<Mach 4 Network—Value-Added Internet Presence Provider & Consultancy EST 1996
This is a continuously evolving communiqué, first published circa 2004.
You oft ask:
Scenarios (hint: it's well-beyond "just" web & email hosting)
- Why should I even talk to Mach 4?
- What can you do for me, that
I don't already know... or can get "for free"?
- What the heck is "web
presence consultancy" anyway?
- BUT, I already have... Isn't it just...? Why can't I...? I thought they already... I only want... I was told specifically that... IF _ I can still... So-and-so would... right? Shouldn't you...? Aren't you just...? Because... I'm sure... I've always/never... Might as well... [What "the road to hell" is paved with]
- What do you mean it's actually a subsidized operation... part of the "perks of IT services..."
- traditional web + email hosting... how many mailboxes?
- unmanaged WordPress hosting: fully administered by you
- managed WordPress hosting: incl. updates, security patches, plug-ins, themes
- Joomla! optional: with CiviCRM
- Magento (eCommerce)
- Databases: MySQL, MariaDB, Redis, CouchDB
- email hosting only, web hosted elsewhere (or none)
- standard mailbox: 2 GB, web portal, SPAM/AV dashboard, calendar
- extra mailbox: 12 GB
- MailBiz mailbox: 50 GB
- Exchange mailbox: 25 GB, DLP, etc.
- Exchange Premium: 50 GB, incl. Office 365, DLP, etc.
- web hosting only, email hosted elsewhere (or none)
- see #1.x above for options & levels
- evaluate providers (various approaches & methods)
linkage & coordination: e.g. M4-hosted dynamic site, with some
static content from owner-designed legacy site, embedding external
YouTube steaming, with 3rd-party hosted shopping cart site (and
inventory), with (yet another) external payment gateway (thru your
parent company's account).
- Migration Services / Strategic Guidance
- external → M4
- M4 → external
- ext1 → ext2
- mirroring/redundancy: http/MX
- Advanced DNS
- TLS topics (https & browser landscape)
- all things "certificate" & PKI
- perception vs reality
- practical purposes, intentions, objectives, priorities
- unintended consequences, overlooked scenarios
- Secure Email
- beyond transport TLS @all nodes (Bravo mandate since 2017)
- PKI, PGP, GPG, S/MIME... and the likes of ProtonMail
- SPAM & Spoofing...
- Demystifying SPF, DKIM, DMARC, shattering your "high hope" (of its magical power)
- Demystifying phishing
- Aliases principles & techniques
- PKI Certificates; different classes; purposes, policies & strategies
- non-ISP 3-party DNS service
- misinfo * disinfo re: OpenDNS, 188.8.131.52 and the likes
- coordination with on-premises domain-based DNS/WINS
- considerations for roaming devices
- media streaming (being a broadcaster/publisher)
- SEO demystifying
- CDN, DDOS defense
- "cloud" misnomers
- so-called "VPN" vs VPN (HQ ↔ branches/homes + road warriors)
- what's the point?
- why the former is banned (be it web proxy, or NAT bypass)
- how does it compare to DIA with Static IP, with SLA
- pros & cons against EPL / EVPL / EP-LAN
- VoIP vs SIP vs PSTN/POTS
- Multi-Tenancy Provisioning
- isolation & security, VLAN
- QoS & throttling, partitioning, bursting
- relevant legalities, grey areas, best practices
- IoT Aspect
- this is largely a subset of Subnet Zoning issue
- not unlike Wifi Aspect:
(HOW TO evaluate & obtain legal services, how to work with your
legal advisor/dept. with tangible stipulations & deliverables...
AND HOW NOT TO SELF-INFLICT HARM)
- Internet Domain legal disputes:
- concepts, processes, frameworks, recourses, strategies & tactics
- roles, entities, standing, case law, current climate, trajectory
- common transfer process, barriers and pitfalls
- practical tips re: ICANN and IANA governance
- PCI DSS, HIPAA, SOX, GDPR
- NYS Dept of Financial Services (DFS)
- Cybersecurity Regulation Title 23 NYCRR Part 500
- § 500.19(a) to (d) exemptions
- § 500.17(a)(2)
- tech briefing for management on principles:
- control, data custodianship,
- nodes & pathway + jurisdiction, liabilities, enforceability
- scope, depth, granularity, cascaded/flattened
- the perils of:
- freebie EULA
- press-a-button MSSPs that are RMM out-sourcers
- unbridled outbound agents, invalid/pretend uPnP, or otherwise neutralized LAN/WAN barrier, or
- other ploys which tantamount to manifest self-contradiction
- detect and address
- being corralled through a regime which is convenient and/or advantageous to them, to your detriment
- don't know what they don't know
- shockingly outdated info
- plausible falsehoods
- excessive hedging
- blatant fiduciary violations & misrepresentations
in all cases, SMBs get taken for a ride by practitioners, with ineffectual paths that are
doomed from start. Arm yourself with glossary + roadmap + game plan before embarking... Spare yourself the wild goose chase.
OR... DON'T smack your head against a brick
wall repeatedly, when 2 steps to the side, 1 step forward will do nicely. Murphy is not your friend. 4 Blind Men and an Elephant is a fool's game.