But the biggest improvement to Security Audits for MIDAS v4.33 is the ability to schedule regular automated security audits.
Until now, a Security Audit could only be manually initiated (via MIDAS Admin Options → Manage MIDAS → Security → Perform a Security Audit)
From MIDAS v4.33, you can now use Scheduled Tasks to automatically run a Security Audit and email you the results. Audits can be configured to run every 7, 14, 30, 60, or 90 days.
We’re excited to announce Geolocation and Geofencing support for our MIDAS room and resource scheduling software.
What is Geolocation?
Geolocation is the process of determining the geographic location of a user’s device. It is used in a variety of applications, such as mapping, navigation, and weather forecasting. A device’s location can be determined using a variety of methods, including GPS, cell tower triangulation, and IP address location.
IP address geolocation is a method of determining the position in the world of an IP address. This can be done by using a variety of methods, including:
Reverse DNS lookup: This method involves looking up the IP address in a DNS database to determine the name of the domain that is associated with the IP address. The domain name can then be used to determine the geographic location of the server that hosts the domain.
Geolocation databases: These databases contain information about the geographic location of IP addresses. This information is typically collected from a variety of sources, such as ISPs and network operators.
It is important to note that IP address geolocation is not always accurate. The accuracy of IP address geolocation depends on a variety of factors. These include the quality of the geolocation database and the method that is used to determine the geographic location of the IP address.
What is Geofencing?
Geofencing is an extension of geolocation. Once a device’s geographic location can be determined through geolocation, “Geofencing” can be used by a website or application to ensure that devices outside of an authorized area are denied access.
IP geofencing works by creating a virtual radius at a set distance around a fixed point on the globe. By comparing the latitude and longitude coordinates of a user’s device, with this fixed point, the distance between them can be calculated. This calculation will determine whether the user’s device falls within the set virtual radius.
Access form any device which falls outside of a set radius of the central fixed location can then be blocked.
Geolocation applications within MIDAS
Initially, there are two main areas within our booking software where geolocation information can be shown.
First, is the Recent Activity Log. This audit log in MIDAS records all user activity and actions taking place in your booking system. Each entry in the log is time-stamped, and shows the user account and IP address which performed the action.
From MIDAS v4.33, the optional Geolocation addon can be configured to allow location information to be shown for IP addresses in the Recent Activity Log. This location information includes the city, region, and country that the IP address resides in.
The unfamiliar login notifications feature alerts users when their account is signed in to from a new device or location.
These notifications typically include details of the user’s device / browser and their IP address.
Geolocation support now means that you can optionally configure these notifications to now also include the city, region, and country that the login occurred from.
Geofencing applications within MIDAS
Building on the new geolocation support, Geofencing can be used to further enhance the security of your MIDAS system.
It can be used to restrict account logins to certain countries. For example, if your organization only has offices within the United States and the United Kingdom, your colleagues are typically likely to only need to login to MIDAS from within either the US or the UK. You can use geofencing to block any login attempts originating from countries other than the US or the UK.
Geofencing can additionally (or alternatively) also restrict account logins to within a certain distance from your location. For example, if you run a radio station in Manchester, UK, you could restrict logins to your MIDAS system to within say a 10 mile radius of Manchester.
How to enable Geolocation or Geofencing in MIDAS
The new Geolocation and Geofencing features are available for MIDAS v4.33 (or later) via our optional Geolocation addon.
Existing customers with active subscriptions can obtain this addon via mid.as/upgrade.
If you’re new to MIDAS, you can subscribe with the Geolocation addon via mid.as/pricing.
Geolocation data accuracy
The accuracy of IP geolocation data depends on a number of factors, including the quality and freshness of the geolocation database, the method that is used to determine the geographic location of the IP address, and the type of IP address.
The IP geolocation data we use in the Geolocation addon for MIDAS is never more than 30 days old.
In general, IP geolocation data is most accurate for large geographic areas, such as countries or states. It can become less accurate for smaller geographic areas, such as cities or neighborhoods.
That’s why if you use the distance based geofence features of the Geolocation addon, you should always set a larger liberal distance than necessary, rather than a very small strict distance from your location. The Geolocation addon does include an instant IP lookup test tool, so you can check IP distances before you apply them.
The Geolocation addon also includes “fallback” options for both country / distance geofence enforcement. For IP addresses where a country and/or latitude and longitude coordinates cannot be determined, you can configure MIDAS to either block or allow these connections.
It’s also worth noting that the accuracy of IP geolocation data can be affected by the use of proxy servers and VPNs. Proxy servers and VPNs can mask the true IP address of a device, making it difficult to determine the device’s geographic location.
These days, around two thirds of our customers opt for our cloud-hosted edition. Despite this, we’re still very much committed though to offering and supporting a self-hosted edition too.
Now, one of the challenges in developing a web-based application like MIDAS is that it relies on 3rd party components.
For example, to run a web based application, you first need a web server that supports the coding language the web application is written in. You also need a database server to store data for the application.
Countless combinations
Web servers first and foremost need an operating system (like Windows or Linux). They also require underlaying web server software – such as Apache or IIS – to name just two. There are of course numerous operating systems and server software, with different variations and configurations of each.
MIDAS is written in Perl. There are a number of different “flavors” of Perl for different operating systems. For example, on Windows servers both ActivePerl and Strawberry Perl are available.
Finally database servers; MIDAS currently supports MySQL and MariaDB databases, and different versions of each of these.
Here at MIDAS HQ, we have test MIDAS systems running on a range of common setups. However, it would be virtually impossible for us to test our software on every conceivable combination of Operating System, Web Server, Perl, and Database versions.
Although rare, if a self-hosted customer encounters an issue with our software on their particular setup, we’re usually able to replicate it in our labs and provide a solution.
Very occasionally though a self-hosted customer encounters an issue which we’re not able to readily identify and reproduce.
As we (rightly) don’t have access to self-hosted customer’s own servers, this can make troubleshooting challenging.
It can be even more challenging if the self-hosted customer (or their IT provider) is not especially server-savvy. For instance, we may occasionally request files from a customer to aid in our troubleshooting…
A real-world example
In a recent support request, a self-hosted customer encountered an issue after updating their MIDAS system. We weren’t able to immediately replicate this in our testing, and so we requested additional information from the customer. The customer had to contact their IT supplier for assistance in retrieving these files from their MIDAS. Their IT supplier was slow in providing the requested information, which we didn’t receive for a couple of weeks.
Once in receipt of the additional information, however, we were able to identify and resolve the issue within a couple of hours. The customer though was understandably frustrated that it had taken two weeks to resolve (due to the delay with their IT supplier).
As a result of this, we decided to take steps to make it easier for us to support self-hosted customers in the future.
Helping us to help you!
So starting with MIDAS v4.33, there’s now an option for a self-hosted customer to send us diagnostic information directly from within their MIDAS system. This bypasses situations where a customer may have to contact or raise a ticket with their external IT support/provider in order for us to assist them.
If you run into an issue with your self-hosted MIDAS system, our support team may provide you with a “Support Code”. Simply login to your MIDAS system and go to MIDAS Admin Options → Manage MIDAS → Database → Database Tools, and select “Send Support Bundle”.
You’ll be prompted to enter your Support Code before clicking the “Send Support Bundle to MIDAS” button. Your MIDAS system will then self-generate diagnostic information. This information is then securely sent to our support team for further analysis.
The following data is included within the support bundle that’s securely transmitted to MIDAS HQ:
A copy of the program files which make up your MIDAS system
A copy of the settings file for your MIDAS system
A copy of your MIDAS database
A copy of any MIDAS debug logs
Information on your server setup
This diagnostic data can really aid our support team speed up the diagnosis of the potential issue you’re having with your self-hosted MIDAS system.
The 31st of March each year is World Backup Day. This day is designed to help raise awareness of the importance of keeping your critical data backed-up.
A “backup” is an additional copy of all your important files and data – for example, your family photos, home videos, documents and emails.
Instead of keeping a single copy just in one place (like your computer), the idea is that you also keep another secondary copy of everything somewhere else as well. That way, if anything should happen to the device where your original data is stored, you’ll still have a “backup” copy stored elsewhere.
Here at MIDAS HQ, we strongly believe in the importance of regularly backing-up data you can’t afford to loose. We’ve built in a number of backup features to our leading room booking and resource scheduling software to do just that!
How MIDAS backs up your data
MIDAS seamlessly makes complete and automated backups of its own database. It does this upon the first successful login each and every day. These backups are compressed, and typically backups are less than 1MB each in size. Backups are also encrypted, and stored on your MIDAS server for a length of time you specify, typically 7-30 days.
To further protect your data, these automated daily backups can optionally also be emailed daily to a specific email address too. This feature allows you to retain your own “off-site” copies of your MIDAS data within no effort!
In addition to the automated daily backups which your MIDAS system takes, we also provide the ability to instantly generate an backup at any time too! An administrator can navigate to MIDAS Admin Options → Manage MIDAS → Database, and use the one-click “Backup Now” button. We really couldn’t make it easier to backup your MIDAS data on-demand!
Restoring Backups
Database backups (whether generated manually or automatically) can be easily and readily restored at any time. You can choose to partially restore a part of a backup, or restore it in full – at any time, all through a simple interface. This may be accessed through MIDAS Admin Options → Manage MIDAS → Database → Restore. So, should you ever wish to “roll back” your MIDAS system to an earlier point in time, or if you suffer a massive server failure and loose data, you can have your MIDAS system back up and running again in no time!
For our “cloud hosted” customers, we also take complete database backups three times a day. A daily backup is then separately stored off-site for a period of six months.
So as you’ll see from the above features and processes we’ve built into our software, we take backups seriously! We make it painless to ensure your important MIDAS booking data can be easily backed up and restored with minimal fuss!
Whilst you can be confident your MIDAS data is taken care of, why not take a moment to backup your own important personal files on World Backup Day? Your family photos, home videos, documents and emails are important! Can you afford to loose them!? Yes, it may be a little tedious, but you’ll be glad you did should anything ever happen to your files!
How many backups of my important data should I make?
As a general rule, it’s a good idea to have at least three copies of your important data. At least one of these copies should be kept off-site or in the cloud. This is known as the 3-2-1 backup rule.
Here’s what it means:
Keep at least three copies of your data, including the original data and two backups.
Store the copies on two different types of media, such as an external hard drive and a cloud storage service.
Keep one of the backups off-site. Either in a different physical location or in the cloud, to protect against disasters like fire, theft, or flooding.
By following the 3-2-1 backup rule, you can ensure your important data is protected even if one copy is lost, damaged, or destroyed.
It’s also a good idea to regularly test your backups too! Testing a backups ensure they are working properly in the event you’ll need to access them. It’s important to update your backups regularly too – to keep them current.