Copy
View this email in your browser
Firstly, my apologies for how quiet the list has been. I hope you have not forgotten you signed up on my old website at http://pietersz.net/

Things have moved on and I now work through my company, Code and More: https://www.codeandmore.co.uk/ We do a slightly wider range of work. We still do web apps and custom content management systems, but also CRMs, cross platform apps and numerical computing. The aim is to develop custom systems that give you business a competitive edge. Please talk to us about how we can help you. We aspire to be a trusted advisor and will work hard at that. To get a feel for how we work read about our approach  and have a look at our blog.

Now to more practical things. If you have a public facing Python 2 system (for example a Django website, or a web based CRM) its time to upgrade to Python 3. That is not our advice, it comes from the UK's National Cyber Security Centre. This article on an IT news site  gives you a fairly digestible summary of the issues.

The short version is that Python 2 will stop receiving security fixes at the end of this year. It may seem a long time away but given there is likely to a last minute rush you may find it hard to find available developers if you leave it until December. There is nothing to be lost by getting it out of the way. In addition, you may find components you rely on lose Python 2 support for upgrades (and therefore security and reliability fixes) before then.

Going from Python 2 to Python 3 is usually not very difficult. A few days work is usually sufficient for most SME scale systems.

The other warning is about whether you can rely on your backups. Not only do your backups need to be physically separate from your systems but they should not have the same provider as the systems they back up. Another article tells the story of a business that was almost destroyed when their account was cut off by a supplier. In this case the supplier was Digital Ocean, but the risk applies with any supplier.

On top of that you need to ensure that you backup system cannot be destroyed if the system it is backing up is compromised. This is a very common problem because the commonest way to run backups is to give the system being backed up access to a backup space it copies stuff to. The next commonest arrangement is to give the backup system access to the system being backed up - this is better, but what if the backup system is compromised?

There are a lot of solutions to these problems. If you are unsure about whether your backup system is secure in all circumstances please talk to us.
Copyright © 2019 Code and More LLP, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp