1
00:00:00,005 --> 00:00:02,003
- [Narrator] Business
continuity professionals

2
00:00:02,003 --> 00:00:04,006
have a variety of tools at their disposal

3
00:00:04,006 --> 00:00:08,005
to help remediate potential
availability issues.

4
00:00:08,005 --> 00:00:10,009
One of the critical ways
that IT professionals

5
00:00:10,009 --> 00:00:13,002
protect the availability of systems

6
00:00:13,002 --> 00:00:15,005
is ensuring that they are redundant.

7
00:00:15,005 --> 00:00:17,006
That simply means that
systems are designed

8
00:00:17,006 --> 00:00:20,006
in such a way that the
failure of a single component

9
00:00:20,006 --> 00:00:23,000
doesn't bring the entire system down.

10
00:00:23,000 --> 00:00:24,006
Business can continue in the face

11
00:00:24,006 --> 00:00:27,006
of a single predictable failure.

12
00:00:27,006 --> 00:00:30,005
The single point of
failure analysis process

13
00:00:30,005 --> 00:00:33,001
provides security
professionals with a mechanism

14
00:00:33,001 --> 00:00:36,001
to identify and remove
single points of failure

15
00:00:36,001 --> 00:00:37,009
from their systems.

16
00:00:37,009 --> 00:00:39,004
Let's look at an example.

17
00:00:39,004 --> 00:00:42,001
Here we have a simple
web-based application,

18
00:00:42,001 --> 00:00:44,006
a web server protected by a firewall

19
00:00:44,006 --> 00:00:46,000
and connected to the internet.

20
00:00:46,000 --> 00:00:48,008
As we conduct a single
point of failure analysis,

21
00:00:48,008 --> 00:00:51,006
we might first notice
that the web server itself

22
00:00:51,006 --> 00:00:53,002
is a single point of failure.

23
00:00:53,002 --> 00:00:55,001
If anything goes wrong with the server,

24
00:00:55,001 --> 00:00:57,005
the web service will stop functioning.

25
00:00:57,005 --> 00:01:00,002
We can correct the situation by replacing

26
00:01:00,002 --> 00:01:02,006
the single web server
with a clustered farm

27
00:01:02,006 --> 00:01:06,003
of servers that are all designed
to provide web services.

28
00:01:06,003 --> 00:01:09,009
The cluster is designed so
that if a single server fails,

29
00:01:09,009 --> 00:01:12,006
the other serves may
continue providing service

30
00:01:12,006 --> 00:01:13,008
without disruption.

31
00:01:13,008 --> 00:01:15,006
Once we've implemented the cluster,

32
00:01:15,006 --> 00:01:18,007
we've removed the server as
a single point of failure.

33
00:01:18,007 --> 00:01:21,005
Next, we might turn our
attention to the firewall,

34
00:01:21,005 --> 00:01:24,004
another single point of
failure in this scenario.

35
00:01:24,004 --> 00:01:26,000
If the firewall goes down,

36
00:01:26,000 --> 00:01:29,000
internet users will not able
to reach the web server,

37
00:01:29,000 --> 00:01:31,002
rendering the web service unavailable.

38
00:01:31,002 --> 00:01:35,003
Therefore, the firewall is
also a single point of failure.

39
00:01:35,003 --> 00:01:37,006
We can correct the situation by replacing

40
00:01:37,006 --> 00:01:41,005
the firewall with a pair of
high availability firewalls

41
00:01:41,005 --> 00:01:43,006
where one serves as a backup device

42
00:01:43,006 --> 00:01:46,001
standing by to step in immediately

43
00:01:46,001 --> 00:01:48,007
if the primary firewall fails.

44
00:01:48,007 --> 00:01:50,007
By replacing the single firewall

45
00:01:50,007 --> 00:01:52,005
with a high availability pair

46
00:01:52,005 --> 00:01:54,003
we have removed the firewall

47
00:01:54,003 --> 00:01:56,002
as a single point of failure.

48
00:01:56,002 --> 00:01:59,002
But we still have yet another
single point of failure here,

49
00:01:59,002 --> 00:02:02,006
the internal and external
network connections.

50
00:02:02,006 --> 00:02:04,006
As with the web server and firewall,

51
00:02:04,006 --> 00:02:06,009
we can the single point of failure

52
00:02:06,009 --> 00:02:08,009
by introducing redundancy

53
00:02:08,009 --> 00:02:12,004
and having two separate network
connections for each link.

54
00:02:12,004 --> 00:02:15,005
If one fails, the service
may continue to operate

55
00:02:15,005 --> 00:02:16,009
over the other.

56
00:02:16,009 --> 00:02:18,007
This single point of failure analysis

57
00:02:18,007 --> 00:02:22,003
may continue on, identifying
and remediating issues

58
00:02:22,003 --> 00:02:25,005
until either the team
stops finding new issues

59
00:02:25,005 --> 00:02:27,002
or the cost of addressing issues

60
00:02:27,002 --> 00:02:29,000
outweighs the potential benefit.

61
00:02:29,000 --> 00:02:30,008
Single point of failure analysis

62
00:02:30,008 --> 00:02:33,001
is an important part of an organization's

63
00:02:33,001 --> 00:02:37,002
continuity of operations planning efforts.

64
00:02:37,002 --> 00:02:39,001
Organizations should also consider

65
00:02:39,001 --> 00:02:42,002
the other risks facing
their IT operations.

66
00:02:42,002 --> 00:02:44,007
As they conduct IT contingency planning,

67
00:02:44,007 --> 00:02:47,008
they should not only consider
single point of failure

68
00:02:47,008 --> 00:02:49,008
but also all of the other situations

69
00:02:49,008 --> 00:02:52,002
that might jeopardize business continuity.

70
00:02:52,002 --> 00:02:54,004
For example, these might include

71
00:02:54,004 --> 00:02:56,007
the sudden bankruptcy of a key vendor

72
00:02:56,007 --> 00:02:58,008
or the inability to provide computing

73
00:02:58,008 --> 00:03:01,005
or storage capacity
needed by the business,

74
00:03:01,005 --> 00:03:03,008
or even utility service failures,

75
00:03:03,008 --> 00:03:06,002
or any other risk that IT management

76
00:03:06,002 --> 00:03:09,005
believes may disrupt operations.

77
00:03:09,005 --> 00:03:12,003
One final component of
business continuity planning

78
00:03:12,003 --> 00:03:13,009
that is often overlooked

79
00:03:13,009 --> 00:03:16,000
is personnel succession planning.

80
00:03:16,000 --> 00:03:18,000
Information technology depends upon

81
00:03:18,000 --> 00:03:20,009
highly skilled team members who develop,

82
00:03:20,009 --> 00:03:24,006
configure, and maintain
systems and processes.

83
00:03:24,006 --> 00:03:27,000
IT leadership should
work with human resources

84
00:03:27,000 --> 00:03:29,001
to identify those team members

85
00:03:29,001 --> 00:03:31,007
who are essential to continued operations

86
00:03:31,007 --> 00:03:35,004
and identify potential
successors for those positions.

87
00:03:35,004 --> 00:03:38,003
That way, when someone
leaves the organization,

88
00:03:38,003 --> 00:03:40,002
management has already thought through

89
00:03:40,002 --> 00:03:42,009
potential replacements
and hopefully provided

90
00:03:42,009 --> 00:03:45,006
those successors with the
professional development

91
00:03:45,006 --> 00:03:47,006
opportunities they need to step

92
00:03:47,006 --> 00:03:49,008
into the departing employee's shoes.