The European Union (EU) and Canada supervises the private sector’s use of personal data while the US has minimal regulation of their private sector. Canada’s privacy laws focuses on “individual autonomy through personal control of information” (Techvibes).The US focuses more on protection from the government while Europe tends to protect their dignity and public image (Identity Bureau Trulioo).
In addition to two federal laws in Canada that protect personal information, there are also provincial laws in Alberta, British Columbia and Quebec that are similar to PIPEDA (Personal Information Protection and Electronic Documents Act). These laws set out ground rules for how private sectors may collect, use, or disclose personal information in a commercial setting. Unlike the US, Canada’s strict privacy laws are recognized by the EU and privacy compliance is overseen by privacy commissioners and ombudsmen at both the federal and provincial levels (Techvibes).
So what does this mean for businesses in Canada?
In today's business market, service organizations are looking for a partner who can help them deploy IT infrastructure services and have the necessary controls and measures that comply with their local and corporate requirements. One of Canadian Web Hosting's core missions is to help businesses meet their SSAE 16 certification requirements (formerly the SAS70), which meets the new international service organizations standards for Type I and Type II reporting.
The Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) issues the SSAE 16 Type II (formerly SAS 70) to service organizations that typically offer outsourced services. An auditor's report details the ability for a service provider's ability to offer adequate controls and safeguards when they host or process data belonging to their customers.
The CSAE 3416 certification is issued under Canadian Institute of Chartered Accountants (CICA), Canadian Standard on Assurance Engagements (CSAE) 3416 to service organizations that typically offer outsourced services. An auditor's report details the ability for a service provider's ability to offer adequate controls and safeguards when they host or process data belonging to their customers.
Okay... then what does this mean for our customers?
Customers can now outsource web-hosting services including Dedicated Servers, virtual servers (VPS), CA Cloud Servers and/or Shared Hosting to a provider that already meets SSAE 16 requirements. In doing so, you can focus your company's time, money, and manpower on core functions that will drive additional revenue to your business. Here are some examples of Canadian Web Hosting's SSAE 16 compliance controls and physical security that our hosting environment supplements:
- Facilities and asset management
- Logical access and access control
- Network and information security
- Computer operations
- Backup and recovery
- Change and incident management
- Organizational and administrative controls
- Security policies, reporting, and monitoring
- Physical and logical security
Canadian Web Hosting is the industry leader in delivering 100% Canadian web hosting solutions for businesses requiring a SSAE 16 certification with their web hosting environment. When combined with our enterprise-grade web hosting hardware, and a securehosting environment that features many leading technologies including our Unified Security Services, Canadian Web Hosting will help you achieve compliance.
- SSL capability
- Enterprise-level, application level protection
- Hardware/Software firewall
- IP-Restricted FTP
- Managed backups with guaranteed retention
- Advanced 24/7monitoring
- Multi-level intrusion prevention (IPS/IDS)
- Anti-Spam, Anti-Malware, Anti-Virus
- Log Management
You probably woke up this morning and wondering what is POODLE and how does it weaken SSL encryption. POODLE stands for "Padding Oracle On Downgraded Legacy Encryption". It was discovered by a trio of Google security researchers last month. It's a weakness in SSLv3, a 15 year old security protocol. They published a technical paper. This vulnerability can allow an attacker to decrypt secure https cookies or web sessions which could be used to login to accounts as you. However, this is a difficult to implement as it involves a man-in-middle attack. It basically means a hacker is intercepting traffic between your computer using a browser and a SSLv3 enabled site. An example is at a public Wi-Fi hotspot set up by a hacker. But decryption happens on average once in every 256 requests.
What can I do as an internet end user?
What can I do as a website operator?
We are currently disabling SSLv3 on all shared hosting servers. For customers running VPS or dedicated servers can send a support ticket.
If you want to disable yourself, visit Qualys and enter your website. You are vulnerable if under Configuration, "SSL 3 is Yes". The folks at DigiCert provided some helpful links to disable in IIS, Apache and Nginx.
CTO / SEO Guru
Canadian Web Hosting
Switching web hosting providers can mean that you prefer to keep your domain registered with the same company for easier customer support. In this case, the domain gets renewed with the new registrar for an additional X number of years and you don’t have to lose the remaining time with the previous registrar that’s already paid for.
So you already have a domain but think transferring it is too complicated? It’s actually way easier than you’d think.
First, log into your current domain registrar or web hosting account, which is typically the place where you can view your account details.
On this registrar backend, you should be able to locate an option to unlock your domain name.
Once unlocked, find your EPP code, also in the backend. Provide this code to your new registrar or web hosting company.
The new registrar will then use your EPP code to pull the domain from your old registrar. They will also see the domain’s owner contact information, i.e. your email address.
Your new registrar will then send an email notification to the email associated with the domain and all you have to do is check this email and verify that you are indeed transferring your domain to a new hosting company. (Just note that domains transferred less than 60 days ago cannot be transferred again until after the wait period.)
Once verified, your new and old registrars will take 3-5 days to transfer your domain. Sit back and relax while they do all the work.
For more help on web hosting and domain registration with Canadian Web Hosting, contact us at 1-888-821-7888 or email email@example.com.
This is the 12th annual conference, which will feature some key note speakers, including VP Sales of Samsung Canada Enterprise Business Geoff Coutts, Principle Architect at Kaseya Dana Epp, and Blackberry Developer Evangelist Manny Elawar.
There will be networking receptions, vendor sessions, and a chance to meet customers from a wide range of business backgrounds.
We’re excited to meet everyone there, send us a tweet to meet up!
With an increase in online business trends, a company’s digital infrastructure should be beneficial to your business and not interfering with its growth. A strong framework is therefore essential to a business’ performance.
Learn the qualities of a good digital infrastructure:
1. Have options.
Your employees should have multiple ways of accessing business applications. With a soaring number of portable electronics being used, employees should have the ability to access their work applications on their phones, tablets, laptops, etc. This increases the rate of communication internally and with customers.
2. Have multi-media applications.
Business applications should be able to handle any type of communication, not just text-based. Think of videos, voice, and other data that could be easily passed between employees and with other businesses and clients.
3. Allow for collaboration.
Increase productivity by using applications that allow for collaboration in real time. Employees that can view and edit projects together save time and get better results.
Understand your current digital infrastructure:
1. Know what your current infrastructure can and cannot do.
Do you know what components you have and whether are necessary?
2. Employees need to know how to use it.
Your employees should have a clear understanding of how to use your digital infrastructure.
3. Think about your physical limitations.
The digital infrastructure needs to be able to handle the environment it is in, such as extreme weather conditions. And when problems arise and employees can’t physically get to work, they need to be able to access your digital infrastructure remotely. Customers also need to be able to get in touch for support.
How to improve your digital infrastructure:
1. Ask your employees and customers.
Find out what they think is missing. Employees and clients are the ones using your infrastructure and providing business.
2. Modify applications and come up with your own if necessary.
Find what’s right for your company and tweak it to make it perfect.
3. Virtualize it.
Use business applications that are accessible outside of your office. Store these systems on a remote server. Virtualizing also helps save you money by lowering support cost.
4. Be up to date.
Consult IT professionals and stay on top of your game. Don’t be spending money and time on developing applications that are soon out of date.