What does Strategic Hosting look like in 2012?
Facilitated by Sysadmins at the Summit
All too often, nonprofits treat hosting for their web sites and data sets as a commodity service, focusing on price and convenience rather than a more thorough assessment of tradeoffs between various alternatives.
State of NonProfit Hosting in 2012 - Gunner and Adam
Individual NPO trying to figure out the deal Entity that publishes software and needs hosting providers
“we run micro campaigns and I want to make a micro site and I have no idea where to host it!”
“trying to learn what options to advocate for with nonprofit organizations”
“strategic technical planning, IT audits for clients, and they want advice on strategic hosting solutions and not just the cheapest.”
“curious what’s new, and what other developers are using”
Aspiration’s mission is to help technologists and nonprofits
NPO’s tend to think that thinking about “non-mission stuff” is wrong, and Aspiration tries to help by giving nonprofits recommendations to help them make decisions
Many organizations put all their “eggs in one basket” - developer/agency manages everything: website, content, hosting, domain name and if that relationship goes south - NPO’s can end up really screwed.
So many NPO’s don’t purchase and have access to their Domain name and hosting options
Find good hosting, gets acquired, sold for parts, and then have to start all over finding a new hosting provider
Get the sysadmin out of the way of your hosting
cPanel hosting solves a meta class of problems that allow domain level access and control at an end-user ease of figuring out and managing
no really good open source control panel for web hosting.
Let’s pretend Gunner is a little kid and Adam is going to answer:
Q: what is hosting, what do you do, why should I do business with you? A: Hosting is a thing that puts your website on the web - anyone can do this, but the strategic part with nonprofits comes with the non-technical admins and things people need (like phone support) that npo’s need most
“we end up doing a lot of free tech support for people that has nothing to do with their website but they get that support because they think it is all part of the same thing”
back-ups - look for hosting providers that will automate this (and it will cost a little more) but otherwise, you need to look for ways to remember/automate backing up your data daily on your own
What are the things that as developers you don’t get from your hosting providers that would make it an obvious choice for you?
“we noticed one thing - a bunch of security issues with hosting options, clients get hacked from not doing WordPress updates and clients aren’t going to be there to do the backups and upgrades”
Trying to figure out how to talk to clients and folks - there’s someone in charge of your website, emails, dns, backups, updates and that’s not the same person that designs and develops your website
They don’t understand that if they don’t do maint. on their srevers, then the servers crash and they lose 2 weeks or more of work when they find out the back-ups haven’t been done in a while ...
One option - don’t allow access to those who are less technical as one way to solve problems and just manage it
For especially those small clients - the value added services are the selling point. Have a conversation about the ecology of vendors and how each vendor meets different needs
NPO’s generally need one vendor to speak to, not multiple
Killer feature request is something further valued added with sysadmin tasks and maint. tasks all automated and working with the host/in the space so only one vendor/relationship has to be managed
Engine Yard - hosting ruby on rails, their backend is AWS so the consultant recommends using engine yard and you’re paying for the support
Question - is the file with the passwords encrypted if it’s stored on their site?
Division of power -
One thing that’s really important is knowing our hosting provider has our back
Want to know that if the FBI comes and raids them that the hosting provider won’t just hand over the data, has disc level encryption, crucially important for the folks they work with
high availability - usually something on the high-end, costs about 10x as the basic hosting
shared hosting with high availability - pay twice as much instead of ten times would be nice.
Right now it feels like Engine Yard, Heroku - those aren’t options for those who are in some NPO’s/causes
Want more scalability
Pantheon - Drupal only - terms of good stories and solutions, Great, Fantastic - you can spin up different stacks of drupal/profiles and they have development, test and production servers
you can use git or ftp , deploy and pull code back-ups, control panel for managing all the code is really fantastic, decent price point and if you’re doing basic hosting it’s around $25/month
can spin up the server without paying for it until you use a custom domain name to map to the thing,
A big piece of the strategy is who owns the hardware, where is the hardware and how much does that matter to the client
Who’s the upstream ISP?
How can you find out?
Can you trust your vendor and their partners?
https://www.badger.com/#welcome - open source option
NonProfit Hosting Checklist:
- values aligned? - used by NPO’s? - approach to open software/openness ?
Experiential: - Ease of Admin (e.g. cPanel) - ease of migration? (in and out) - how’s the tech support, and how does it work?
Survivability/Maint. - what’s backup protocal? redundancy? - security - do you know of security breaches at this hosting provider? - legal jurisdiction/policy on request? - uptime/availability - scalability - resiliency - cloud flare case, bunch of proxies that sit in front of their server and are d-dos immune (people can’t anonymously come try to deny your host bandwidth)
http://www.rochenhost.com/ - let’s you pick the country your servers are hosted in (U.S./Euro)
Biz: cost, SLA, terms (privacy)
don’t need to signup for a 5 year contract
standard contract - if you have a standard product term, and add a new feature, the new feature starts a new contract out of sync with your original and sticks you to longer term
try to find a middle ground around hosting and bring the language from techies to a meeting point with NPO’s
Game theory of the cloud - in the 70’s these scientists realized that board games, chess, checkers had mathematical models called “game theory” and there’s a likely and statistaclly predictable limited number of actions based on what you know or don’t know within a game
Can make the assertion that we’re making all of our data easy to find on our servers
if the other side knows everything about us and what do we know about them?
2012 has been the tipping point for governments deciding they want to get serious about cyberattacks and espionage and maybe corporations will start to take this seriously and make Amazon and other hosting options
A host has a better place if they align themselves with a state instead of a customer