Matt

Many people ask me what I do all day at my job as a Web Systems Administrator at Towson University’s DECO Data Center (DDC).  At a high level, I solve computer problems on a day to day basis.  I am responsible for the smooth running of a data center, and for creating an environment where other people can do their job effectively.  This entails purchasing hardware, installing hardware and software and solving problems that people have with computers.  Many of these problems are new to me so the important thing is being resourceful and knowing where to look for a solution, rather than expecting to have the answer to every question.  Thus, I learn new things every day.

The role of the systems administrator (or sysadmin) is quite diverse and encompasses a variety of specialties (in much the same way as doctors graduate and specialize in surgery, pediatrics, internal medicine, and so on). At the high level, the systems administrator is responsible for building and maintaining the computer systems for an organization. When a system crashes, they fix it. When it under-performs, they tune it, and when it gets old they upgrade it.  Systems administrators are also responsible for patching systems and securing them against viruses and attacks.

My specialty is building and configuring servers and working with developers to deploy websites for clients.  One example is Maryland’s interactive mapping tool, MDiMAP..  I helped build and maintain the infrastructure that hosts this web application.  This infrastructure consists of IBM blade servers and an IBM Storage Area Network (SAN).  The software is ESRI’s ArcGIS Server 10 installed on Windows servers.  I work with a team of administrators to keep this application available and updated on a 24×7 basis.

Image credit: jscreationzs

The road to becoming a systems administrator is be both academic and getting real world experience.  Obtaining a degree in Computer Science or Information Systems can help and in most cases is required.  For those interested in starting a career in IT but already have an undergraduate degree, Towson University’s Applied Information Technology (AIT) program offers Post Baccalaureate Certificates as well as Master’s Degrees for working professionals.  You can choose to specialize in Networks, Security, Databases or Information Technology Management.  Many of the classes are offered on-line and the program is recognized as a top program by the NSA.  In addition, Microsoft and Comptia offer certifications such as A+ or Microsoft Certified Professional (MCP).  Both of these will help but nothing beats getting real world experience to learn troubleshooting skills to solve computing problems.

Happy and safe computing!


Jimmy

If you are like me, it is quite common to work with various operating systems and platforms on a daily basis.  For the most part, these operating systems manage the things that we come to expect like making a USB thumb drive visible to you (i.e. with a drive letter or mount point) as soon as you plug it into your computer’s USB port.  Well, I have an important news flash…this doesn’t always work!

Recently, I was working with a Linux distribution and needed to copy over data to a USB thumb drive.  I connected my thumb drive, and like a disappointing magic trick, nothing happened!  So what did I do?  I had to put on my troubleshooting hat and enter the dreaded (or lovely, depending on how your perceive it) command line terminal.  At the command line, I followed this procedure to get to my USB flash drive:

  1. Elevate to root (su –) or use sudo if you are using an Ubuntu distribution then enter the appropriate password when prompted.
  2. Enter the command lsusb at the command line.  Thankfully for Plug-N-Play, your computer should recognize your USB drive.  If it does not, try plugging into another USB drive and re-issuing the lsusb command.  Since I am on Ubuntu, I have to issue the sudo command and sudo password first as seen below:


3. Look for the device assignment.  Generally, this is done by ‘searching’ using the dmesg command.  After issuing the dmesg | grep ‘disk’ command, I found my device assignment as shown in the output below:


4. Now, let’s create a folder in the Linux file directory to act as a mount point for our USB flash drive.  I am going to create a folder in the /mnt directory called /usbflash’ by issuing the mkdir /mnt/usbflash command.  Since I am on Ubuntu, I have to issue the sudo command as seen below:

5. Now, let us mount our USB drive labeled sdb to the /usbflash directory so that we can use it by issuing the  mount –t vfat /dev/sdb /mnt/usbflash command.  Since I am on Ubuntu, I have to issue the sudo command as seen below:

(Note: vfat specifies the USB flash drive file system.)

And that’s it!  After the drive is mounted, browse to the /mnt/usbflash folder using the command line or graphical file utility to access your files and folders on the USB flash drive.


Jimmy

The hot topic in information technology is “the cloud.”  You may have heard about it online, the office, or have seen it on various TV commercials.  According to Wikipedia, cloud computing “refers to the provision of computational resources on demand via a computer network.”  The cloud gives organizations, government entities, and even individual users that ability to use highly scalable Internet services and resources for business or personal use.  Some core drivers for “cloud technology” include high-speed Internet, grid computing, utility computing, rapid/thin provisioning, clustering, and server virtualization.

Ok, so that sounds nice, but what can an individual or company expect from cloud computing?

Well, the truth is, a lot of companies are taking advantage of “cloud computing” from a service offering and marketing perspective, and companies like Amazon and Google are taking advantage of the hype!

Amazon offers a full “cloud infrastructure” that allows organizations to lease web services and virtual systems for software development and hosting.

Google has taken a different perspective on cloud computing by focusing its attention to the consumer.  Google plans to propose a browser-driven operating system and computing platform that would essentially be “cloud-driven.”  The Google notebook, which consists of a web-browser operating system (Google Chrome) and some utility software, allows an individual to perform all basic computer functions like browsing the web, using e-mail, or working with documents and spreadsheets.

However, all computer functions are driven by the “cloud” and various web services, so processing and storing (i.e. saved documents) are actually performed on remote systems rather than locally.  Aside from having a Google account, the only true requirement to use the Google notebook is being connected to the Internet.  To learn more about “cloud computing” and see Google’s vision of the technology, check out the Google Chrome OS website .

Photo Credit: How Stuff Works


Dawn

Quick, if I say “Maryland Department of Health and Mental Hygiene (DHMH),” what is the first thing that pops into your mind?  I know not much came to me the first time it was said during a staff meeting.   I had heard of DHMH, but since it wasn’t a state agency I regularly interacted with (i.e., State Department of Assessments and Taxation or Maryland Motor Vehicle Administration), I wasn’t too familiar with their mission. But that was then and this is now.

Beginning in September of 2010, Information Systems Solutions (ISS) and the DECO Data Center (DDC) began work to host the DHMH eMedicaid website, which provides secure on-line services for medical providers (e.g., hospitals, doctors, clinics).  ISS’ new work with DHMH included two secure hosting environments with;

  • two clustered database servers,
  • two load balanced web servers, and
  • staging, consisting of one web and one database server.

First ISS and DDC had to establish the environments, then work with DHMH to migrate their database to its’ new home at Towson University.

So, this sounds like a typical hosting contract, nothing new right? Ah hah, but there is something different and ISS and DDC had the fantastic opportunity to learn all about it.   DHMH uses IBM Websphere Application Server (WAS) to manage their applications and respective databases, which reside on a DB2 platform; also new.  Surprisingly, ISS had never had the opportunity to learn it, use it or love it.  WAS supports the broadest range of platforms in the industry and eliminates the one size fits all approach to application management. For DHMH, WAS provided the capability to build, manage and deploy a number of different applications, while at the same time, reducing applications infrastructure costs. For ISS and DDC, hosting a website this complex required a true team approach!

Websphere aside, this project also involved establishing and maintaining a secure hosting environment, not unlike some of our previous experience.  However, with DHMH, besides State Confidentiality Laws and DoIT Information Security Policies, they must also comply with Health Insurance Portability and Accountability ACT (HIPPA) and Health Information Technology for Economic and Clinical Health (HITECH).  ISS and DDC will be working closely with DHMH to ensure the hosting environment remains in compliance with both HIPPA and HITECH.

In addition to having the opportunity to learn a few things, we were also able to share some key-technologies we believe in with DHMH. The DDC was able to educate DHMH about server virtualization.  Not only did this reduce the time needed to build the servers, it also provided DHMH with a much more secure and failsafe environment.  Yeah, I’d call this a win/win situation!

Photo credit: Flickr User Tabitha Hawk


Jimmy

In today’s digital word, Internet security has become very important, but it is often overlooked.   Online users, subscribers, and consumers must take proactive steps to ensure that their personal or financial information is protected even if it is with a trusted entity’s online store, banking website, or log-in portal.  Here are a few best practices that you can follow to help keep you protected as you venture out into cyberspace:

The Golden Rule: “Total security” is a myth – First and foremost, remember that there is no such thing as “total security” online.  You can have all of the technical safeguards in world and follow every best practice guide available for responsible computing, but there is always the potential for a security risk when using an online service.  You put a lot of your trust in a third party, and as such, your Internet security posture is only as robust as the weakest link.  Be sure that you have confidence in the entity or business that you are using for online shopping, banking, etc.  If you shop online frequently, keep an eye on your credit card and bank statements for odd activity.  If your account in compromised, finding out sooner than later will save you many headaches in the long run!

HTTPS (SSL or TLS) – When you login to a portal, proceed to a checkout section on a website, filling out a form, or use online banking, make sure you are connecting over a secure channel.  Look for the lock symbol within your browser and/or look for ‘HTTPS’ in your web browser’s address bar.   This is a security protocol that allows the creation of secure channel using a digital certificate between your computer and an entity’s web site, server, or other service.  Without going into technical detail, a successful connection using HTTPS verifies the identity of the entity as a ‘trusted’ entity and encrypts the transmission between you and the entity’s server.

If your web browser indicates an error with an entity’s certificate (i.e. name mismatch, expiration, or revocation), do not proceed with checkout, logon, or submission of a form.  Additionally, if you are presented a form asking for personal/financial information or a login prompt and you do not see HTTPS or the lock, do not proceed any further.  This means that you are sending your information in clear text, and anything that you submit, can easily be intercepted.

When I was taking the steps to purchase a home, I dealt with a mortgage company that wanted me to submit my information using a form on their website.   I declined to fill out their online form because it asked me submit personal information over an unsecure, unencrypted (non-HTTPS) connection.  In essence, be sure to keep an eye out for examples like this because they are more common than you may think!

Beware of hyperlinks – Think twice before you click that link!  Nowadays, it seems that everyone is sharing links through social media sites such as Facebook and MySpace.  Clicking on a mysterious hyperlink can open up your computer to a host of threats including pop-ups, viruses, and spyware and can potentially steal your personal information.  In other cases, login accounts (i.e. for your bank account logon or a social media service) can be easily hijacked by clicking on a malicious link, so be cautious when surfing the World Wide Web!

Watch out for phishing scams – At some point you may have gotten a phishing e-mail about your bank account or about a password expiration that is absolutely false.  Basically, phishing is a scamming method where malicious adversaries pose as legitimate individuals or entities to obtain personal information, financial information, login accounts, etc.  Some of these can be easily detected while others can be very hard to distinguish because they are targeted and tailored to a very specific audience (This is called “spear phishing”).  Here are some things to look for in a phishing message:

  • Suspicious e-mail address – Take a look at the sender’s e-mail address.  Many e-mail addresses will appear to be from a source that is like the organization in which the phisher is trying to pose (i.e. sender@paypal-inc.com vs. sender@paypal.com).  Be aware of suspicious e-mail addresses!
  • Malicious hyperlink – If you highlight over a hyperlink and see a URL at the bottom of the task bar that does not appear to be from the issuing entity’s website, this is usually a good indicator that it is a phishing scam.  Do not click on the link!
  • Suspicious headlines and requested reply – Some indications of a phishing e-mail will request that you take reply to an e-mail with personal information or request that you take action on item.  If you receive a message indicating that you need to “change your password that is expiring in 6 days” or you need to “verify that your account is still active by replying to this message with your password” is usually a good indicator that it is a phishing scam.  Do not reply to such a message!

As previously stated, if you suspect that an e-mail or message that you receive can be classified as a phish, do not reply to it or click a link that may be associated with it.  Report this to the entity or individual that the phisher is attempting to pose.  If you accidently “click through” to a link that you suspect is a phish, immediately change your account password and contact the impersonated entity or individual.

Practice Due Diligence – It is important to keep your personal computer secure and ultimately your personal information safe.  Here are a few tips to for responsible computing:

  • If you have a laptop and travel frequently, do not leave your laptop unattended in public areas.
  • Be sure to password lock your computer account to prevent unauthorized use.
  • Use an unprivileged account (non-administrator) for everyday computer use.  If you need to do something that requires administrative privileges like installing software, then use the administrator account to do so.  Using an administrator account for everyday computer use can be a security problem.  If you visit a malicious website that executes malicious code while logged in as an administrator, the health of your computer and the security of your personal information are at risk.
  • Install security updates, service packs, and software updates regularly.
  • Install a host-based firewall and anti-virus software.  Install anti-virus signature updates regularly and run scheduled scans on your hard drive(s).
  • Encrypt your personal data!  There are good (and free) software packages that provide encryption capabilities for files and entire drives.