Hostirian 2019 SSAE 18 SOC 2

Get the report: Hostirian 2019 SOC 2 Type II

St. Louis, MO  April 21, 2020 – Hostirian, LLC, a provider of technological solutions, announced today that it has successfully completed a System and Organization Controls (SOC) 2® Type II Audit examination for their Colocation Data Center System. Hostirian, LLC retained international business advisory firm Skoda Minotti for its SOC 2® audit work. Hostirian, LLC selected Skoda Minotti after an intensive search based on their reputation as a leading risk advisory and compliance firm.

Ben Osbrach, CISSP, CISA, QSA, CICP, CCSFP, partner-in-charge of Skoda Minotti’s risk advisory group said, “We were excited to work with Hostirian from the very start. They are an intriguing organization delivering high-quality services and their business adds to our growing SOC reporting practice.”

SOC 2® engagements are performed in accordance with the American Institute of Certified Public Accountants’ (AICPA) AT-C 205, Reporting on controls at a service organization based on the trust service principles outlined in the AICPA Guide and reporting on controls at a service organization relevant to security, availability, processing integrity, confidentiality or privacy. The SOC 2® Type II report is performed by an independent auditing firm and is intended to provide an understanding of the service organization’s suitability of the design and operating effectiveness of its internal controls. A service organization may select any or all of the trust service principles applicable to their business and Hostirian chose to report on security. The successful completion of this voluntary engagement illustrates Hostirian’s ongoing commitment to create and maintain a secure operating environment for their clients’ confidential data.

Skoda Minotti’s testing of Hostirian’s controls included examination of their policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery and other critical operational areas of their business. Upon completion of the audit, Hostirian received a Service Auditor’s Report with an unqualified opinion demonstrating that their policies, procedures, and infrastructure meet or exceed the stringent SOC 2® criteria.

“The successful completion of our SOC 2® Type II examination audit provides Hostirian’s clients with the assurance that the controls and safeguards we employ to protect and secure their data are in line with industry standards and best practices,” said Ken Cox, CEO.

About – Hostirian, LLC

Hostirian is a wholly-owned company of River City Internet Group, LLC. Hostirian is responsible for various activities related to managing client systems. The types of service offerings available are listed below.

Hostirian’s data centers are located on 11756 Borman Drive, St. Louis, MO 63146 and at 710 N. Tucker, Suite 420, St. Louis, MO 63101. Hostirian’s data centers are 10,000 square feet and 16,000 square feet data operation facilities intended to provide uninterrupted power and service for Hostirian clients. The facilities are designed to greatly reduce client downtime and operate under supervision 24 hours a day, 7 days a week, every day of the year. The data centers currently host, monitor and/or manage user systems located within the two facilities. The colocation model is available to all Hostirian clients and allows Hostirian to act as the client’s server or data warehouse.

The colocation model provides 24 hours a day, 7 days a week, every day of the year on-site live support services for basic reboots, rack or cage space, and power to customer-owned equipment.

About – Skoda Minotti

Skoda Minotti is a Certified Public Accounting Firm based in Cleveland, OH offering a variety of tax, finance, and business advisory services in virtually every area of business. The Risk Advisory practice specializes in SOC Reporting, PCI DSS Compliance, HIPAA Compliance and HITRUST validation, FISMA, NIST, ISO 27001, Vulnerability and Penetration Testing, and other regulatory information security assessments. Staffs in Skoda Minotti’s Risk Advisory hold several industry certifications including Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Qualified Security Assessor (QSA), GIAC Penetration Tester (GPEN), and GIAC Web Application Penetration Tester (GWAPT). For more information about Skoda Minotti’s Risk Advisory Services, please visit skodaminotti.com/risk.

What Are You Getting From Your Web Hosting Provider?

Web hosting

What are you really getting when you hire a web hosting provider?

If you’ve ever tried a Google search for hosting, you would have found that you get inundated with results. Some sound cheap, some sound expensive and some you may not understand exactly what it is that they’re selling.

There are different types of web hosting and this can reflect in the price and what is included. It’s important to know what you’re looking at – which type of hosting will be the best fit for your needs?

Here is a breakdown of types of hosting and what they commonly include:

Free download: Get our checklist for finding a website host here

Types of web hosting

Website hosting can take many forms depending on your level of expertise, or the level of need that your website has. “Hosting” is simply the task of making a website available for visitors to use. This is done by storing the files of the associated website on a server.

Big companies with complex needs might use many of their own exclusive servers – think of a bank, for example. Small companies or hobby websites might pay for space on a “shared server”, where a hosting company manages it.

Shared hosting

Shared hosting is at the very basic end of website hosting options. It’s usually one of the cheapest (sometimes even free) and is widely available. It works by having many websites rent space on the same server – sometimes there may be into the thousands of small websites on a server.

This type of hosting tends to be best for entry-level websites, such as blogs or small hobby sites. The positives for using this type of hosting is that the technical side is taken care of and that the cost is reduced considerably. Many websites on one server means that the cost to run that server is shared among the customers.

There are some major limitations that go with shared hosting, meaning that this is not a great option for many businesses. For example, shared resources equate to sharing the RAM (Random Access Memory) and CPU (Central Processing Unit) of the server. If some users of the server experience a sudden surge in traffic, this can lead to major delays in processing speed for everyone, or sometimes even websites going offline. Picture a major sale event, such as Cyber Monday; clearly, an ecommerce store should steer clear of this type of hosting!

There’s a term known as the “bad neighbor effect” to describe hiccups with hosting your website as a result of what others on the same server are doing. Most hosts work to mitigate this, but if you’re only paying $5 per month, they’re probably not working that hard on it…

Some shared hosting can leave you vulnerable to the “bad neighbor effect” Click To Tweet

Another thing to be aware of is that not all shared hosting providers meet the same standards. Some might cram as many websites as possible onto one server, leading to frequent issues. Some might use older technology which can also lead to technical difficulties. This is a good reason to look much further than price when it is time to choose a hosting option – what exactly are you getting? The old saying “you get what you pay for” tends to be true for hosting.

Here are some tips for what to look for with shared hosting:

  • How many visitors per month are you allowed?
  • How much storage do you get? This is file storage for your website – the bigger and more involved the website, the more GB of storage you need.
  • How much bandwidth do you get? This is a reflection of the amount of data that can transfer between your site, website users and the internet. An average blog uses only around 10 GB per month, but you also need to factor in a buffer for any traffic surges.
  • Is the host suitable for your type of website? For example, if you are running a WordPress website, we offer WordPress packages at Hostirian. This means that we have the specific technology that runs WordPress smoothly.
  • What support options are offered by the host? If you are self-managing your website, you might need help sometimes and it’s important to know that it will be available when you need it.

VPS hosting

VPS stands for “Virtual Private Server.” This can be described as the next level up in shared hosting. It will cost you a bit more than the basic level, but you avoid some of the problems associated with shared hosting.

A VPS is a good step in-between shared hosting and getting your own dedicated server. While websites still share the hardware of the server, a VPS houses multiple separate virtual machines, which dedicate slices of computing technology. This means that you are much less at risk from the “bad neighbor” effect. If a website reaches its limit of allocated resources, the site might be throttled or go down, without impacting others on the server.

This makes VPS a good option for those who have the budget to pay the hosting charges and who get a decent amount of website traffic. If you get a lot of traffic and require a lot of storage space, VPS may not have enough for you.

The VPS environment also allows you to make changes to customize your environment. This isn’t possible on a shared server because all sites share the same environment. You also get the opportunity to scale if needed, simply by requesting an increase in the resources made available to you.

Tips for choosing VPS hosting are the same as our shared hosting tips, with a couple of additions:

  • Is management of the VPS fully-managed or self-managed? For example, most developers will opt to self-manage because this offers them greater flexibility. If self-managing is out of the question for you, make sure there is a fully-managed option.
  • Do you get root access? This allows you to implement things like scripts, automation and command controls.
Download our checklist for finding a website host here

Dedicated server

This is just as it sounds – a dedicated server (or servers) all to yourself. These are for businesses or organizations that require a lot of space, and who prefer to do the management of the server themselves (although there is managed dedicated server hosting as well for those who cannot take on the management aspect).

Key advantages include that you get a lot of space and computing power to yourself. There are no bad neighbor issues (you have no neighbors) and no security issues potentially introduced by other websites.

You also get the most flexibility with this option. You can customize many aspects, including the operating system and other hardware elements.

The cons of dedicated servers include that they are more expensive than shared or VPS. Your company needs to have the knowledge and resources to manage the server – you might need to hire server admin at an additional cost. Some will find it a con that they are entirely responsible for the server. If there are any failures, you have to make decisions about monitoring and making other arrangements, whereas with other types of hosting, other modules can take over in case of failure.

We have dedicated server options to suit every type of business – check them out here.

Besides space, data speed and management of the server, here are some other things to check out:

  • The server technology. For example, does it use the latest fast NVMe SSD?
  • Security. What are the security protocols and how secure is the data center?
  • What tier is the server rated at? Tier 4 is the best, providing the least amount of downtime per year (99.99% uptime).
  • How is your data backed-up? Servers should not go live without a backup, as there is a danger of losing data.

Final thoughts

The three types of hosting outlined are some of the most common and are all options that you can discuss with us. We also have Colocation as an option, which is where you rent the rack space in our data center, but bring in your own server hardware. This option is for those with the technical know-how to run their own hardware.

The type of hosting most suited to you very much depends on your budget and what you need performance-wise from your website. Some options also require you to have or have access to the technical knowledge to operate them.

There are pros and cons to each type of hosting, so it’s important to truly know what you are buying before you take the plunge. Feel free to contact us with any questions!

5 Reasons to Choose NVMe over SSD Drives

Why NVMe

You may have seen our NVMe product on our website and wondered what the big deal is.

What does “insanely fast” mean for you? How does it work and why is it better than regular SSD technology?

As a brief primer, NVMe (Non-Volatile Memory Express) is a relatively recent technology protocol. It accesses high-speed storage media and has several advantages as compared to legacy protocols such as SATA.

The earlier SSDs that utilized SATA aimed to minimize any changes in the legacy HDD (Hard Disk Drive) enterprise storage systems. The limitation is that SATA was not designed for high-speed storage media. By contrast, NVMe utilizes parallel, low-latency data paths to media, offering higher performance and lower latencies. (Latency is the term we use to refer to the delay between requesting and receiving information).

What does this mean when you’re making a decision between choosing between NVMe and other technologies? Here are some clear advantages:

Download our NVMe fact sheet here

#1. It’s geared for enterprise workloads

Many enterprise-level companies are data-heavy, requiring some serious heavy lifting from their computing solutions. For example, look at any company that might require a large data analytics load to be operating at any second. Or, consider a busy online trading platform, where thousands of requests per minute may need to be processed.

Any enterprise that is sensitive to data latency is a good candidate for NVMe technology. How does it achieve better speeds? It uses parallel, low-latency data paths within the back-end of flash arrays.

To give a specific example, legacy SCSI is a serial protocol, meaning that it can only talk to one disk device at a time. NVMe allows you to have up to 64,000 simultaneous requests and access storage capacity much more efficiently. The NVMe drives provide significantly more IOPS – Input – Output per second. What this means is the you can write more data per second to the hard drive and you can read more data per second.

In terms of cost, NVMe consumes a lot less power than other solutions and reduces the total cost of ownership (TCO) for enterprises less as well.


NVMe is a top choice to cater to enterprise workloads Click To Tweet

#2. Better website user experience

Higher IOPS means better performance in the eyes of your website users. As you will know, user experience can make or break the success of a website. Our website visitors expect to be able to do what they need to within seconds and that the website renders well for them.

Imagine a lot of people arriving on a website at once. For example, if you run tax services and it is tax season, or if you have a popular ecommerce store and it is Cyber Monday. Legacy technologies can lead to significant performance issues when there are multiple site requests simultaneously.

Some websites operating on older technology will outright crash with heavy use, while others will slow down so significantly that users lose patience with them. Overall, not only is this a poor experience for the user, it can be costly to your business. The chances are people will leave if they can’t achieve what they need to quickly. NVMe provides more outputs per second, meaning your website renders faster in the browser of the user.

Consider the types of websites where data needs to be saved or uploaded too. If a user is hitting a “submit” button, NVMe allows this to happen much faster and assures them that their data has been received. This is because there are more inputs per second writing to the hard drive.

From the perspective of website users within the company as well, NVMe can provide a superior experience. Consider for example companies with large databases that want to pull a lot of information from the hard drive at any one time. Sometimes a “show all” command involves thousands, even millions of rows of data in a database. With legacy SSD technology, this will usually involve several minutes of waiting around, whereas NVMe cuts that wait time right down.

To give a specific example, we have some clients that use Quickbooks on their NVMe servers. They like them because they can pull up all of their customers much more quickly. They also report that generating invoices is a much quicker process than it used to be under older technology.

#3. Better bottom-line business benefits

We can infer from better customer experience and faster performance for the business that there will be better bottom-line benefits too. In fact, there is some data to suggest this is so.

To backtrack slightly, a lot comes down to customer expectation of performance. While internet speed and device performance have improved, they’ve also lead to increased expectations around website speed. Data shows though that websites have become more technology-heavy and have slowed down overall, especially when we look at large ecommerce sites and other traffic-heavy websites.

Research shows that 57% of website visitors will leave if the website doesn’t load after three seconds. 80% of those people will never return. Of that 80%, half are likely to tell other people of their bad experience. This means that not only is a slower website impacting the number of conversions you get, it’s affecting your overall reputation. Would a speed boost from NVMe be worth it from this perspective? We think so. You could potentially expect more revenues, more commissions and better overall customer service.

Even if your website is mostly used for internal purposes, you can get better benefits for your bottom-line. Consider the workload of team members and how it may be impacted by website speed. Are they waiting around for thousands of lines of data? Or, does the data arrive quickly allowing them to get through their work speedily.

Better business efficiency allows for more focus on activities that drive your bottom-line. We’d say that’s a great reason to opt for NVMe over other choices.

#4. NVMe has unique features

There are several features that are unique to NVMe and very helpful to businesses – we’ll mention just a couple here. One of those is that no custom device driver is required. Early SSD versions would often require the deployment of a completely new device driver to access the SSD any time a user upgraded their operating systems, or even made a simple security patch.

NVMe is supported as-is by all major modern operating systems. The standardized interface supports any NVMe from any manufacturer.

Another feature is that NVMe can increase device lifetime. With older SSD technology, SSDs have a finite lifetime dictated by the number of write operations known as program/erase (P/E) cycles NAND flash can endure. NVMe uses multi-stream writes which reduces device management writes to improve device lifetime.

#5. NVMe is the technological future

Consider this extract from a Network World article:

“As NVMe technology matures, costs decline, and storage performance requirements rise, enterprises will move toward flash-based storage systems that implement NVMe end-to-end and can support mixed workloads. “There’s a TCO argument around a system for mixed workloads that’s built out of NVMe instead of SCSI. It still has flash, but it’s flash that you talk to over NVMe versus flash that you talk to over SCSI. You can build a more powerful system in a smaller footprint that uses less energy with the NVMe-based version,” Bergener says.”

The overall implication is that NVMe will eventually replace other storage options anyway. More and more enterprises are shifting to NVMe already, although it hasn’t yet reached the 50% threshold.

If you’re looking for new solutions anyway, you could look at NVMe as a future-proofing investment. If you want to be able to scale easily and require higher infrastructure density, then NVMe will deliver you the best possible performance. Importantly, NVMe is upgradable for newer storage technologies so you can be certain you’ve made a good choice for the long-term.

Get our NVMe fact sheet here

Final thoughts

NVMe is next-level when you’re looking for superior and reliable website performance. Speed matters, and NVMe is what we’d describe as “insanely fast.”

If you’re making choices about your website infrastructure, we’d put NVMe near the top of the list as a solution. It has longevity, performance and a range of features that push it ahead of other solutions.
To learn more about our NVMe hosting solution, click here.