<Mach 4 Network—Value-Added Internet Presence Provider & Consultancy EST 1996

This is a continuously evolving communiqué, first published circa 2004.

You oft ask:
Scenarios (hint: it's well-beyond "just" web & email hosting)
  1. traditional web + email hosting... how many mailboxes?
    1. traditional (no CMS/SQL): http, css, javascript, CGI + managed PHP 7.1~7.3
    2. unmanaged WordPress hosting: fully administered by you
    3. managed WordPress hosting: incl. updates, security patches, plug-ins, themes
    4. Joomla! optional: with CiviCRM
    5. Drupal
    6. Magento (eCommerce)
    7. Databases: MySQL, MariaDB, Redis, CouchDB
  2. email hosting only, web hosted elsewhere (or none)
    1. standard mailbox: 2 GB, web portal, SPAM/AV dashboard, calendar
    2. extra mailbox: 12 GB
    3. MailBiz mailbox: 50 GB
    4. Exchange mailbox: 25 GB, DLP, etc.
    5. Exchange Premium: 50 GB, incl. Office 365, DLP, etc.
  3. web hosting only, email hosted elsewhere (or none)
    1. see #1.x above for options & levels
    2. evaluate providers (various approaches & methods)
    3. hybrid linkage & coordination: e.g. M4-hosted dynamic site, with some static content from owner-designed legacy site, embedding external YouTube steaming, with 3rd-party hosted shopping cart site (and inventory), with (yet another) external payment gateway (thru your parent company's account).
  4. Migration Services / Strategic Guidance
    1. external → M4
    2. M4 → external
    3. ext1 → ext2
    4. mirroring/redundancy: http/MX
    5. Advanced DNS
  5. TLS topics (https & browser landscape)
    1. all things "certificate" & PKI
    2. perception vs reality
    3. practical purposes, intentions, objectives, priorities
    4. unintended consequences, overlooked scenarios
  6. Secure Email 
    1. beyond transport TLS @all nodes (Bravo mandate since 2017)
    2. PKI, PGP, GPG, S/MIME... and
    3. the likes of ProtonMail, Hushmail, Tutanota
  7. SPAM & Spoofing... 
    1. Demystifying SPF, DKIM, DMARC, shattering your delusional "high hope" (of its magical power)
    2. Demystifying phishing
    3. Demystifying filtering... coping strategies
    4. Aliases principles & techniques
  8. PKI Certificates; different classes; purposes, policies & strategies
  9. non-ISP 3rd-party DNS service
    1. misinfo * disinfo re: OpenDNS, 9.9.9.9 and the likes
    2. coordination with on-premises domain-based DNS/WINS
    3. considerations for roaming devices, intricate coordination
  10. media streaming (being a broadcaster/publisher)
  11. SEO demystifying
  12. CDN, DDOS defense
  13. "cloud" misnomers
  14. so-called "VPN" vs VPN (HQ ↔ branches/homes + road warriors)
    1. what's the point?
    2. why the former is banned (be it web proxy, or NAT bypass)
    3. how does it compare to DIA with Static IP, with SLA
    4. pros & cons against EPL / EVPL / EP-LAN
  15. VoIP vs SIP vs PSTN/POTS
  16. Multi-Tenancy Provisioning
    1. isolation & security, VLAN
    2. QoS & throttling, partitioning, bursting
    3. relevant legalities, grey areas, best practices
  17. IoT Aspect
    1. this is largely a subset of Subnet Zoning security topic
    2. not unlike Wifi Aspect
  18. legal* (HOW TO evaluate & obtain legal services, how to work with your legal advisor/dept. with tangible stipulations & deliverables... AND HOW NOT TO SELF-INFLICT HARM)
    1. Internet Domain legal disputes: 
      1. concepts, processes, frameworks, recourses, strategies & tactics
      2. roles, entities, standing, case law, current climate, trajectory
      3. common transfer process, barriers and pitfalls
      4. practical tips re: ICANN and IANA governance
    2. compliance: 
      1. PCI DSS, HIPAA, SOX, GDPR
      2. NYS Dept of Financial Services (DFS)
        1. Cybersecurity Regulation Title 23 NYCRR Part 500
        2. § 500.19(a) to (d) exemptions
        3. § 500.17(a)(2)
    3. tech briefing for management on principles: 
      1. control, data custodianship, 
      2. nodes & pathway + jurisdiction, liabilities, enforceability
      3. scope, depth, granularity, cascaded/flattened
    4. the perils of: 
      1. freebie EULA
      2. press-a-button MSSPs that are RMM out-sourcers
      3. unbridled outbound agents, invalid/pretend uPnP, or otherwise neutralized LAN/WAN barrier, or
      4. other ploys which tantamount to manifest self-contradiction
    5. detect and address
      1. being corralled through a regime which is convenient and/or advantageous to them, to your detriment
      2. don't know what they don't know
      3. shockingly outdated info
      4. plausible falsehoods
      5. platitudes
      6. excessive hedging
      7. blatant fiduciary violations & misrepresentations

*Virtually in all cases, SMBs get taken for a ride by practitioners, with ineffectual paths that are doomed from start. Arm yourself with glossary + roadmap + game plan before embarking... Spare yourself the wild goose chase.

OR... DON'T smack your head against a brick wall repeatedly, when 2 steps to the side, 1 step forward will do nicely. Murphy is not your friend. 4 Blind Men and an Elephant is a fool's game.