Linode

From LIMSWiki
Revision as of 17:01, 4 August 2023 by Shawndouglas (talk | contribs) (Updated for 2023.)
Jump to navigationJump to search
Linode
Industry Cloud computing, Web services, Internet
Founder(s) Christopher Aker
Headquarters Philadelphia, Pennsylvania, United States
Area served Worldwide
Key people Christopher Aker (CEO)
Products IaaS, DBaaS, DaaS
Revenue $10–100 million (estimated)[1]
Parent Akamai
Website linode.com


Linode is a privately-owned American cloud computing company that provides public and private cloud services that feature "Linux virtual machines, storage, networking, and developer tools" for users to scale their cloud infrastructure.[2] Linode has 14 data centers, with seven in the U.S., three in Europe, as well as centers in Mumbai, Tokyo, Singapore, and Sydney.[3] Linode provides a variety of different products and services, representing virtual computing, networking, data storage, security management, container management, media management, and managed and professional services.[2]

In February 2022, Akamai, which offers a content delivery network (CDN) and edge computing services, announced that it was acquiring Linode for $900 million, allowing Akamai to "become the world’s most distributed compute platform, from cloud to edge."[4]

Provider research

This section uses public information to provide some answers to the 18 questions posed in Chapter 6 of the wiki-based guide Choosing and Implementing a Cloud-based Service for Your Laboratory. In some cases, public information could not be found, and a recommendation to further discuss the question with the cloud service provider (CSP) is made.


1. What experience do you have working with laboratory customers in our specific industry?

It's not apparent if any laboratories or laboratory informatics vendors are using Linode. Contact a Linode representative to determine if they can supply any use cases from laboratories or laboratory software developers.


2. Can your solution readily integrate with our other systems and business processes, making it easier for our end users to perform their tasks?

It will ultimately be up to your organization to get an answer from Linode tailored to your systems and business processes. However, this much can be said about Linode integrations. The company offers a collection of integration tools for customers using the Linode platform, including Terraform, Rancher, Ansible, and Pulumi. These tools allow you to "connect infrastructure and dev tools to the Linode platform."[5] Customers can also create their own integrations using Linode API.


3. What is the average total historical downtime for the service(s) we're interested in?

Some public information is made available about historic outages and downtime. Linode has a systems status page with status history (you have to click on the "Incident History" link at the bottom, then the date range arrows in the top right of the subsequent page). You should be able to read through the incident details for each issue, going back through a fair amount of history. This will give you a partial picture of the issues experienced in the past, as well as any scheduled maintenance and currently impacted services. A follow-up on this question with a Linode representative may reveal more historical downtime history for the services you are interested in.


4. Do we receive comprehensive downtime support in the case of downtime?

A post from 2011 indicates that they "open support tickets for all emergency maintenance events."[6] The company's support page adds that their "service team has no tiers, no bots, no hand-offs, just highly trained professionals who answer your questions and solve your issue."[7] Linode appears to be fairly open about downtime support, but discuss the topic further with a representative to confirm.


5. Where are your servers located, and how is data securely transferred to and from those servers?

Linode has 11 data centers, with five in the U.S., two in Europe, and centers in Mumbai, Tokyo, Singapore, and Sydney.[3] These data centers have their own product availabilities. Linode used to have a content delivery network, Nodeboost[8], but it shut down in 2020.[9] As for data in motion, Linode notes[10]:

By default, Linode’s Object Storage uses a default TLS certificate for subdomains of linodeobjects.com to encrypt data in transit. In some cases however, it may be more desirable to use your own custom SSL certificate. Object storage supports the importing of your own TLS/SSL Certificates in order to encrypt connections with your bucket in transit. Currently, you can Upload custom TLS/SSL certificates directly through the Linode Manager, the Linode CLI, and the Linode API.

Outside of a few casual mentions of data localization and residency when discussing new data center openings, Linode doesn't discuss data residency much. Contact a Linode representative to talk about this and other aspects of data storage and transport.


6. Who will have access to our data (including subcontractors), and what credentials, certifications, and compliance training do they have?

Linode notes the following about physical security in relation to personnel[11]:

  • "Access to the data center floor is restricted to data center employees and authorized visitors."
  • "All employees and visitors are identified using biometrics and state issued Ids before entering the facility."
  • "All of Linode's systems are segregated from other tenants by locking cabinets. Only datacenter staff assigned to supporting Linode systems have access to the keys."

However, Linode doesn't publicly mention anything about the certifications and compliance training any of those personnel have. This is a conversation to have with a Linode representative.


7. Will our sensitive and regulated data be stored on a machine dedicated to complying with the necessary regulations?

Not all Linode machines have the same controls on them; it will depend on the region, product, and compliance requirements of your lab. That said, verify with a representative that the machine your data will land on meets all the necessary regulations affecting your data. (Note that Linode has a few questions concerning HIPAA; see #14.)


8. How segregated is our cloud data from another customer's, i.e., will lapses of security of another customer's cloud affect our cloud? (It typically won't, but asking the question will hopefully prompt the provider to better explain how your data is segregated.)

It appears Linode doesn't say much about physical or logical separation. The word "segregation" barely appears on the website. However, Linode did mention single- and multi-tenancy under the topic of bare metal servers. However, as of December 2022, these bare metal options were shown as a "future" option; the page was removed in early 2023, so it's not clear if the service is no longer being worked on.[12] As such, it's not clear how the company approaches segregating cloud data, deserving a conversation with a representative.


9. Do you have documented data security policies?

Linode documents its security practices in several places:

Some security-related documents, like the SOC 2 report, may not be publicly available, requiring direct discussion with an IBM Cloud representative to obtain them. (Note that little information about SOC 2 audits are listed on the website, aside from the certifications on their data centers.)


10. How do you test your platform's security?

Customers can conduct penetration testing on their own servers, though permission is required for such tests on servers that aren't the customer's. As for Linode running attack-and-defense drills or breach and attack simulations on its own infrastructure, no public information could be found regarding this. You'll have to discuss this topic with a Linode representative.


11. What are your policies for security audits, intrusion detection, and intrusion reporting?

Audits: Customers can conduct their own security audits on their Linux systems using Lynis. As for how Linode goes about its security audits on its own infrastructure, public answers are few, even outside of the little documentation there is about compliance. A frank discussion with a Linode representative will be required to determine the extent of auditing activities on its infrastructure.

Intrusion detection and reporting: Linode provides a walk-through of how to monitor system processes and SSH connections, as well as review security system logs. You can also us the Elastic Stack "to help monitor and visualize security threats to your machine."[13]


12. What data logging information is kept and acted upon in relation to our data?

While Linode offers customers tools like Lynis and Elastic Stack to analyze their own logs, it's not clear what data logging information Linode collects and uses in relation to customer data. You'll have to discuss this with a Linode representative.


13. How thorough are those logs and can we audit them on-demand?

Linode users can view their own logs. However, it's unclear if you are able to audit internal Linode operation logs on-demand. This is a conversation to have with a representative.


14. For HIPAA-eligible data (e-PHI) we may have, will you sign a business associate agreement?

The company is vague on whether it will actually sign a business associate agreement. The way it words its statement, it sounds like it places all the responsibility on you, the customer[14]:

Covered entities and their business associates subject to the U.S. Health Insurance Portability and Accountability Act (HIPAA) can maintain compliance using Linode as their Cloud Hosting provider. While Linode provides the platform and does not generally engage in activities or functions that make it a HIPAA Business Associate, the compliance responsibilities are handled by your organization. Specifically, a customer that subscribes to use a cloud server offered through Linode has the exclusive authority and ability to manage all technical safeguards required by HIPAA with respect to its PHI, including access controls, audit controls, integrity, authentication and transmission security ... By following the U.S. Department of Health & Human Services standards for the security of electronic protected health information, a company can become HIPAA compliant on a Linode.

The company makes no mention of actually signing an agreement. You'll have to contact a representative to verify.


15. What happens to our data should the contract expire or be terminated?

Linode's Master Services Agreement is puzzling, and it's not clear what legal obligation Linode has to your data upon contract expiration or termination. This requires thorough discussion with a Linode representative.


16. What happens to our data should you go out of business or suffer a catastrophic event?

It's not publicly clear how Linode would handle your data should they go out of business; consult with a representative about this topic. As for catastrophic events, unlike other major cloud providers, Linode doesn't appear to use three-zone regions to improve resiliency, likely since it's a smaller alternative CSP. It appears, however, that a user can set up multiple nodes on the same data center to limit the effects of catastrophic failure (a tutorial is provided by Linode). However, issues still may occur. In its Master Services Agreement, Linode adds[15]:

Linode will implement appropriate measures to secure Covered User Data against accidental or unauthorized access, transmission, loss or disclosure in accordance with applicable laws as described in the Overview of Technical and Organizational Measures in the Akamai Privacy Trust Center. Unless otherwise expressly specified by an applicable Service Order, Linode shall have no obligation to maintain Covered User Data, backup Covered User Data, or otherwise store Customer Data on behalf of any Covered User.

Customers are encouraged to discuss data availability and loss with a representative.


17. Can we use your interface to extract our data when we want, and in what format will it be?

Linode provides several pieces of guidance on how to download files, database dumps, whole disks, and backups from Linode.


18. Are your support services native or outsourced/offshored?

It is unclear if support personnel are local to the customer or if support is outsourced to another business and country. Discuss this with a Linode representative.

Managed security services

Linode doesn't appear to explicitly advertise "managed security services." Linode does, however, offer a managed services portfolio through its Linode Managed Service offering, described as "an incident response service designed to help businesses cut out costly downtime."[16] This incident response service appears to include uptime and responsiveness tracking and repair, server management software cPanel, dashboard metrics, backups, discounted professional services, and complimentary site migration.[16]


Additional information

Documentation and other media

External links

References

  1. "Linode Revenue, Growth & Competitor Profile". Inc Fact. 24 July 2023. http://incfact.com/company/linode-galloway-nj/. Retrieved 04 August 2023. 
  2. 2.0 2.1 "Products - The Linode cloud platform, infrastructure for innovation". Linode. https://www.linode.com/products/. Retrieved 04 August 2023. 
  3. 3.0 3.1 "The Linode Backbone". Linode. https://www.linode.com/global-infrastructure/. Retrieved 04 August 2023. 
  4. Lardinois, F. (15 February 2022). "Akamai acquires Linode for $900M". TechCrunch. https://techcrunch.com/2022/02/15/akamai-acquires-linode-for-900m/. Retrieved 04 August 2023. 
  5. "Integrations". Linode. https://www.linode.com/products/integrations/. Retrieved 04 August 2023. 
  6. raindog308 (2011). "Downtimes due to server maintenance? Avoidable?". Linode Community. Linode. https://www.linode.com/community/questions/5745/downtimes-due-to-server-maintenance-avoidable#answer-26934. Retrieved 04 August 2023. 
  7. "Linode Support". Linode. https://www.linode.com/support/. Retrieved 04 August 2023. 
  8. nodeboostio (August 2016). "Linode CDN - nodeboost.io". https://www.linode.com/community/questions/10820/linode-cdn-nodeboostio. Retrieved 04 August 2023. 
  9. "nodeboost.io". Twitter. 18 May 2020. https://twitter.com/nodeboost?lang=en. Retrieved 04 August 2023. 
  10. Linode (21 October 2020). "Upload a Custom SSL/TLS Certificate on Object Storage". Linode. Archived from the original on 17 January 2022. https://web.archive.org/web/20220117074226/https://www.linode.com/docs/guides/enable-ssl-for-object-storage/. Retrieved 04 August 2023. 
  11. "Security". Linode. https://www.linode.com/legal-security/. Retrieved 04 August 2023. 
  12. "Control and Customization with Bare Metal". Linode. Archived from the original on 26 November 2022. https://web.archive.org/web/20221126090038/https://www.linode.com/products/bare-metal/. Retrieved 04 August 2023. 
  13. Lescher, A. (28 October 2020). "Visualize Server Security on CentOS 7 with an Elastic Stack and Wazuh". Linode. https://www.linode.com/docs/guides/visualize-server-security-on-centos-7-with-an-elastic-stack-and-wazuh/. Retrieved 04 August 2023. 
  14. "Compliance". Linode. https://www.linode.com/legal-compliance/. Retrieved 04 August 2023. 
  15. "Master Services Agreement". Linode. 4 January 2023. https://www.linode.com/legal-msa/. Retrieved 04 August 2023. 
  16. 16.0 16.1 "Managed". Linode. https://www.linode.com/products/managed/. Retrieved 04 August 2023.