have to think about the longevity of their provider, their commitment to security, their willingness to customize applications, and their plans for feature upgrades. SaaS requires a business to relinquish some control in order to reap the benefits of the distribution system.
Relinquishing control may also cause problems when the SaaS provider updates certain application features that the business does not want changed. Some feature upgrades will break existing use cases, especially if the business is using a customized version of the software. Some SaaS vendors have been known to eliminate aggregately under used features from their software, which causes problems for businesses that choose to adopt those features.
Choosing a SaaS provider often constrains a business to using that provider’s services–and only that provider’s services–for the foreseeable future. After committing to a SaaS provider, businesses may find it extremely difficult and costly to make a change in providers, regardless of the quality of service.
Relinquishing control may also be problematic in matters of security. Businesses using the SaaS system for applications must consider the security practices of both the ISP and the SaaS vendor. Data flowing from the business to SaaS facilities should be encrypted and strict access controls should be in place and followed at all times. Data protection, regardless of whether SaaS is used to process it, is the ultimate responsibility of the business.
Mitigating all these risk factors can be a full-time job. Before contracting with any SaaS or cloud services provider, businesses must conduct their due diligence and then acquire a comprehensive Service Level Agreement (SLA). The SLA should lay out in great detail what services are offered and what each party expects to receive.
There are thousands of SaaS and cloud service providers operating around the world–some are huge, well-known companies, and some are small startups offering boutique-level software. Cloud services like AWS and Microsoft Azure allow businesses both large and small to compete on the same playing field.
From a historical perspective, one of the most influential SaaS providers is Salesforce, which was formed specifically to provide a cloud-based, browser-accessed version of enterprise-level customer resource management software. Salesforce is now the market leader in the category.
Unlike Salesforce, Microsoft has had to adapt its business model toward SaaS distribution for its office productivity suite Microsoft 365 (formerly Office 365). By moving to a cloud-based offering, Microsoft has become more agile in rolling out features and applications that meet the ever-changing needs of its customers and the business environment.
Adobe Software is another company that has switched its business model to SaaS with great success, whereas companies like Alphabet have been able to parlay existing applications (Google Search) into full cloud offerings like Google Cloud Platform and G Suite.
Almost all SaaS software is available over the internet by visiting a vendor’s webpage. Many of the vendors offer free versions of their software for testing purposes, perhaps with some features disabled or modified to entice users to purchase the paid version. Some vendors opt to offer free trial periods for their software.
No business should make a major commitment of resources toward a SaaS application without first thoroughly vetting the vendor and the software. Major SaaS purchases should always be accompanied by a comprehensive SLA.
The price of a subscription varies from vendor to vendor and can range from inexpensive on a per user basis to considerably expensive. The subscription price of SaaS software does not always reflect the quality. Some of the best reviewed services have low costs.
As an example of a typical SaaS subscription price, consider the per user per month subscription cost of Microsoft 365 Business Standard at $12.50/user/month. On the other hand, the Microsoft 365 Business Basic version costs $5.00/user/month. Businesses can use the one-month free trial to determine which version serves it best.
What is the future of SaaS, and why should we care?
New applications are being converted and/or invented for the SaaS distribution model every year. The lucrative nature of the business model has caught the eye of many innovative application developers and vendors. With the benefits of cloud-based computing, developers can innovate, create, and deploy at a much faster pace than they could in the past.
New SaaS applications dealing with the processing of data collection, data visualization, IoT connections, and artificial intelligence are on the market now. New applications for yet-to-be-discovered innovations are likely to follow. The SaaS model of software and application distribution is now a mainstay of business.
The US Secret Service has warned organizations about a rise in hacks of MSPs and offers advice on how to beef up security.
Many organizations increasingly rely on managed service providers (MSPs) to remotely manage IT infrastructure and other resources. By outsourcing the care and feeding of their network, applications, or security, an organization can save time and money, especially if it lacks the necessary internal staffing and capabilities.
But as MSPs have become more popular, they’ve also become more of an open target for cybercriminals. Since each MSP typically has access to vital resources for multiple clients, a single data breach can unlock the door to a treasure trove of sensitive data.
The level of risk can be even higher if the MSP is home to a server and other physical hardware for a customer. A recent alert from the US Secret Service warns of a rise in hacks of MSPs and offers advice on what providers and customers should do to beef up their security.
As described in a Monday story from ZDNet, threat intelligence firm Armor said in October that it identified at least 13 MSPs that were hacked in 2019, triggering the deployment of ransomware on the networks of their customers. Further, in a phone call with ZDNet, Kyle Hanslovan, CEO at Huntress Labs, said that his company provided support in at least 63 incidents of MSP hacks in 2019 that led to ransomware attacks on customer networks. However, Hanslovan believes that the total number of such incidents could have been more than 100 last year.
The alert from the Secret Service is far from the first such notice in recent years. In October 2018, The National Cybersecurity and Communications Integration Center (NCCIC) warned of ongoing attempts from state-sponsored hacking groups to breach MSPs, especially targeting cloud-based service providers.
“Attackers concentrate their malicious efforts on MSPs because they are now a low-hanging fruit,” Ilia Kolochenko, founder & CEO of web security company ImmuniWeb, told TechRepublic. “Worse, most of the successful intrusions are never detected or reported given that the attackers have strong incentives to conceal the breach that may otherwise trigger an investigation that may depreciate the value of stolen data or even bring a SWAT team to their homes.”
In its advisory, the Secret Service offered advice for both MSPs and their customers to grapple with the rise in hacks and breaches.
Best practices for MSPs
Have a well-defined service level agreement.
Ensure remote administration tools are patched and up to date.
Enforce least privilege for access to resources.
Have well-defined security controls that comply with the regulatory compliance of end users.
Perform annual data audits.
Take into consideration local, state, and federal data compliance standards.
Proactively conduct cyber training and education programs for employee.
Best practices for MSP customers
Audit Service Level Agreements.
Audit remote administration tools being utilized in your environment.
Enforce two-factor authentication for all remote logins.
Restrict administrative access during remote logins.
Enforce least privilege for access to resources.
Utilize a secure network and system infrastructure capable of meeting current security requirements.
Proactively conduct cyber training and education programs for employees.
Risk management is another area that MSP customers need to reevaluate, according to Kolochenko.
“Their third-party risk management process is, however, mostly based on obsolete one-size-fits-all questionnaires,” Kolochenko said. “This bureaucratic approach can be unreasonably burdensome and complex for some small vendors; for others, they are inadequate and otherwise flawed. Organizations should rethink their third-party risk management strategies, making them adjustable and proportional to the risk on a case-per-case basis.”
Lane Roush, vice president of presales engineering at security provider Arctic Wolf, has three recommendations for MSPs.
Enable multifactor authentication. Showing two pieces of evidence to prove who you are is always better than one. MSPs should be enabling multifactor authentication for all of their tools. Doing so would cut down drastically on the probability of experiencing a breach.
Conduct periodic user access reviews. MSPs should regularly conduct manual user access reviews of their systems to track, control, and prevent access to critical assets and systems and ensure their credentials are not available on the Dark Web. It’s important to ensure that only authorized people, computers, and applications can access the information they need. This need for access control is especially true for organizations that may have recently furloughed employees due to COVID-19 and may not have revoked access to all of the systems to which they were previously provisioned.
Maintain or establish aggressive vulnerability management. MSP teams are likely to be swamped managing their customers dealing with remote workers from COVID-19 but they can’t neglect the work of benchmarking and patching. Unpatched vulnerabilities and system misconfigurations are a prime target for attackers.
Cybersecurity Insider Newsletter
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays
It’s tempting, in the heat of the typical support technician’s day, to enter minimal information in service tickets to speed resolution. After all, closing tickets quickly is the goal, right? Fifteen years of industry consulting experience, however, has taught me the opposite is true. It’s important to take a little time to compose and update tickets properly.
Clients and end users will prove better satisfied, less angry and happier, though, if technicians take a moment to properly structure service tickets, enter thoughtful status updates and finish resolving issues by specifying resolution information that proves critical in building an effective knowledge base potentially enabling a teammate to more quickly solve the same issue in the future.
In this TechRepublic Premium article technicians can learn how to properly structure service tickets, gain appreciative customers and end users, and CSAT ratings which will reward your efforts.