Blog

CNERIS.COM

CNERIS.COM

The choice of a database management system is usually an afterthought when starting a new project, especially on the Web. Most frameworks come with some object-relational mapping tool (ORM) which more or less hides the differences between the different platforms and makes them all equally slow. Using the default option (MySQL in most cases) is rarely wrong, but it’s worth considering. Don’t fall into the trap of familiarity and comfort – a good developer must always make informed decisions among the different options, their benefits and drawbacks.

Database Performance

Historically, MySQL has had a reputation as an extremely fast database for read-heavy workloads, sometimes at the cost of concurrency when mixed with write operations.

PostgreSQL, also known as Postgres, advertises itself as “the most advanced open-source relational database in the world”. It was built to be feature-rich, extendable and standards-compliant. In the past, Postgres performance was more balanced - reads were generally slower than MySQL, but it was capable of writing large amounts of data more efficiently, and it handled concurrency better.

The performance differences between MySQL and Postgres have been largely erased in recent versions. MySQL is still very fast at reading data, but only if using the old MyISAM engine. If using InnoDB (which allows transactions, key constraints, and other important features), differences are negligible (if they even exist). These features are absolutely critical to enterprise or consumer-scale applications, so using the old engine is not an option. On the other hand, MySQL has also been optimized to reduce the gap when it comes to heavy data writes.

When choosing between MySQL and PostgreSQL, performance should not be a factor for most run-of-the-mill applications – it will be good enough in either case, even if you consider expected future growth. Both platforms are perfectly capable of replication, and many cloud providers offer managed scalable versions of either database. Therefore, it’s worth it to consider the other advantages of Postgres over MySQL before you start your next project with the default database setting.

Postgres Advantages over MySQL

Postgres is an object-relational database, while MySQL is a purely relational database. This means that Postgres includes features like table inheritance and function overloading, which can be important to certain applications. Postgres also adheres more closely to SQL standards.

Postgres handles concurrency better than MySQL for multiple reasons:

Postgres implements Multiversion Concurrency Control (MVCC) without read locks Postgres supports parallel query plans that can use multiple CPUs/cores Postgres can create indexes in a non-blocking way (through the CREATE INDEX CONCURRENTLY syntax), and it can create partial indexes (for example, if you have a model with soft deletes, you can create an index that ignores records marked as deleted) Postgres is known for protecting data integrity at the transaction level. This makes it less vulnerable to data corruption.

Default Installation and Extensibility of Postgres and MySQL

The default installation of Postgres generally works better than the default of MySQL (but you can tweak MySQL to compensate). MySQL has some outright weird default settings (for example, for character encoding and collation).

Postgres is highly extensible. It supports a number of advanced data types not available in MySQL (geometric/GIS, network address types, JSONB which can be indexed, native UUID, timezone-aware timestamps). If this is not enough, you can also add your own datatypes, operators, and index types.

Postgres is truly open-source and community-driven, while MySQL has had some licensing issues. It was started as a company product (with a free and a paid version) and Oracle’s acquisition of MySQL AB in 2010 has led to some concerns among developers about its future open source status. However, there are several open source forks of the original MySQL (MariaDB, Percona, etc.), so this is not considered a huge risk at the moment.

When to Use MySQL

Despite all of these advantages, there are still some small drawbacks to using Postgres that you should consider.

Postgres is still less popular than MySQL (despite catching up in recent years), so there’s a smaller number of 3rd party tools, or developers/database administrators available.

Postgres forks a new process for each new client connection which allocates a non-trivial amount of memory (about 10 MB).

Postgres is built with extensibility, standards compliance, scalability, and data integrity in mind - sometimes at the expense of speed. Therefore, for simple, read-heavy workflows, Postgres might be a worse choice than MySQL.

These are only some of the factors a developer might want to consider when choosing a database. Additionally, your platform provider might have a preference, for instance Heroku prefers Postgres and offers operational benefits to running it. Your framework may also prefer one over the other by offering better drivers. And as ever, your coworkers may have opinions!

If you have a view on database selection please add a comment below - we would love to hear your thoughts. If you liked this, you should follow us on Twitter. Check out our YouTube channel where we publish screencasts and other videos.

1. Facebook
Facebook is one of the most recognizable social media platforms in the world. With 2.7 billion monthly active users, more than a third of the world’s population uses Facebook. Founded on February 4, 2004, Facebook has consistently evolved through the years to fit the needs of its users and attract new ones. This includes the acquisition of Instagram and WhatsApp. Businesses can create their own pages, groups, and events. Facebook also offers targeted advertising opportunities for those who want to increase visibility to specific consumers. Businesses can also use Facebook Messenger to send personal messages to customers.

2. Twitter
Twitter gained notoriety as a microblogging site that just included text posts of up to 140 characters. Since its launch in 2006, it has raised that character limit and now lets a user share other media like photos and videos. With about 330 million monthly active users, it’s not as ubiquitous as Facebook. However, it is still widely used among general consumers. Additionally, it can be a useful site for interaction, like joining Twitter chats in your industry or responding to customers who have customer service questions.

3. LinkedIn
LinkedIn is the most popular social media site for professional networking. The platform has over 700 million registered users, with about 300 million active each month. Launched in 2003, LinkedIn allows a user to add their resumes, connect with others in their industry, and even post and respond to job listings. In a marketing sense, LinkedIn is often especially useful for B2B businesses. It even offers paid ads and content publishing options.

4. YouTube
YouTube isn’t just the most popular video-sharing website in the world. It’s also the second most popular search engine behind Google. The company was founded in 2005 and was eventually bought by Google. YouTube has over 2 billion logged-in visitors per month. There are even more who visit the site and watch videos without signing into their own account. Basically, any business that wants to use video marketing can use YouTube to reach a wide audience. The site also provides analytics, facilitates interaction between users, and lets you embed videos in other websites.

5. Pinterest
Pinterest is one part social media site, one part search engine. It consists of digital bulletin boards where a user can save products, project ideas, and inspirational images. For businesses, it’s a perfect place to share product images, unique DIY ideas, recipes, and unique visuals. You can also make content on your sites “pinnable” by including pin-it buttons that allow visitors to share your content to their boards. Pinterest launched in 2010 and has since amassed more than 400 million monthly active users.

6. Instagram
Instagram is another social media channel with a heavy emphasis on visuals. The site launched in 2010 and was later purchased by Facebook. It has more than 1 billion monthly active users and is mainly a mobile platform. Like Facebook, Instagram offers targeted advertising options to help business users reach a specific user. Instagram also offers various posting options, including photos, videos, slideshows, stories, and live streams.

7. Tumblr
Tumblr is a blogging platform that allows several different post formats. You can include quotes, chats, videos, photos, and even audio content. It originally launched in 2007 and is now owned by Automattic. The user base has decreased a bit in recent years. However, it still has about 400 million monthly visitors. The business population isn’t as high on Tumblr as it is on other platforms like Facebook. However, that could potentially help brands stand out from other sites that are oversaturated . It also offers sponsored posts and lets a user easily re-share content.

8. Flickr
Flickr is a popular platform for sharing photos and videos. Launched in 2004, the site was purchased by Yahoo in 2005 and is now owned by SmugMug. It’s especially popular for photographers or businesses that want to see their images shared around the web. You can also use it to find royalty-free images for use in content. The site has lost some of its industry clout in recent years. However, it still has about 90 million monthly users.

9. Reddit
Reddit is a social news and entertainment website with tons of sub-communities dedicated to specific interests. A registered user can submit content and comment on threads to interact with other users. Launched in 2005, the site has amassed a monthly active user base of 430 million. Reddit isn’t super popular with marketers. However, there are tons of active, targeted communities that make it an attractive option for sites looking to reach a new audience. There are also business-related subreddits for those interested in networking or learning.

10. Snapchat
Snapchat is a mobile messaging social media platform. A user can share one-time content with friends or post stories that go out to all that users followers. Released in 2011, the app quickly became popular, especially with young consumers. It has since slowed a bit. However, there are still about 360 million monthly users worldwide using this social media channel. Brands that market to young consumers can set up business accounts and advertise on the app.

11. WhatsApp
WhatsApp is a popular mobile messaging app. You can use it to send images, texts, documents, audio, and video content to another user individually or in groups. Launched in 2010, the company is now owned by Facebook along with Instagram. WhatsApp now has more than 2 billion monthly active users. Small businesses can use the app to easily communicate with customers and prospects on a personal level.

12. Quora
Quora allows users to ask questions and share answers on a variety of topics. Originally launched in 2009, it now has more than 300 million monthly users. Businesses can use Quora to build expertise in a specific area. Question posts also often rank highly in search results. As a result, even those who don’t actively use Quora may come across your responses.

13. TikTok
TikTok is relatively new to the world of social networks. However, it has already made a memorable mark on the social media landscape. The app lets a user create short, creative videos. It already has more than 800 million monthly active users around the world. Businesses can use it to show off their creative side and create viral content as part of their social media marketing.

14. Vimeo
Vimeo is a professional video platform. Though not as widely used as YouTube, it offers quality features perfect for videographers and those who want to share cinematic content. There are about 170 million monthly active users on this social media channel. However, Vimeo users can also share and embed videos on other sites. Users can also access advanced stats and analytics to monitor performance.

15. BizSugar
BizSugar is a social platform specifically for small business owners, entrepreneurs, and managers. The site was created in 2007 and is now owned by Small Business Trends LLC. Users can share videos, articles, blog posts, podcast episodes, and websites. Other users can discuss or vote on the content they love. The site reaches more than 2 million small business owners monthly. As a result, it’s a great place to share resources, gain knowledge, and market to a B2B audience.

16. Mix
Mix is a personalized discovery platform. The company purchased popular content aggregator StumbleUpon back in 2018. Users can attach other social sites like Facebook and Twitter to curate their feeds. Before the transition, StumbleUpon had about 35 million active users. However, not all have stuck around. Still, this social media channel can come in handy for small businesses that want to share useful or viral content.

17. Medium
Medium is a platform for creating and sharing long-form content. Although technically not a social media channel, millions of people and organizations share the site’s content. The difference is it doesn’t have a ton of extra features like other social sites to distract people from the main purpose. s a result, it’s ideal for content creators who want their ideas to shine. Twitter co-founder Evan Williams founded Medium in 2012. There are now nearly 100 million users on the site monthly. Businesses can use the site to share complex ideas or discussions with a wide audience.

18. Digg
Digg is a news aggregator with a curated front page. Topics on this social channel vary widely and may include political issues, scientific finds, and viral videos. Founded in 2004, the site has gone through several iterations through the years. Though not as popular as it once was, there are 8 million users per month. Businesses can use it to curate their own online feeds or share relevant content.

19. Viber
Viber is a VoIP and instant messaging mobile app blending social media and communications. Released in 2010, the app now has about 260 million monthly active users. You can use it to exchange audio, video, and images with other registered users. Like other chat apps, it’s perfect for sharing on a personal level with customers or partners. There are also group chat options.

20. WeChat
WeChat is a multi-purpose mobile messaging app. People can send text messages, voice calls, video content, and even make payments. There are group and individual chat options. And there are about 1 billion monthly active users around the world. WeChat offers official business accounts. As a result, brands can use the service to easily facilitate communication with customers and send out messages as part of a social media campaign.

Which social media site is your favorite? Do you have one to add to our most popular social media sites list?

Tuesday, 25 May 2021 14:31

How to spy child’s wechat

WeChat is one of the most popular messaging application for sharing photos, videos etc. It is widely used for making text and call conversations. Are your children using WeChat app on their smartphone then, track their entire WeChat conversations

This content was originally published here.

Reprinted from The Christian Post

China’s communist authorities are continuing their crackdown on Christianity by removing Bible Apps and Christian WeChat public accounts as new highly restrictive administrative measures on religious staff went into effect Saturday.

Father Francis Liu from the Chinese Christian Fellowship of Righteousness said in a tweet that some Christian WeChat accounts, including “Gospel League” and “Life Quarterly,” were no longer available online, the U.S.-based persecution watchdog International Christian Concern reported.

When someone tries to access those accounts, a message reads, “(We) received report that (this account) violates the ‘Internet User Public Account Information Services Management Provisions’ and its account has been blocked and suspended.”

Bible Apps have also been removed from the App Store in China, and Bibles in hard copy are no longer available for sale online either, ICC added. Bible Apps can only be downloaded in China with the use of a VPN.

Another sign of the ongoing crackdown is that bookstores owned by the state-sanctioned Three-self churches have increasingly been selling books that promote President Xi Jinping’s thoughts and communist ideology.

“Even their WeChat accounts are turning into propaganda channels for CCP,” ICC said.

On Saturday, new regulations on religion that China’s State Administration for Religious Affairs released in February went into effect. The regulations’ Article 16 under Chapter III states that Catholic bishops must be approved and ordained by the state-sanctioned Chinese Catholic Bishops’ Conference.

According to the interpretation of the Union of Catholic Asian News, the regulations “indirectly assert that the election of Catholic bishops will be done by the state-approved system under the Chinese Communist Party’s direction and the Vatican and Pope Francis will have no role in it […] It runs contrary to the laborious China-Vatican deal on the appointment of Catholic bishops, signed in September 2018.”

A 2018 China-Vatican Agreement, renewed last year, permits the Chinese government to propose new bishops to the Vatican through its state-approved Chinese Patriotic Catholic Association, with the pope having veto power on the decision. At the time of the signing, the Vatican said it hoped the deal would promote unity among China’s estimated 10 million to 12 million Catholics.

Further, Article 27 states that senior religious leaders will remain in their position for a term of three to five years, after which the individual must again submit their personal information to the authorities, said the U.K. based group Christian Solidarity Worldwide, explaining that it could be used to punish any criticism or failure to obey regulations by refusing their application to re-register.

The regulations in Article 3 include requirements that clergy “support the leadership of the Communist Party,” CSW added.

Furthermore, Article 12 stipulates that clergy must not “endanger national security” or be “dominated by foreign forces.”

Last month, Asia News reported that Chinese authorities punished a man who provided a worship venue for believers, fining him $30,000 under the charge of hosting “illegal religious activities.”

According to recently-released reports, religious persecution in China intensified in 2020, with thousands of Christians affected by church closures and other human rights abuses.

Under the direction of President Xi Jinping, CCP officials are enforcing strict controls on religion, according to a report released in March by the U.S.-based persecution watchdog China Aid.

Christians in both official, state-run churches and house churches were ordered to fly the Chinese flag and sing patriotic songs in services.

Last October, internet censorship targeting Christians in China became so severe that even official government-sanctioned Christian groups started using the Chinese Pinyin initials “JD” to replace Chinese characters for “Christ,” China Aid reported at the time.

Two official government-sanctioned religious organizations — the Christian Council of China and the Committee of the Three-Self Patriotic Movement of the Protestant Churches of China — updated titles and descriptions of all their books on “Tianfengshuyuan,” their official WeChat bookstore, reported China Aid.

In 2018, the Chinese government banned the sale of Bibles at online bookstores across the country to comply with a “white paper” that dictated compliance with the “core values of socialism.”

Australia’s ABC News reported at the time that copies of the Gospels had been removed from online retailers following the release of a regime document titled “China’s Policies and Practices on Protecting Freedom of Religious Belief.”

The white paper declared that Chinese faith communities “should adhere to the direction of localizing the religion, practice the core values of socialism, develop and expand the fine Chinese tradition and actively explore the religious thought which accords with China’s national circumstances.”

China is ranked as one of the worst countries in the world when it comes to the persecution of Christians, according to Open Doors USA’s World Watch List.

The communist regime’s crackdown on religious freedom has also led the U.S. State Department to label it as a “country of particular concern” for “continuing to engage in particularly severe violations of religious freedom.”

In an earlier interview with The Christian Post, the then-U.S. Secretary of State Mike Pompeo said it was “certainly the case that the Chinese Communist Party [engages in] efforts to stamp out religious freedom every place that they find.”

This content was originally published here.

Hello, I’m Xiaoju, a code cub without feelings.

I’d like to recommend one to you todayShip NEWNew wechat applet component library:If it’s a brother, use it!

BRIEF INTRODUCTION

ByThe team has created a set of wechat applet component library with rich components, beautiful design and complete business case, which is your best choice for developing wechat applet.

PS: This article will not introduce how to use Lin UI. I will just introduce its advantages to you. If you want to know how to use it, please go toDocument websitesee

Now there are many component libraries in the market: Van weapp, iView weapp, color UI, wuss weapp, WUX weapp, etc. each of them can be called a mature component library.Why should I use Lin UI?

The main attractions of Lin UI are as follows:

BEAUTIFUL DESIGN

Another major feature of Lin UI is its outstanding visual design, because there are professional UI designers in the forest to design component styles. In terms of visual aspect, the component library designed by developers themselves is more than one street.

At the beginning of the article, I listed a bunch of components, one of which is mainly visual, that is color UI, which is also very good-looking (the author of color UI was also a designer). But color is a CSS library, not a component library. As for the specific differences, you can google it.

Let’s take a look at a few negative examples. Do you really like this “plain” style

Let’s see what Lin UI looks like

How about, which is good? I don’t need to say more

RICH COMPONENTS

Lin UI contains54 componentsNo matter what scenario you use, it can basically meet 90% of your needs, and the remaining 10% can be solved in time by raising issue

EASY TO USE

Developers who have developed applets may know that applets are much simpler than traditional web applications, because we don’t need to deal with screen compatibility problems on multi terminal devices, which is an advantage of applets. However, if the introduction of a set of component library makes youLost the simplicity of developmentIs this advantage worth using?

Van weapp is a very mature component library in the industry, and its development has gone through a long cycle. But, in my opinion, one of the big drawbacks of van weapp is thatComponent source code is very complex. This complexity does not mean how complicated his logic is, but that van weapp has done a lot of encapsulation for the code. Let’s take a look at the following code:

This is part of the source code of the button component of van weapp. As we know, the button component has almost no business logic, but it has been introducedVantComponentbuttonopenTypeThree TS files.

Do you look confused?VantComponentWhat is it? Applet nativeComponentWhat about it?buttonWhat is it?openTypeWhat the hell is that? Even the source code is written with typescript. I have to learn typescript before I write a small program?

If you’re new to applets and vant weapp, this highly encapsulated feature can cause a very serious problem:When you encounter a problem that can’t be solved in the development process and want to look at the source code, you will find that you can’t understand it. You have to understand the whole design idea to understand the logic of each component.It’s a waste of time, isn’t it?

Lin UI doesn’t have this problem at all, as long as youUnderstand JSLiteracy can understand the source code, do not believe you see

This is Lin UIIndexListComponent source code, because the space problem, only intercepted part. Why do we say that we can understand as long as we can readThe method is annotated in detail, and there is no secondary encapsulation of wechat native API, which is completely native, to ensure that you can understand the source code, so intimate, ask you are not moved!

Conclusion: if you are very familiar with various APIs of small programs, familiar with TS, and have patience to understand the design idea of high encapsulation when encountering bugs, you can use vant weapp. conversely,If you are new to small programs, or you don’t know how to solve bugs, and you want to solve them as quickly as possible, Lin UI will give you the most comfortable development experience.

TIMELY FEEDBACK

As an open source project, its activity is very important. Whether the feedback bugs can be solved in time, whether the project authors with good ideas can accept and join the project, and the number of people using the project. These three points must be considered when selecting the technology.

The feedback efficiency of Lin UI is very high, and the bugs fed back by issue can be solved within 24 hours on average, which is already very high efficiency. Compared with vant weapp, because its maintainers are all on-the-job developers, they don’t have enough time,Issue processing will certainly be slower than Lin UIYes.

Since the release of the first version 0.1.0 on April 24, 2019, Lin UI has been updated for more than a year, with more than 600 commits and more than 300 issues. In exchange, Lin UI is stable enough and easy to use.If you like, you are welcomeGithubA star in the world 。

I am a little orange. Welcome to my WeChat official account. I will give you more knowledge about the front and back.

This content was originally published here.

Tuesday, 25 May 2021 14:10

WECHAT FAQ, TIPS, AND HOW-TO’S

What is WeChat Out?

WeChat Out is a VoIP feature designed by WeChat to help users call mobile and landlines around the globe at low rates. WeChat Out is only available for users outside Mainland China. Currently, the feature is on live in the United States, Hong Kong, India, Italy, Macau, Thailand, Laos, Malaysia, Singapore, Australia, Myanmar, Saudi Arabia, Vietnam and under test in some other countries and regions. We will cover more regions in the near future.

However, this service is not available in Canada.

 

How do I use a group QR Code?

1- Share Group QR Code

A maximum of 100 users can scan a group QR Code to join a group, including users that the group owner previously invited to the group. When there is 100 members in the group chat, you can’t join the group by scanning the group QR Code.

2- View/Send Group QR Code

Select a group chat and click the people icon on the top right to enter the detail screen. Click「Group QR Code」and tap the icon on the top right to select「Save to Phone」

 

What does the exclamation mark mean in my chats?

If an exclamation mark appears when you’re sending a message, it means that the message did no go through due to an unstable or unavailable network.

Please check your network settings and try again. To resend your message, tap the message with the exclamation point.

Should this issue persist, try changing your network access point (e.g. Wi-Fi) and send the message again.

 

How do I prevent someone from adding me through my WeChat ID?

By default, WeChat users will be able to add you to their list of contacts through your WeChat ID, QQ ID or mobile number.To prevent others from adding you via WeChat ID, follow the steps below:

  1. Head over to the “Me” tab and select 「Settings」. 
  2. Tap 「Privacy」and press into「Methods for Friending Me」.
  3. Select「WeChat ID」, toggle the button so that it is turned off

 

How to log in WeChat with my linked accounts if I forget my password?

If you’ve forgot your WeChat password but you’ve linked your mobile number, email address or QQ ID to your WeChat, you may troubleshoot the problem following the instructions below:

 

1- Log in via Mobile number and SMS code

 1) Tap More Options at the bottom of WeChat login page.

 2) Select Log in to Another Account.

 3) In the page of Login via Phone, select the region of the phone number, then enter the correct number.

 4) Tap Next, then tap Log in via SMS verification code in blue.

 5) Tap Send in blue, and you will receive a SMS verification code from WeChat, enter the SMS code and tap Log In.

 

2- Log in via linked email address and retrieved password 

 1) Tap More Options at the bottom of WeChat login page.

 2) Select Log in to Another Account.

 3) Tap Log in via WeChat ID/Email/QQ ID in blue.

 4) Tap Unable to Log In at the bottom of the page. 

 5) Tap Email linked, enter linked email address then tap Next.

 6) An email will be sent to your linked email address, follow the instructions in the email to reset password.

 7) Login WeChat by the flow: tap More Options at the bottom of login page > Log in to Another Account > Log in via WeChat ID/Email/QQ ID > enter your email address and new WeChat password > Log In

 

3- Log in via QQ ID and QQ password

 1) Tap More Options at the bottom of WeChat login page.

 2) Select Log in to Another Account.

 3) Tap Log in via WeChat ID/Email/QQ ID in blue.

 4) Enter the previously linked QQ ID and QQ password, then tap Log In.

Note: If you have forgotten your QQ password, you can retrieve your password by visiting aq.qq.com on a computer. 

 

Where can WeChat Pay MY Wallet be used? Which methods of payment are supported?

You can use WeChat Pay MY to make payments to online merchants on WeChat Pay MY wallet or offline outlets that accept WeChat Pay MY.

The details are as follows:

1- Paying an online merchant on WeChat Pay MY wallet: You can use your Wallet Balance or a Malaysian Visa/MasterCard bank card to make a payment when you visit a merchant’s official account on WeChat.

2- Quick Pay (with a payment code): Show your payment code to the merchant (“Me” -> “Wallet” -> “Quick Pay”) and the merchant scans the code with a scanner to complete the payment. At present, Quick Pay only supports payments with your Wallet Balance.

If you have further problems, please follow the Official Account of WeChat Pay MY (search “WeChat Pay MY” and select “follow” ). After successfully followed, enter the Official Account and select “Contact” -> “CS Team”, to view contact methods of Consumer Service Team and feedback your problems

 

What is the difference between Web WeChat and WeChat for Windows?

Web WeChat and WeChat for Windows are both designed to provide users with a convenient chatting platform to allow quick and convenient file transfers between mobile and PC.

They differ in the following aspects:

1- Web WeChat can be logged in to at http://web.wechat.com; It uses browser-based login method.

2- WeChat for Windows must be downloaded and installed on PC before using. It uses client-based login mode.

3- WeChat for Windows allows users to backup and restore their chat history, while Web WeChat currently doesn’t offer a backup and restore feature

Here is an interview with Christy Schumann on How to To Build a Strong Remote Work Culture

Christy Schumann is Toptal’s VP of Talent Operations responsible for matching some of the world’s greatest freelancers with companies who need their skills. She spent more than a decade in management and consulting at Bain & Company, before joining Rackspace as a general manager of its security business. Schumann earned her BSc in Computer Science and Electrical Engineering from MIT, as well as an MBA from Columbia Business School.

In an episode of The Talent Economy Podcast, she discusses her shift from an office environment to a fully distributed and remote company—and what it is like to lead a more than 100-strong team of colleagues working to match Fortune 500 companies, or well-funded startups, with some of the best talent in the world.

The interview was conducted by Paul Estes, editor-in-chief at Staffing.com and host of The Talent Economy Podcast.

What advice would you provide to other executives and managers who are trying to figure out how to run their teams as efficiently and as successfully as possible right now?

I think what many organizations are afraid of is that everything they know in the office doesn’t work in the remote environment. And the only thing I think I’ve really honed in on over the past few months, half a year or so, being at Toptal—being 100% remote—is many of the best practices that you should be practicing in the office apply when you’re remote. Organizational structures don’t have to change. They may appear flatter, because anyone and everyone communicates on Slack, but that doesn’t have to change.

You should, in the office, be managing team metrics. Your teams and team members, frontline— up, down, and across—should know what a good day looks like. They should have performance metrics and KPIs. All those things emphasized in a remote environment are really best practices that you should have in the office anyway. So, I would say, don’t be nervous. A lot of the things you know already apply. It just so happens that you’re talking over Zoom instead of being together in the same room.

For organizations, my greatest piece of advice would be to not be nervous. This whole remote working, the rise of the talent economy—it’s no longer the future of work, it is now. It is now more than ever, given the global current events that are happening today with COVID-19 and the sudden rise of remote. But don’t be nervous.”

Understanding the Basics

Which companies allow remote work?
There are many companies in the world that allow remote work or are fully remote. Some of the more well-known names include Toptal, GitHub, InVision, Hotjar.

What does it mean to work remotely?
To work remotely means that you can work from your home or a shared space with only a laptop and internet connection. It means that you do not have to commute to a particular place every day to perform your duties.

What are the disadvantages of remote work?
The disadvantages of remote work are related to your social life. Working remotely alone can be a very isolating experience, and thus, every remote worker needs to have a plan how to maintain a healthy social life.

What is culture in the workplace?
Culture in the workplace is a set of shared norms that all employees subscribe to during work time. Workplace culture creates a sense of community in which everyone is working toward the same goal.

What are the benefits of working remotely?
Benefits of remote work include time saved on commutes, flexibility of working hours, and fewer office distractions.

Tips for Building a Culture of Security Among Remote Employees

We highlighted the importance that making security a part of your organizational culture played in keeping your remote workforce secure during the COVID-19 pandemic. 

1. Security culture is inseparable from the values of your organization’s leadership

2. Employees must be made aware of how important security is to the organization and how it impacts their work

3. As you educate employees tie it into personal learning

4. Encourage employees to apply what they’ve learned

5. Build a security resource library



Source: Read the Full Interview at Toptal

In this tutorial, we will show you how to install CentOS Web Panel on CentOS 8. For those of you who didn’t know, CentOS Web Panel is a free alternative to cPanel and provides plenty of features and designed for a newbie who wants to build a working hosting server easily and to take control or manage his/her server all in an intuitive web interface without having to open an SSH console. CentOS Web Panel provides Apache, Varnish, suPHP & suExec, Mod Security, PHP version switcher, Postfix and Dovecot, MySQL Database Management, PhpMyAdmin, CSF Firewall, CageFS, SSL Certificates, FreeDNS (DNS server), and many more.

 

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of CentOS Web Panel on a CentOS 8 server.

 

Install CentOS Web Panel on CentOS 8

Step 1. First, let’s start by ensuring your system is up-to-date.

 

sudo dnf update

Step 2. Setup Hostname.

 

Login into your server as root and make sure to set the correct hostname:

 

hostnamectl set-hostname cwp.idroot.us

Step 3. Download and Installing CentOS Web Panel.

 

After setting hostname, now download script installation Centos Web panel using the following command:

 

cd /usr/local/src

wget http://centos-webpanel.com/cwp-el8-latest

sh cwp-el8-latest

The installation script will take some time to complete, and once it’s done you will be provided with an URL to access the panel and your MySQL root password.

 

#############################

#      CWP Installed        #

#############################

 

go to CentOS WebPanel Admin GUI at http://SERVER_IP:2030/

 

http://SERVER_IP:2030

SSL: https://SERVER_IP:2031

---------------------

Username: root

Password: YOUR_PASSWORD

MySQL root Password: MYSQL_PASSWORD

 

#########################################################

          CentOS Web Panel MailServer Installer          

#########################################################

SSL Cert name (hostname): cwp.idroot.us

SSL Cert file location /etc/pki/tls/ private|certs

#########################################################

 

visit for help: www.centos-webpanel.com

Write down login details and press ENTER for server reboot!

Press ENTER for server reboot!

If the system does not reboot automatically simply type “reboot” to reboot the server:

 

reboot

Step 4. Accessing the CentOS Web Panel.

 

CentOS Web Panel will be available on HTTPS port 2031 by default. Open your favorite browser and navigate to https://your-domain.com:2031 or https://server-ip-address:2030. Login to the panel using the system’s root account. You got the password in the previous step. If you are using a firewall, please open port 2030 to enable access to the control panel.

 

Congratulations! You have successfully installed CentOS Web Panel. Thanks for using this tutorial for installing CentOS Web Panel in CentOS 8 system. For additional help or useful information, we recommend you to check the official CentOS Web Panel website.

 

Source

4 Most Common Types of Cybersecurity Threats

There’s every indication that the pandemic is changing the nature of cybersecurity. Online threats are evolving to match our new remote-work paradigm, with 91% of businesses reporting an increase in cyberattacks during the coronavirus outbreak. 

Hackers are getting more and more sophisticated and targeted in their attacks. Many of these cyber threats have been around for a while, but they are becoming harder for the average user to detect. Beware of these four common types of cyber threats – and learn what you can do to prevent them. 

 

Advanced phishing attacks

Phishing takes place when a hacker tricks an individual into handing over information or exposing sensitive data using a link (with hidden malware) or a false email. These types of security threats are quite common, but in recent months they are becoming even more advanced. 

Microsoft’s recent survey of business leaders in four countries found that phishing threats are currently the biggest risk to security. Since March, 90% of those polled said that phishing attacks have impacted their organization, and 28% admitted that attackers had successfully phished their users. Recently, phishing emails have targeted enterprises to capture personal data and financial information using one of the following tactics: 

Posing as a provider of information about COVID-19 vaccines, PPE, and other health and sanitation supplies

Creating false “portals” for business owners to apply for government assistance and stimulus funds during the economic shutdown

Using download links for platforms and tools that help remote teams communicate, such as video conferencing 

Posing as “critical update” downloads for enterprise collaboration solutions, such as Microsoft OneDrive, and social media applications

Targeting IT service providers that ask for payment in order to provide tech support. 

Phishing is so effective because it can be very hard to recognize and targets individual people, rather than IT vulnerabilities. Yet, they are still ways to lower your risk of phishing. 

How to prevent phishing: The best chance to prevent phishing attacks is to educate your teams on what to look for in a phishing message. Poor spelling and grammar, as well as an email address that doesn’t match the user, are telling signs of a phishing message. If an offer seems too good to be true, it is a good sign you’re being scammed.  In addition to user education, you can add multi-factor authentication and other interventions to stop phishing messages from getting through. “Spam filters with sandboxing and DNS filtering are also essential security layers because they keep malicious emails from entering the network, and protect the user if they fall for the phishing attempt and end up clicking on a malicious hyperlink,” said one security expert told ZDNet.

 

Ransomware

Ransomware is a type of security threat that encrypts a victim’s files so they can’t access their information. The hacker then asks for a ransom – usually payment – to restore access and decrypt the user’s data. 

Perhaps the most notorious recent example of a ransomware attack is that of Garmin. In July, Garmin – a navigation and fitness wearables company – was hit by a ransomware attack that downed service for virtually every Garmin customer.  “Hackers deployed the ransomware tool WastedLocker, which encrypts key data on a company’s digital infrastructure,” reported Cyber Security Hub. “In the case of Garmin, website functions, customer support, and user applications were all affected. Unlike typical ransomware software, WastedLocker does not steal identifying information and hold it for ransom. Instead, it renders programs useless until decrypted.” Garmin reportedly paid $10 million for the decryption key to resume services after four days of outages. 

Garmin isn’t alone, however. There’s been a seven-fold increase in ransomware attacks this year targeting companies of all sizes. So, what can your organization do to protect itself?

How to prevent ransomware: First and foremost, it’s important to make sure your security protocols are kept airtight – and apply security patches as quickly as possible to prevent hackers from exploiting vulnerabilities. A tool like Nightfall can make it easier to maintain a strong defense, with AI monitoring your network for any issues. Multi-factor authentication can also prevent hackers from getting too far into your system. And, you should regularly back up your system so if a ransomware attack does happen, you’ll be able to recover some data. 

 

Password-based cyberattacks

A password-based cyberattack is one that targets users who have the same password for multiple sites. Research from the World Economic Forum found that 4 out of 5 global data breaches are caused by weak/stolen passwords. 

There are several different ways a hacker can infiltrate your system using a password-based cyberattack. The most common method is known as a brute force attack. This attack uses a computer program to try to login to a user’s account by trying all possible password combinations, starting with the most common and easiest to guess options – for instance, “1234” or “abcde”.  Sensitive data like passwords, credentials and secrets are in constant danger of exposure, especially as more companies conduct the majority of their business in the cloud. The highly collaborative and always-on nature of cloud services make it hard to enforce good password practices. Therefore, organizations need data loss prevention (DLP) to secure essential data from being exposed. 

How to prevent a password-based attack: make it easy for users and security teams alike to circumvent the risk of password attacks by implementing password-free authentication methods. This is a type of authentication that requires a user to confirm their identity during the login process through a separate channel. This extra step can also protect your workspace in case there’s any account compromised or if a device gets stolen. 

 

IoT and smart medical devices 

The internet of things makes life a lot easier – and also more open to bad actors. Connected devices are an increasingly popular target for cyber threats. In 2019, cyberattacks on IoT devices increased by 300%, according to one report. This includes attacks on everything from laptops and webcams to smart homes (like Google Nest), smart watches, routers, and other home appliances. 

Our personal devices aren’t the only things that are vulnerable. The Software Engineering Institute of Carnegie Mellon University reported, “As more devices are connected to hospital and clinic networks, patient data and information will be increasingly vulnerable. Even more concerning is the risk of remote compromise of a device directly connected to a patient. An attacker could theoretically increase or decrease dosages, send electrical signals to a patient or disable vital sign monitoring.” Healthcare providers must also contend with protecting patient data. As many healthcare providers shift to remote work, they become an attractive target for hackers. Protected health information (PHI) must be kept safe during all cloud-based activities – yet many SaaS providers, including Slack, are not HIPAA-compliant right out of the box.

How to prevent IoT attacks: IoT attacks are sophisticated, and the best ways to protect your devices are to use strong passwords and keep your software up to date. Experts also suggest keeping your devices unlinked from social media.  Along with protecting your devices, look for a DLP partner who can protect your patient data while working on SaaS and IaaS platforms. Check out our coverage of instituting and maintaining HIPAA compliance on Slack and schedule a meeting below to learn more about how tools like Nightfall DLP play a role in keeping PHI safe.

 

This article was originally published at nightfall.ai

We highlighted the importance that making security a part of your organizational culture played in keeping your remote workforce secure during the COVID-19 pandemic. But what does that entail? In this post, we’re going to flesh out key steps that security teams and their leadership should take in order to make a strong culture of security a reality within their organizations.

1. Security culture is inseparable from the values of your organization’s leadership

Like any other organizational value, building a culture of security starts at the top. Invested stakeholders, usually starting with senior leadership, must cascade the types of cultural changes they wish to see by helping spearhead initiatives that will ultimately transform their organization. Although it is IT’s job to educate and engage with employees who break security policies and don’t follow security best practices, it would be very difficult for IT to function in an organization where leadership doesn’t embody the values needed to maintain a secure organization. 

While security teams and leadership have historically talked past one another, there is a growing understanding that leadership must play a role in fostering a culture of security by investing in security teams and setting the expectation that security is taken seriously across the entirety of the organization. Luckily, a growing number of security teams have found a common language to discuss these issues with the board and C-level executives – the language of business risk assessment and security performance benchmarking. When security leaders and business leaders speak the same language, it’s then that business leaders will begin to understand their role in shaping their organization’s security posture. This will motivate them to enshrine security as one of the organization’s core values and enable processes like best practices documentation and security education programs to play a critical role in employee onboarding and training. 

With this in mind, it might be challenging for organizations whose leaders don’t already appreciate the importance of security to adapt to the security challenges of remote work. Assuming these processes are in place within your organization, now is the time to update them to appropriately reflect the risks remote employees may encounter while working from home. However, if such processes are not in place, implementing them will obviously be a critical goal going forward.

2. Employees must be made aware of how important security is to the organization and how it impacts their work

Whether or not your organization has training and documentation in place, it’s a good idea to reiterate the significance of security best practices to employees through company wide communications channels and remote events like security discussions and training. This is especially true given that many employees are adopting new technologies to work and collaborate remotely while facing new and emerging types of malware and social engineering. Your aim as you educate employees is to remind them that security is critical to the health of the organization, and that the security risks they face effectively translate to job performance. Ultimately, an employee affected by a security incident will be unable to perform their duties making it very important for them to broadly grasp the types of cyber threats the organization faces. 

3. As you educate employees tie it into personal learning

good security education program effectively serves a workforce development function. Getting employees to see this will improve employee buy-in and make them more readily embrace security education. In addition to the previous point of tying security education to organizational health and improved job performance, you should also highlight that security education will make employees good digital citizens which will help them in their personal life and in future roles. To reflect this mindset, security teams should whenever applicable highlight when security lessons apply both on the job and off the job.

4. Encourage employees to apply what they’ve learned

Building and revamping security education programs for the remote work era is only half the battle. Getting employees to apply what they’ve learned by identifying and potentially stopping incidents is the ultimate goal. Comprehensive security education programs should often be paired with periodic simulations (like phishing tests) where employees can demonstrate their security savvy. Employees and departments that are successful in identifying real or simulated incidents should be recognized for doing so during performance reviews and evaluations.

5. Build a security resource library

Most of this post has focused on the nature of security education and awareness programs; however, documentation is an important resource for employees as well. Good onboarding documentation, like your employee handbook, is critical to setting the expectation that security is important. However, your organization should more generally provide other documation. In most cases this will take the form of a security resource library which should contain plain language summaries of company security policies, as well as descriptions of cyber risks relevant to your company. You might also choose to include learnings from previous security training in the form of videos or other interactive content. Finally, you’ll want to ensure you’ve assigned a stakeholder to maintain this library and encourage employees to review it periodically so that they can stay up to date on what they need to know to stay secure. 

If you already have such a resource, it’ll naturally be a great channel to provide employees with the lessons they’ll need to stay safe while working remotely. If not, it’s not too late to build one. You might find that some of your existing security content can readily be turned into materials to give remote employees the security insights they’ll need as they navigate the security risks of remote work.

This article was originally published at nightfall.ai

Page 1 of 6