Disaster? The cloud comes to the rescue

Leveraging AWS for quick and efficient DR sites

Disaster usually strikes without a warning. Most enterprises try to insure against all forms and types of disaster by various means and methods that have worked in their previous experience. In most cases the Business Continuity Plan works on one principal- segment, duplicate and secure.

The most common strategy for disaster recovery is segmentation of teams and duplication of infrastructure and data of teams and data. Essentially, positioning teams and data centres in different locations is generally considered the best DR strategy. It is assumed that disaster will not strike in two or more places simultaneously, so safety is assured! But what all these methods don’t promise is foolproof recovery at reasonable cost.

The cost of redundant IT infrastructure and the additional team adds to the budget too. It is not only a capital investment for most enterprises but there is also an opex component of running and maintaining DR sites on an ongoing basis. In addition, there are instances where the regulation needs them to have their DR sites located at specified regions, depending on the size of the company. These sites need to be then maintained and audited too, for compliance to BCP strategies. The sheer volume of the planning and maintenance that goes into the upkeep of these multi-locational sites is an expensive logistics and operational nightmare. Enterprises tend to compromise on their DR strategy due to these financial and operational challenges.

The cloud provides the perfect solution to all these issues, while ensuring multiple advantages over physical data centres even in multiple locations. The biggest advantage is that while creating a DR on cloud, only the requisite infrastructure needs to be provisioned and paid for on an hourly basis. Enterprises save additional costs when compared to a physical data centre as well, because an on premise data centre has fixed server space and if it’s not utilized, it’s again a wasted cost.

In fact the public cloud is an ideal environment for disaster recovery planning, since it is pay per use, completely scalable and easier to manage than multiple locations.

AWS provides the flexibility and scalability to setup DR based on the business requirement, to have either a mission critical always on setup with the complete environment provisioned and running, or have a bare minimum setup with critical data infrastructure replicating with options to scale business applications as required. This flexibility allows business, after disaster recovery, to be up and running within a few hours, if not minutes. CSS Corp helps define the right DR strategy for the customers based on their RPO and RTO requirements, and help them implement and manage a right kind of DR, be it a light weight cost effective pilot light, to a fully functional DR catering to mission critical business. CSS Corp support also provides a fully integrated automated platform using AWS API that facilitates the provisioning and configuration of infrastructure resources, with consistency of recovered data, and executes periodic drills to ensure that DR setup meets the RPO and RTO objectives.

CSS Corp has saved time, cost and effort in ensuring data recovery using – AWS, helping achieve higher savings and greater efficiencies for a number of our clients, for their Data recovery processes.

CSS Corp has designed, deployed and manage DR environments on AWS for several customers, ensuring always on operations by meeting their RPO and RTO requirements, and saving their capital and operational expenses through efficient and effective DR implementations.

Launch a Campaign in 10 minutes

On Demand Marketing Campaigns on AWS

Marketing is the most strategic activity for any organisation that has a product or a service to sell. As any successful marketer will endorse, an intelligent online presence is a pre-requisite for a successful campaign. To ensure the success of a campaign, a systematic planning process needs to be applied. So typically, in order to launch a product successfully, the team needs to chart out a roadmap for the activity – starting with the IT infrastructure requirement (software and hardware) for a website. The servers, storage, hosting space required, networking equipment or applications and robust databases that would drive the campaign usually top the list of requirements, as well as costs.

Budget discussions follow in order that the procurement process can be eased into the timeline. These usually take the course according to the management policies. In most organisations the whole process takes between 4 to 8 weeks. This is usually the lead time for a good marketing campaign launch from ground up.

But once it is launched, the life of a campaign is much shorter. During the planning period as well as post the launch, there is always an inherent wastage of resources, since the infrastructure needn’t operate at 100% all the time. This, wastage of course, translates into costs. In addition, once launched, there will be business peaks and troughs, and these may be an added cost. Peaks- because extra servers is required which needs to be accurately forecasted and provisioned for, and troughs because it adds resources idle cost.

In order to fight these challenges of cost, time, scalability and security, a cloud based web infrastructure is just what is needed. It seamlessly connects users at the lowest possible cost, ensuring speed, ease and economies of scale. In one real life engagement, with the help of the cloud, the time for launching the website reduced seven times while the annual cost was cut by 60%. That is the impact of a change to the cloud for launching a marketing campaign.

The advantages that the cloud platform offers to a marketing campaign activity are numerous. It allows for a high level of automation that drastically reduces costs, helping deploy new infrastructure in as little as 48 hours (as against an earlier 4 weeks program), and hence at a fraction of the cost. The cost advantage of the pay per use model or that offers on-demand capacity is a big part of the advantage too.. With costs savings at every step, the AWS cloud ensures stability of the infrastructure with no user disruption issues even for peak loads of usage. Additional computing capacity can be seamlessly provisioned for on the cloud, with the promise of a compliant and secure environment.

The support that CSS Corp offers to the cloud provided by AWS translates into additional advantages over the basic marketing platform – which is essentially about a marketing environment needed for hosting websites. Fast, robust and able to meet peak business demands, the marketing platform on AWS can be monitored on a continuous basis to ensure the highest threat mitigation abilities. With the cost savings it ensures, using the AWS cloud for marketing campaign activities can be the first step towards a successful campaign, one that has already started saving costs!

Vulnerability management for cloud computing

Vulnerability management is the process of identifying, classifying, remediating, and mitigating vulnerabilities, especially in software and firmware. Vulnerabilities are found in every IT asset that’s developed & it has to be identified at the early stages of development & remediated. Vulnerability management is integral to computer security and network security. The so-called INTERNET – a massive collection of interconnected computers has many discovered & undiscovered vulnerabilities at multiple layers.

Cloud operates at the soft layer & its consumed via internet which makes it have a direct impact on any implications to software & Internet.

In a public IaaS environment, businesses don’t get control over the hypervisor because it’s a multi-tenant environment. Without hypervisor control, security needs to be deployed as agent-based protection on the VM-level, creating self-defending VMs that stay secure in the shared infrastructure and that help maintain VM isolation. Although the agents put more of a burden on the host, the economies of scale in a public cloud compensate, and there are additional cost benefits with CAPEX savings and a pay-per-use approach.

Since Cloud computing operates at the soft layer & thats where its being effectively consumed, its more critical to identify the dependency vulnerabilities & remediate them in a timely manner.

Though vulnerabilities can occur in multiple layers, lets discuss about some key vulnerabilities in 2014 that had impact on cloud computing services & consumers.

Hearbleed vulnerability at entry point or point of consumption of web service which is the responsibility of the consumer & service provider at different layers.ShellShock vulnerability at the operating system level which is the responsibility of the consumer.

Xen vulnerability at the hypervisor layer which is the responsibility of the service provider.By Oct 2014 Security researchers have discovered vulnerability in SSL 3.0 that allows attackers to decrypt encrypted connections to websites. This issue affecting SSLv3, known as POODLE or CVE-2014-3566. This is the responsibility of the consumer.

Baseline Cloud Security – an Absolute Imperative

IT security or Computer security is the top priority of any organization or individual consuming the IT as a service. Digital Information that is created, stored or processed has to be secured especially in todays environment where the threat landscape is ever expanding without defined boundaries.

The full impact of its business advantage that a cloud deployment offers can be leveraged only with the right security technologies, tools and processes in place. Since the public cloud has multiple tenants on same hardware, it is critical that an evolved security strategy be charted out and all stakeholders have complete clarity on the levels of functionality, the access control and perimeter.

To ensure that a specific corner of your public cloud deployment / implementation is safe, there are broadly two categories on which it is demarcated- baseline security and improvised security.

Baseline security

Baseline security is the bare minimum security essentials that needs to be considered using cloud resources themselves. These are mandatory essentials that have to be configured irrespective of the scale of deployment. This blog will provide basic guidelines to configure baseline security the right way. Baseline security will not involve additional cost.

Improvised security

Improvised security as the name indicates is an improvisation in security configuration with the use of external 3rd party tools & services. You may incur additional cost based on the service you choose.

We discuss here the baseline security process for the public cloud.

Baseline security for the cloud is an imperative, to be developed along with the cloud footprint that hosts the IT infrastructure or applications. Specific security measures need to be embedded in the process of the cloud build, and in most cases the basic features of baseline security are offered by the cloud vendor.

AWS (Leader as per Gartner’s cloud infrastructure as a service (IaaS) Magic Quadrant 2014), offers a range of services that can be consumed as utility services. The infrastructure on AWS will be secured by soft firewalls called security groups & virtual private network segregation called VPC. Security groups & Network ACL forms the core framework of AWS baseline security as all the network level security configuration happens at these layers.

Identity and Access Management (IAM), Multi-factor authentication (MFA), CloudTrail, and Trusted advisory are other security essentials that AWS offers to determine where a little extra security would be required. As a general practice every deployment has to be segregated into tiers & security policies will be applied to each tier based on the functionality of the tier.

However, this is only the basic security wall, and it needs to be customised according to the enterprise client’s requirement.

Baseline security is logically deployed at the soft network layer in cloud. The security group is a virtual firewall that separates the cloud infrastructure and the user base (or) internet, and monitors access by creating user groups and providing access to specified IPs and ports.

Amazon Web Services, the leader in public cloud sector, also offers an option of a Virtual Private Cloud, which is the enterprise’s own virtual data center on a public cloud with very tight access and user controls. This can be customised to have their own little security meshes, trusted IP address range, subnets and configuration of route tables and network gateways. Here, it is possible to have multiple layers of security that is designed to achieve complete control access to Amazon EC2 instances, in each subnet.

The Trusted Advisory, (full features available for customers who signed for AWS premium support), is a global dashboard of all vulnerabilities loop holes in the infrastructure deployed in AWS cloud that ensures constant monitoring and alerts on gaps in configuration that could develop into threats or risks.

Apart from the infrastructure layer, virtual layer & Network layer there is also another layer called API layer in cloud. Its important to secure your API layer in cloud. Identity and Access Management (IAM) on the cloud facilitates to create users & groups that needs access to AWS resources which thereby helps to eliminate unauthorized external access and controlled internal access. AWS Cloud Trail is another service of AWS that would help us in API level logging. IAM & Cloud trail works hand in hand providing a virtual layer of security at the API layer.

In order to customise the security initiatives on baseline to their needs, enterprises need an efficient cloud integrator, a support organization with cloud expertise & security consciousness that can ensure maximum security on the cloud while ensuring optimal utility for the public cloud in the enterprise.

Staying clear of the fog… while up in the clouds

Cloud Computing is a “daily spoken” & most commonly used terminology in every forum.

The cloud has long since ceased to be an emerging technology, and there is no longer any convincing required for enterprise to understand its virtue. While there is clarity on its value, its versatility is still being discovered by most early adopters.

Cloud computing can simply be described as computing offered as utility service delivered via internet.

By definition, “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction,” according to NIST.

Characteristics of Cloud Computing:

• On-demand self-service
• Broad network access
• Resource pooling
• Rapid elasticity
• Measured service

Essentially, cloud computing as a form of enterprise process is characterised by certain clearly distinctive features. These lend it extremely scalable and agile for enterprise needs. The on-demand self- service allows process flexibility, while broad network access and the ability of pooling resources along with the rapid elasticity by which it can be scaled add value to its ROI. Of course, the biggest advantage to a cloud adoption comes from the cost savings that the measured service model provides.

This is the characteristic that distinguishes a cloud based infrastructure from a physical infrastructure for IT- and that is the layer that can be the biggest cost savings with its pay as you go models.

Service Models:

Based on the layer in which the cloud service is consumed, Cloud computing can be classified as Infrastructure As A Service (IaaS), Platform As A Service (PaaS) & Software As A Service (SaaS)

Infrastructure as a Service is a provision model in which an organization outsources the IT requirements as a whole – the equipment used to support operations, including storage, hardware, servers and networking components. Infrastructure as a service allows the flexibility of using the precise amount of cloud space in a public cloud as needed by the enterprise, and the flexibility to pay only for that. The service provider is responsible for housing, running and maintaining it. And the enterprise user pays as per use.

Deployment Models:

IaaS can be further classified into 4 types as Private cloud, Public cloud, Hybrid cloud, Community cloud based on base design & implementation of the solution. A cloud is called a “public cloud” when the services are rendered over a network that is open for public use. Public cloud services may be free or offered on a pay-per-usage model. Amazon Web Service’s public cloud leads the pack here.

It is immediately clear that if an enterprise will claim a corner of the public cloud, there will need to be some extra security processes in place, since the cloud is a multi-tenancy space. So, the responsibility of the security rests both with the vendor as well as the user enterprise. Due to the rapidly evolving nature of the cloud landscape, as also the threats coupled with the newer means of accessing data, the process of security implementation is an iterative and evolving exercise. Devising the best possible strategy and implementing it at multiple layers, therefore, becomes a shared responsibility.

To obtain complete clarity on this division of responsibility, the SLAs on the engagement between the vendor and the enterprise have to be clearly laid down. The vendors are responsible for all the hard layers of infrastructure and the physical devices beneath, as well as the hypervisor or the virtualization layer. The enterprise customer, on the other hand, is responsible for the operating system’s security and the applications that run on the operating system. The soft layer houses the networking applications, so the network security is also the enterprise’s responsibility.

Thus divided, the security of a cloud infrastructure can be completely covered. Of course, some baseline security features need to be a part of the cloud implementation and are provided by the vendor, but more on that in our next blog.

How High Will The Cloud Take Us?

A couple of years ago, the IT community ran out of superlatives to use for benefits that cloud computing brought in. It was the proverbial apple that would fall on our top lines…and make everything all right again. The Cloud would help cut costs, streamline processes, and provide secure, infinite space for hosting apps, storage and everything else in between.

Then the hype settled, adoption began, slowly at first and now, IT teams have a steady relationship with the Cloud – it’s here to stay, love it or have doubts on its faithfulness.

Today, after the euphoria has cleared, there are some points that come up, points that could prick the bubble, or hold up the tree. Things that will have to be accepted – like the security risks in these galloping adoption, the question of integration with the existing environment – are now on the forefront of debates. The community is sitting up and giving increasing attention to security applications for the Cloud. This has created a blossoming market for cloud security applications, and at this point, it is largely a matter of choosing the correct one for your enterprise, to ensure the maximum utility is derived from the adoption, without any risks.

However, looking beyond the hype, doubts still persist; it’s like sharing an heir- specially the one that will be inheriting the title, with an outsider. The new kid on the block is amazing, but as a service platform, how will it integrate into a heterogeneous application environment? How will it deliver to the market expectations of secure, consistently available, high performing applications? Within its efficiency, how can an enterprise decide the correct mix- what part private, what part public, how much hybrid? What cocktail of Iaas, Paas and Saas will be the best optimisation model that will work for me? The obvious solution is to chalk out a clear, balanced, enterprise framework that will take into account all the advantages, assuage all the negatives and then decide which way to grow, and how much!

What should be the points to ponder before porting business critical applications and operations on a Cloud environment? How much risk can be taken, and where is the line to be drawn? There needs to be a clear framework for Cloud adoption in any enterprise or the loose ends can trip up the entire migration. Savings and all the benefits can only accrue when the entire adoption process takes care of every concern.

What is imperative for regulating all of these expectations and opinions are Cloud based service matrices that can lay down the SLAs and a clear governance structure that can ensure compliance.

Responsible recycling of e-waste

Management of e-Waste is a serious issue. Currently India is estimated to generate around 4 lakh tonnes of e-Waste annually (Toxics Link, Delhi, 2014). This e-Waste is generated by households, institutions, government offices and the corporate sector. The generation is estimated to go up many times in coming years, making it a critical issue. However, e-waste is not just a problem of waste quantity or volumes. The concern is compounded because of the presence of toxic materials like lead, mercury, cadmium, certain brominated flame retardants (BFRs) and many other chemicals which are carcinogenic in nature.

Currently 95% of e-Waste continues to be recycled by the informal sector. Open burning, acid baths, unventilated work spaces and crude handling of chemicals are typical of these operations, where susceptible groups like children and women are regularly employed. With no safety equipments at hand, the workers in some of the recycling hotspots spread all over the country, are exposed to the toxic cocktails daily with evident affect on there health. The unregulated practices also release hazardous materials in air, water and soil.

The above situation is not meant to overwhelm. It is meant to caution and bring attention to the current situation as also to motivate all generators including households to actually get involved in the solutions.

India introduced progressive legislation in the form of the e-Waste management and Handling Rules in 2012.

These rules make a mandatory guideline for all generators including households to ensure that e-Waste is recycled only by authorised recyclers. In large cities like Bangalore and Chennai there are adequate recyclers who are authorised by the State Pollution Control Board. These recyclers however continue to face difficulties in getting e-Waste to their facilities since a large fraction of e-Waste generated continues to flow to the informal sector.

Currently only a few large companies have introduced internal policies which ensure appropriate storage and safe recycling of all their e-Waste through authorised recyclers. All other generators continue to ignore the rules.

Special attention must be drawn to households where there is practically no awareness about e-Waste and also to the responsibilities of consumers as well as the sales network. On the one hand large retail chains advertise exchange programmes which lure customers to bring in their old electronic equipment including televisions and refrigerators and exchange them for new models. While customers are happy to hand over their e-Waste to these retail outlets they rarely ask the stores what is done with all the e-Waste collected. Recently Saahas in association with EMPRI, the research arm of the Karnataka State Pollution Control Board studied the flow of the e-Waste from these retail chains. It was observed that 90% of these retail chains use services of scrap dealers who purchase the waste from the stores and sell to the informal sector.

It is really surprising that the retail sector has not put any attention to this huge lapse. This situation also arises because of the consumer demanding to be paid for his e-Waste. He does this either through a direct sale to his neighbourhood Kabadiwala or through an exchange programme where he receives a discount against a new purchase.

Over the last few years Saahas has set up drop points for collection of e-Waste in Bangalore. Our experience with running these centres has not been very encouraging since there is very little e-Waste that is actually dropped off by consumers at these centres. This is because the consumers do not get paid for the material dropped.

For now there is a need for readers to connect with the fact that consumers are expected to demonstrate responsible behaviour by using authorised collection centres to drop their e-Waste. These collection centres provide citizens an opportunity not just to comply with the rules but also to ensure that their e-Waste does not become a threat to our health and environment.

Tiger conservation on the rise!

On July 29th, the world celebrated The International Tiger Day. A century ago there were 100,000 tigers that roamed in the wild. Today, this number is down to a painful 3200.

There are many reasons for this – illegal poaching and illegal tiger trade in tiger skin, tooth, bones, claws that are considered potent remedies in traditional Asian medicine, rampant loss of tiger habitat and habitat fragmentation has forced tigers to live in small, isolated pockets of remaining habitat, making it harder for tigers to reproduce. Given the shrinking habitat, there is also rise in man-animal conflict.

The Government of India has taken a pioneering initiative for conserving its national animal, the tiger, by launching the ‘Project Tiger’ in 1973. It is through these efforts that India has half the world’s tiger population in the wild.

The countrywide estimation of tiger in India is done once in four years

Counting Tigers or estimation of their numbers (Tiger Census) is an important exercise to find out that the Tigers are present in healthy numbers and how the Conservation efforts of Forest Department are working on the ground. The process of estimating the number of tigers in a given area is called ‘Tiger census.’ This exercise provides us with an estimate of tiger number, density and change in tiger indices – a measure of tiger occupancy in a given area. Given the diversity and richness of the Nagarhole Tiger Reserve, this year CSS Corp donated 200 camera traps to the Karnataka Forest Department for monitoring of tigers and conducting the Tiger Census at the Nagarhole Forest Reserve .The advantage of camera traps for gathering data on tiger is that along with data on tigers, data are also collected on co-predators, prey, habitat and human disturbance at the same resolution.

Early indications of the results of the census show that the number of tigers have grown. The census, conducted once in four years, revealed a population of 1,706 in 2010 and among them, 300 tigers were found in Karnataka. Finally the efforts to conserve this beautiful animal, yet the most vulnerable to extinction, are paying results.

As responsible citizens we can do our bit as well such as:

• Learn about tigers as much as possible and share the same with others along with the threats they face
• Follow the Forest guidelines when as a tourist
• Support the Zero tolerance approach towards Poaching
• Try and reduce the consumption of products derived from the forests viz paper

Volunteering – the new Mantra to make a difference

Employee volunteering is about giving time, energy and skills-freely. Unlike many things in life there is choice involved in volunteering. Finding new interests and hobbies through volunteering can be fun, relaxing and energizing. What I like about volunteering is that it brings together a diverse range of people from all backgrounds and walks of life and can be a rich source of inspiration. It is an excellent way to develop one’s interpersonal skills. It also offers an incredible networking opportunity. Not only does it help an employee develop lasting personal and professional relationships but it is also helps them learn about people from different environments and backgrounds.

It is for all these reasons and more, that organizations encourage volunteering by its employees. For example, one of the volunteering program at CSS Corp was focussed on E-Waste. It was great to see employees keen to understand more about it and what they could do to make a difference. A key learning from the program – was most of them were honest enough to agree that till date they had not thought about the dangers of junking their old gadgets, or about recycling the e- waste responsibly. However, by the end of the session, there was complete agreement that they need to start caring about the environment and pollution and hence no more junking old phones without thinking first. All participants have committed to change!

Volunteer programs therefore create a superb channel for an engaged corporate culture that attracts top talent and keeps them engaged. It is also an effective way to develop leadership skills. Volunteering can also help develop soft skills such as problem solving, mentoring and communications. For example the volunteering program at CSS Corp is structured to Energize – through Internal Communications, impactful messaging and leadership commitment, Empower – by allocating responsibilities and in the process developing leadership skills through mentoring and feedback and Emulate – giving an opportunity to be role models and create a snowball effect.

I feel through volunteering programs like these, enable and empower individuals to make a difference at their workplace and their homes and give them a sense of responsibility to care for their environment. This goes a long way to show that by having a committed workforce we can change the world!

You cannot leave home without it

Today it’s impossible for us to leave home without our cell phones or laptops, and other electronic devices we use for communication, work, health or leisure. For habitual ‘road warriors’, it has become second nature to be on the move with a sackful of electronic gear. The days when a note book meant a bound paper pad used for scribbling in with a pen or pencil have all but disappeared amongst the youth. Even a generation earlier, telephone numbers (land lines only) would be jotted down in here, bank account numbers, people’s names and postal addresses, and reminders. Now, the devices store it all, on your instruction or from the cloud – the cell phone numbers and email ids of your friends and family, your bank manager, your passwords and passcodes, your work email, your friendly personal Gmail, your favorite pics, your passport details, your social media and your favourite tweets. This super-wired and wall-to-wall gadgeted world means a lot of hardware, big and small, and at the rate electronic fashions change, a good part of this becomes obsolescent – or so your trendier colleagues tell you – every six months.

Cell phone, laptops, iPhone, tablets (the non-medicine ones) are ubiquitous today in cities around the globe – the cell phone for instance is not just an appendage for urban dwellers. Today the cellphone is transforming rural economies too. Cellphone technology is now being used to fight poverty. In most of the developing world, and that means two thirds of the global population, the people that do not have bank account or are known as the “unbanked” population. Suddenly this population has access to financial services through mobile technology – likewise there are many innovative ways ewastetechnology is being used to help the small, rural farmer get access to markets, weather information and alerts.

On a recent visit to Shoolagirivillage in Krishnagiri district, I asked some women in a Self Help Group, (SHG) how many of them had cell phones – with pride almost all of them raised their hands waving their cell phones.

Indeed, we are all getting upwardly mobile and technology is transforming the way we live, how we work and how we communicate. And this is the good news.

The bad news is that we are generating a whole lot of electronic waste that is piling up because technology becomes obsolete very rapidly. The entire world is discarding technology that has come to its end of life – from phones, to computers, to laptops, to TVs, to music systems, to motherboards, and all kinds of household appliances. When that happens, where does your suddenly ‘old’ gear go to? If it’s not tossed into a carton in the loft and forgotten, the chances are that it will make its way into a pile of electronic discards that grows bigger every day creating a there is a mountain of toxic waste.

So should we be concerned and act responsibly even though it is not our headache? The short answer is yes. Because computers and computer peripherals constitute the largest proportion of e-waste and pose a dangerous threat to our health and environment. What makes e-waste complex is that its waste has disparate materials, some highly toxic and some precious.

In India, as in most emerging economies, e-waste recycling is done by the informal sector and is exposed to hazardous work conditions. The vast majority working in this unofficial recycling sector are the vulnerable, urban poor, including women and children.

At CSS Corp, we are conscious of this burgeoning problem and are committed to doing our bit for responsible e-waste management. We are committed to using our electronic goods for a longer period of time, we return all our electrical goods to a certified and recogonised – e-waste recycler and above all, we build awareness among our employees to segregate waste wisely, and that includes e waste . As part of our community awareness building, we work with schools to make the kids aware of the e waste, we are engaged with our local community for better waste practices and engage with our employees too.

Awaiting pre-monsoon showers

 Summer has descended upon the subcontinent.

The cities, towns, plains, and the once salubrious hill stations are heating up. 

The days are hot, the nights are still. There is no escape. 

It is immutable.Everyone waits for  rain. The Malnad is ready to receive her.

Even the beautiful Coffea Arabica  bud is ready. It awaits Revathi ,the pre-monsoon shower.  Revathi, the giver of life, the nurturer.In the wilderness of the Malnad will Revathi keep her date ? But this year she is late again. Her timely arrival is important. For some its life .For some its business as usual. Her arrival announces that the South West Monsoon is on its way.Her drizzle enhances the coffee bloom .The coffee farmer waits in anticipation.  She brings the Malnad back to life.
This year the temperatures in the Malnad touched 36 degrees  against a normal temperature  of 33-34 degrees Celsius. Apart from this higher than normal temperature, there has been a dry spell of  nearly 5 months in the coffee growing areas that is affecting coffee production. But Revathi did not come.

In the year 2009  both Arabica and Robusta suffered losses due to unseasonal heavy rains. Likewise, heavy rains during the blossoming delayed the harvest and lowered crop quality in 2010. There have been periods of drought  In 2002, Karnataka experienced a severe drought for three consecutive years (2001-02, 2002-03 and 2003-04). The IPCC on Climate Change predicts that yields from rain-dependant agriculture could be down by 50% by 2020 . In the Coorg region, some areas have already seen rainfall drop by one-third – from 106 inches per year to 70 inches.

The problem with today’s economy is that we have become obsessed by  the idea of “GDP growth” – which seems to be the single most important measure for success. A green economy is the only sustaining economy – it put values on natural resources, it uses resources sparingly, makes use of its natural capital rather than wasting it and stands committed to environmental protection.Our current GDP models do not recognise the role of natural capital.There is a lot that needs to change. Unless the economic importance of biodiversity and ecosystems, of ecology and forests, not just among economists, but at the level of policy makers, administrators, businesses and the public is understood, the wait for Revathi will get longer.

Up and up and up

“Earth, upon which this moving, breathing life exists.May she bestow on us the finest of her harvests! Earth, the all-sustaining, treasure-bearing, resting-place; Golden-breasted Earth, home of all life, Who bears the sacred fire.” - Atharva Veda Book XII

In a world that is obsessed with higher and higher growth, expressways and XUVs, where SUVs are becoming passé, where development  is equated only with highways, roads and spiffing airports, where man’s insatiable consumption need  has to be met at any cost , where a desire to monetize any and everything , deforestation at the light of speed , where the slow dying of our coral reef does not seem to matter , where unsafe and high pollution levels make our cities unfit for us to breathe in or live in, the dropping dead of bee colonies by the millions, the drying up of our rivers, the destruction of wetlands that give way to sky scrapers, chemical riddled food, where nuclear contamination and radiation uncertainty is accepted, where we are unconcerned  about the acidification of our oceans and parts of our seas being declared sea dead,traffic jams on the 8,848-metre high Everest caused by people who came from far away countries to “conquer” the peak ,instead leave behind  waste on the pristine white mountain , where dams are not good enough, but mega dams is the answer, where glaciers melt rapidly, where peak summer temperatures are reached more frequently than ever, where we want growth at any cost, a significant change happened to our planet.

We crossed 400 parts per million (ppm) of carbon dioxide (C0₂) in the atmosphere again, earlier this month. To preserve a liveable planet, scientists tell us we must reduce the amount of CO2 in the atmosphere from its current level of 400 parts per million(ppm) to below 350 ppm. But instead, we are rapidly and rapaciously adding more C0₂ into the atmosphere, making a planet that will not be habitable by humans.

While I contemplate our present and brood our future, I often ask where is all this leading to, who gains and who benefits  – for it is in this pursuit of what we call a “good life”  that  the falcon cannot hear the falconer.

 

Securing your S3 hosted website

Lets assume that you host your static website on Amazon Web Services S3.

Security is an important activity when it comes to hosting in cloud. You have to lock down all other access to the S3 bucket and validate access externally to S3 bucket. If you were to give access to someone to the S3 bucket, it has to be through IAM (Identity and Access Management) credentials and completely avoid sharing the AWS root credentials to AWS management console.

Cloud flare is a good service that one can use to secure the static website that’s hosted on AWS S3. Cloud flare acts as a Web application firewall in this case, securing your website at application layer.

Sign up for cloudflare.com service and login to cloudflare.com. You can use the free option service to begin with, then later when your business grows you may sign up for paid services as required.

You will be requested to validate your email address first.

1. Once you validate your email address, you can import your DNS records to cloudflare.com
2. You can either create the DNS records manually (or)
3. You can import the DNS records for your current DNS provider to cloudflare.com
4. In your DNS service providers console, you have to update the name servers record so that name servers reference will be made to cloud flare instead of your default DNS service provider. (This is an important step for redirection to cloud flare)
5. Once you have uploaded the domains to cloud flare, you have to enable cloud flare passthru by clicking on the cloud symbol next to the domain
6. You can enable SSL for your website. There is a restriction in terms of number of domains / subdomains to which you can enable SSL for free but for 1 website it should be okay
7. You can also set up redirection rules in cloudflare.com for both SSL redirection by default and also www redirection

Reference:

Pls refer to following links if you face any issues in the above process.

• http://aws.amazon.com/documentation/s3/
• https://support.cloudflare.com/hc/en-us

Happy Hosting !!!