What does Strategic Hosting look like in 2012?

From DevSummit
Jump to: navigation, search

Facilitated by Sysadmins at the Summit

Description

All too often, nonprofits treat hosting for their web sites and data sets as a commodity service, focusing on price and convenience rather than a more thorough assessment of tradeoffs between various alternatives.

Notes

State of NonProfit Hosting in 2012 - Gunner and Adam

Individual NPO trying to figure out the deal Entity that publishes software and needs hosting providers

Hosting Ally

“we run micro campaigns and I want to make a micro site and I have no idea where to host it!”

“trying to learn what options to advocate for with nonprofit organizations”

“strategic technical planning, IT audits for clients, and they want advice on strategic hosting solutions and not just the cheapest.”

“curious what’s new, and what other developers are using”

Aspiration’s mission is to help technologists and nonprofits

NPO’s tend to think that thinking about “non-mission stuff” is wrong, and Aspiration tries to help by giving nonprofits recommendations to help them make decisions

Many organizations put all their “eggs in one basket” - developer/agency manages everything: website, content, hosting, domain name and if that relationship goes south - NPO’s can end up really screwed.

So many NPO’s don’t purchase and have access to their Domain name and hosting options

Find good hosting, gets acquired, sold for parts, and then have to start all over finding a new hosting provider

http://electricembers.net/

Get the sysadmin out of the way of your hosting

cPanel hosting solves a meta class of problems that allow domain level access and control at an end-user ease of figuring out and managing

no really good open source control panel for web hosting.

ssh/ftp

Let’s pretend Gunner is a little kid and Adam is going to answer:

Q: what is hosting, what do you do, why should I do business with you? A: Hosting is a thing that puts your website on the web - anyone can do this, but the strategic part with nonprofits comes with the non-technical admins and things people need (like phone support) that npo’s need most

“we end up doing a lot of free tech support for people that has nothing to do with their website but they get that support because they think it is all part of the same thing”

back-ups - look for hosting providers that will automate this (and it will cost a little more) but otherwise, you need to look for ways to remember/automate backing up your data daily on your own

What are the things that as developers you don’t get from your hosting providers that would make it an obvious choice for you?

“we noticed one thing - a bunch of security issues with hosting options, clients get hacked from not doing WordPress updates and clients aren’t going to be there to do the backups and upgrades”

Trying to figure out how to talk to clients and folks - there’s someone in charge of your website, emails, dns, backups, updates and that’s not the same person that designs and develops your website

They don’t understand that if they don’t do maint. on their srevers, then the servers crash and they lose 2 weeks or more of work when they find out the back-ups haven’t been done in a while ...

One option - don’t allow access to those who are less technical as one way to solve problems and just manage it

For especially those small clients - the value added services are the selling point.  Have a conversation about the ecology of vendors and how each vendor meets different needs 

NPO’s generally need one vendor to speak to, not multiple

Killer feature request is something further valued added with sysadmin tasks and maint. tasks all automated and working with the host/in the space so only one vendor/relationship has to be managed

Engine Yard - hosting ruby on rails, their backend is AWS so the consultant recommends using engine yard and you’re paying for the support

Question - is the file with the passwords encrypted if it’s stored on their site?

Division of power -

One thing that’s really important is knowing our hosting provider has our back

Want to know that if the FBI comes and raids them that the hosting provider won’t just hand over the data, has disc level encryption, crucially important for the folks they work with

high availability - usually something on the high-end, costs about 10x as the basic hosting

shared hosting with high availability - pay twice as much instead of ten times would be nice.

Right now it feels like Engine Yard, Heroku - those aren’t options for those who are in some NPO’s/causes

Want more scalability

Pantheon - Drupal only - terms of good stories and solutions, Great, Fantastic - you can spin up different stacks of drupal/profiles and they have development, test and production servers

you can use git or ftp , deploy and pull code back-ups, control panel for managing all the code is really fantastic, decent price point and if you’re doing basic hosting it’s around $25/month

can spin up the server without paying for it until you use a custom domain name to map to the thing,


A big piece of the strategy is who owns the hardware, where is the hardware and how much does that matter to the client

Who’s the upstream ISP?

How can you find out?

Can you trust your vendor and their partners?

https://www.badger.com/#welcome - open source option

NonProfit Hosting Checklist:

Ethereal Stuff:

- values aligned? - used by NPO’s? - approach to open software/openness ?

Experiential: - Ease of Admin (e.g. cPanel) - ease of migration? (in and out) - how’s the tech support, and how does it work?

Survivability/Maint. - what’s backup protocal? redundancy? - security - do you know of security breaches at this hosting provider? - legal jurisdiction/policy on request? - uptime/availability - scalability - resiliency - cloud flare case, bunch of proxies that sit in front of their server and are d-dos immune (people can’t anonymously come try to deny your host bandwidth)


http://www.rochenhost.com/ - let’s you pick the country your servers are hosted in (U.S./Euro)

Biz: cost, SLA, terms (privacy)

don’t need to signup for a 5 year contract

standard contract - if you have a standard product term, and add a new feature, the new feature starts a new contract out of sync with your original and sticks you to longer term

try to find a middle ground around hosting and bring the language from techies to a meeting point with NPO’s

Game theory of the cloud - in the 70’s these scientists realized that board games, chess, checkers had mathematical models called “game theory” and there’s a likely and statistaclly predictable limited number of actions based on what you know or don’t know within a game

Can make the assertion that we’re making all of our data easy to find on our servers

if the other side knows everything about us and what do we know about them?

2012 has been the tipping point for governments deciding they want to get serious about cyberattacks and espionage and maybe corporations will start to take this seriously and make Amazon and other hosting options

A host has a better place if they align themselves with a state instead of a customer