ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Consulting for a Small Construction Company

    Scheduled Pinned Locked Moved IT Discussion
    128 Posts 16 Posters 57.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JaredBuschJ
      JaredBusch @scottalanmiller
      last edited by

      @scottalanmiller said in Consulting for a Small Construction Company:

      @thanksajdotcom said in Consulting for a Small Construction Company:

      @DustinB3403 said in Consulting for a Small Construction Company:

      Why would you want to reduce cost, and implement Hyper-V and UEB?

      Why not XenServer and Xen Orchestra for the Hypervisor?

      I actually have no Xen experience...sadly... 😢

      Do you have Hyper-V experience? Jared feels Hyper-V has the lower learning curve. I feel XenServer does. I think even he would agree given your Linux background that XenServer would be easier for you.

      Where I disagree with XS is when it needs to be managed by someone not versed in it in detail.

      XS plus an XO subscription is simple along the lines of Hyper-V.

      1 Reply Last reply Reply Quote 0
      • JaredBuschJ
        JaredBusch @thanksajdotcom
        last edited by

        @thanksajdotcom said in Consulting for a Small Construction Company:

        @Jason said in Consulting for a Small Construction Company:

        This is insane.. Small contruction company? Yeah they don't need any of these. They don't even need IT. They can just buy their fresh books or whatever. And email and email service like zoho or office 365 plus cloud storage.

        The biggest thing that I forgot in my OP was that they want to setup a software that uses a server-client model, but I don't see why we couldn't do that on a hosted platform.

        There are huge reason that this software will likely not work. Most revolve around the fact that is was never developed with offsite servers in mind for its client-server communicaiton.

        DashrenderD 1 Reply Last reply Reply Quote 0
        • JaredBuschJ
          JaredBusch @Dashrender
          last edited by

          @Dashrender said in Consulting for a Small Construction Company:

          @DustinB3403 said in Consulting for a Small Construction Company:

          @thanksajdotcom said in Consulting for a Small Construction Company:

          @DustinB3403 said in Consulting for a Small Construction Company:

          Why would you want to reduce cost, and implement Hyper-V and UEB?

          Why not XenServer and Xen Orchestra for the Hypervisor?

          I actually have no Xen experience...sadly... 😢

          It's the most simple Hypervisor out there.

          yeah - no, I won't give you that!

          most certainly not.

          1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender @JaredBusch
            last edited by

            @JaredBusch said in Consulting for a Small Construction Company:

            @thanksajdotcom said in Consulting for a Small Construction Company:

            @Jason said in Consulting for a Small Construction Company:

            This is insane.. Small contruction company? Yeah they don't need any of these. They don't even need IT. They can just buy their fresh books or whatever. And email and email service like zoho or office 365 plus cloud storage.

            The biggest thing that I forgot in my OP was that they want to setup a software that uses a server-client model, but I don't see why we couldn't do that on a hosted platform.

            There are huge reason that this software will likely not work. Most revolve around the fact that is was never developed with offsite servers in mind for its client-server communicaiton.

            He mentioned that the software in question could track in real time access of the techs in the field while the techs are interacting with the ticket system. This implies remote type access. But still, looking at a system that requires a server, instead of cloud product/hosted solution should definitely be re-evaluated assuming they didn't consider this before landing on this choice.

            JaredBuschJ 1 Reply Last reply Reply Quote 0
            • JaredBuschJ
              JaredBusch @Dashrender
              last edited by

              @Dashrender said in Consulting for a Small Construction Company:

              @JaredBusch said in Consulting for a Small Construction Company:

              @thanksajdotcom said in Consulting for a Small Construction Company:

              @Jason said in Consulting for a Small Construction Company:

              This is insane.. Small contruction company? Yeah they don't need any of these. They don't even need IT. They can just buy their fresh books or whatever. And email and email service like zoho or office 365 plus cloud storage.

              The biggest thing that I forgot in my OP was that they want to setup a software that uses a server-client model, but I don't see why we couldn't do that on a hosted platform.

              There are huge reason that this software will likely not work. Most revolve around the fact that is was never developed with offsite servers in mind for its client-server communicaiton.

              He mentioned that the software in question could track in real time access of the techs in the field while the techs are interacting with the ticket system. This implies remote type access. But still, looking at a system that requires a server, instead of cloud product/hosted solution should definitely be re-evaluated assuming they didn't consider this before landing on this choice.

              To me, that means it has mobile ready access. Not that the fat client in the office will work across a WAN.

              1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender
                last edited by

                oh, most definitely.

                1 Reply Last reply Reply Quote 0
                • thanksajdotcomT
                  thanksajdotcom @coliver
                  last edited by

                  @coliver said in Consulting for a Small Construction Company:

                  Why would you even consider a VPS for this? Office 365 or Google Apps will do everything you need. You should also talk them into looking at a modern ticketing/ERP system. Oodo has a hosted option that is generally inexpensive but honestly if they do office 365 they could just use a share point site. Most of the ticketing stuff us pre-built.

                  This software is built very specifically for the type of industry they are in. That's why they are looking to go with it.

                  DashrenderD scottalanmillerS 2 Replies Last reply Reply Quote 0
                  • DashrenderD
                    Dashrender @thanksajdotcom
                    last edited by

                    @thanksajdotcom said in Consulting for a Small Construction Company:

                    @coliver said in Consulting for a Small Construction Company:

                    Why would you even consider a VPS for this? Office 365 or Google Apps will do everything you need. You should also talk them into looking at a modern ticketing/ERP system. Oodo has a hosted option that is generally inexpensive but honestly if they do office 365 they could just use a share point site. Most of the ticketing stuff us pre-built.

                    This software is built very specifically for the type of industry they are in. That's why they are looking to go with it.

                    Sadly I see this often. These packages built for an industry by people who have no regards for proper programming, security.

                    I'm dealing with that at a client now. The software they use simply will NOT run as a non local admin. I had to find a piece of software that runs the application fully as a different user to make it work.
                    A smart user can use this to their advantage to get more access than they should have, luckily, there doesn't seem to be a desire to do so.

                    I'm going to these lengths to offer non admin access for the users when using the rest of the system, i.e. surfing the web, email, attachments, etc.

                    1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @thanksajdotcom
                      last edited by

                      @thanksajdotcom said in Consulting for a Small Construction Company:

                      @coliver said in Consulting for a Small Construction Company:

                      Why would you even consider a VPS for this? Office 365 or Google Apps will do everything you need. You should also talk them into looking at a modern ticketing/ERP system. Oodo has a hosted option that is generally inexpensive but honestly if they do office 365 they could just use a share point site. Most of the ticketing stuff us pre-built.

                      This software is built very specifically for the type of industry they are in. That's why they are looking to go with it.

                      This is exactly what everyone not shopping around for good software or just ignoring common sense says. This pretty much tells us that the decision involved no comparisons and they are blowing you off.

                      coliverC 1 Reply Last reply Reply Quote 1
                      • coliverC
                        coliver @scottalanmiller
                        last edited by

                        @scottalanmiller said in Consulting for a Small Construction Company:

                        @thanksajdotcom said in Consulting for a Small Construction Company:

                        @coliver said in Consulting for a Small Construction Company:

                        Why would you even consider a VPS for this? Office 365 or Google Apps will do everything you need. You should also talk them into looking at a modern ticketing/ERP system. Oodo has a hosted option that is generally inexpensive but honestly if they do office 365 they could just use a share point site. Most of the ticketing stuff us pre-built.

                        This software is built very specifically for the type of industry they are in. That's why they are looking to go with it.

                        This is exactly what everyone not shopping around for good software or just ignoring common sense says. This pretty much tells us that the decision involved no comparisons and they are blowing you off.

                        But obviously they are a special snowflake.

                        1 Reply Last reply Reply Quote 1
                        • C
                          Carnival Boy
                          last edited by

                          "The solution you want, which is perfect for your needs, uses slightly out-dated technology, therefore please choose a different, inferior and more expensive solution"

                          Isn't that putting IT needs before business needs?

                          A client-server solution isn't necessarily crap, or insecure. There may be some additional overheads to consider, in terms of IT support, but these might be trivial. The immediate slagging off of any business that might consider buying a client-server solution is just hysterical.

                          One server, one Windows VM running the client-server application, one Windows VM running file and print services. Unitrends Free Edition to backup it all up.

                          scottalanmillerS 3 Replies Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller @Carnival Boy
                            last edited by

                            @Carnival-Boy said in Consulting for a Small Construction Company:

                            "The solution you want, which is perfect for your needs, uses slightly out-dated technology, therefore please choose a different, inferior and more expensive solution"

                            Isn't that putting IT needs before business needs?

                            The two should be one and the same. And "slightly" outdated is totally missing the point. This is technology that was ridiculous to have been making since the late 1990s. Two decades of not bringing it up to date means that there is incredible business risk involved (based on averages.) This suggests that either we have unmaintaned code, a company that actively doesn't care about the needs of their clients or, most of the time, a company selling an old product that no longer has developers and they can't fix it if they need to.

                            You are making a wild assumption that this is superior or cheaper than modern, well made, supported software. I've never once seen that be true in a situation like this. What I've pointed out above is that companies that say that there is no other option (especially companies is super standard industries like this) is that they didn't look for options and just chose one bad one.

                            JaredBuschJ 1 Reply Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @Carnival Boy
                              last edited by

                              @Carnival-Boy said in Consulting for a Small Construction Company:

                              A client-server solution isn't necessarily crap, or insecure.

                              The architecture is inherently crappy and less secure than alternatives, though. Can it be made secure, yes, but it takes more work and can't get as good. But can it not be crappy? not really.

                              dafyreD 1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller @Carnival Boy
                                last edited by

                                @Carnival-Boy said in Consulting for a Small Construction Company:

                                The immediate slagging off of any business that might consider buying a client-server solution is just hysterical.

                                You've totally missed the point being that they didn't check to see if better options existed, they are blowing off IT advice by making up obvious falsehoods to support their not being willing to look to see if better options exist.

                                1 Reply Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller
                                  last edited by

                                  What that part of the discussion would come down to, and if we want to discuss many would ask for a separate thread which is fine, is whether he should consult and give advice, or if he should just implement anything that the business asks for even if it is harmful.

                                  There is a thread on this on SW right this moment where people are discussing what to do when the business demands RAID 0 for critical data. Do you just do it because they told you to? Do you refuse? Do you recommend something else and explain why?

                                  1 Reply Last reply Reply Quote 0
                                  • C
                                    Carnival Boy
                                    last edited by

                                    Why is it less secure? What are the security risks?

                                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @Carnival Boy
                                      last edited by

                                      @Carnival-Boy said in Consulting for a Small Construction Company:

                                      Why is it less secure? What are the security risks?

                                      It's not huge, you can secure it decently well. But the risk comes from the multiple connection points requiring the database to be more expose. And the much bigger risk is that it requires the database to be doing all of the security work, which databases are not designed to do and not good at, such as ensuring authentication, cleaning the data, etc. Having an application layer in front of the database that is server side provides a massive amount of security potential, including an air gap potential between incoming data and what hits the database.

                                      Firewalls help, but only a little, for client server.

                                      C 1 Reply Last reply Reply Quote 0
                                      • C
                                        Carnival Boy @scottalanmiller
                                        last edited by

                                        @scottalanmiller said in Consulting for a Small Construction Company:

                                        And the much bigger risk is that it requires the database to be doing all of the security work, which databases are not designed to do and not good at,

                                        What do you mean "not designed to do"? Security used by, say, SQL Server, seems pretty integral to the product? I've never heard of any risk arising from SQL Server security? What kind of risk is there? If anything, I'd have less confidence in the security provided by a small software house writing bespoke, industry specific applications, than the security provided by Microsoft's SQL Server developers. Is that wrong?

                                        scottalanmillerS 3 Replies Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @Carnival Boy
                                          last edited by

                                          @Carnival-Boy said in Consulting for a Small Construction Company:

                                          What do you mean "not designed to do"? Security used by, say, SQL Server, seems pretty integral to the product?

                                          It's a tack on and very, very limited compared to what an application does. To do anything much, you have to start moving your application code into the database itself, which has been considered very problematic and a horrible design choice since databases were first invented.

                                          You can do some, and you should have some security at the database, but the hefty, high level (meaning lots of knowledge of the data) should be in a front end application.

                                          1 Reply Last reply Reply Quote 1
                                          • scottalanmillerS
                                            scottalanmiller @Carnival Boy
                                            last edited by

                                            @Carnival-Boy said in Consulting for a Small Construction Company:

                                            I've never heard of any risk arising from SQL Server security? What kind of risk is there?

                                            It's actually pretty common. It's not SQL Server's fault in any way. It's just that it doesn't have the tools to really clean or validate the data. Things like SQL Injection attacks are the most common and can affect either kind of application (C/S or N Tier) but the later has way better potential for tools to combat it.

                                            1 Reply Last reply Reply Quote 1
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 7
                                            • 4 / 7
                                            • First post
                                              Last post