Whether you own a business, or simply own a computer for personal use, the best way to protect yourself is to be aware of the limitations in your systems. A single user with a laptop and a larger organization with hundreds of endpoints often have more similarities than differences in the challenges they face. Obviously these would be at varying degrees as the greater the amount of equipment and data, the higher the risk numbers.
This post covers 4 categories of challenges and their associated risks. Specifically, we discuss the importance of knowing which single points of failure exist. Only in knowing can you determine the best way to deal with your vulnerabilities.
4 Single Point of Failure Categories & How to Address Them
First, it is important to explain the phrase single point of failure. A single point of failure is anything that affects your day-to-day operations in such a way that you can no longer function normally. Most networks, whether private or corporate, have at least a few single points of failure. Luckily, it is far easier to handle vulnerabilities when you are aware of them as this allows you to plan how you want to deal with them once they occur.
The 4 types of failures:
There are hundreds of devices that may exist on your network: computers, laptops, printers, switches, routers, firewalls, servers, wireless access points, storage servers, phones, and more. What is important to consider about each device is which ones will cause imminent failure to other devices, services or systems if it stops operating normally.
For example, if it is only you and you have a single computer, what would you do if your computer crashed? Is there a store nearby selling a model sufficient to replace your existing device? Can you afford to replace the device at any time, expected or not?
Hardware failure can occur with any device. Some replacements can easily be found locally while others must be ordered. The cost to replace, the amount of time to receive the replacement and the time to set the device up once it is in hand should all be considered. Use this information to decide what is the best balance between the risk of having a device fail versus spending funds for equipment purchased only as a backup. In general, the larger the organization the bigger the budget and the greater the need to have redundancy.
The risk: Devices affecting only a single user are the least costly when they fail. When a device like a firewall fails, a device that everyone's usage relies upon, the cost of downtime increases relative to the number of employees affected. If you replace a device before it fails, consider keeping it as a backup in case the newer device fails in the future.
Utilities like electricity and the internet have a great impact. How would your business operate without either of these? Laptops will fare better than desktops without electricity, but both are adversely affected by a lack of internet access.
Are most of your applications and files cloud based? If so, are they also stored locally? Do you have cellular hotpots in place to address this issue? Do you have somewhere nearby that you or staff can go to get online? Higher number of employees mean it is harder to travel to an offsite location. Instead, consider backup power options like generators.
The risk: Unexpected power outages and regular maintenance windows for internet service providers often mean downtime. These windows vary in time and are often unexpected. It is wise to have backup batteries for all hardware devices that do not already have batteries. Additionally, backup cellular hotspots can be purchased for those places that cannot afford to be offline, like restaurants.
Location is the hardest category in this list to control. Are natural disasters common in your immediate area? If so, how can this affect your business? Will you have enough notice to move any equipment? Are you in an area with unstable power, water, internet, or other utilities? A business cannot keep employees without certain minimums being met so these are important aspects to consider.
The risk: If something happens to displace your business, you may suffer catastrophic loss. How quickly can you get back up and running? Can you recover fast enough to prevent damage to your business reputation? Do you have the capital to buy replacement equipment until insurance payouts arrive?
Data is often the most important and most valued part of any individual's or business's assets. This makes it one of the most important categories in this list. Documents, client files, financials, proprietary information, processes and more are vulnerable.
In the absence of data redundancy, including a cloud based backup solution, data is at risk. A device, drive, or server can fail leaving the data on it difficult or impossible to recover. Without data it can be nearly impossible to operate your business.
Even if data is recovered, how much money will you lose while being down? Business continuity, at any level, requires a minimum of having several copies of data, with at least one of those copies in an alternate location. Offsite backups are critical to make sure you can be back up and running when something happens. Most importantly, while hardware can often be replaced fairly quickly, many data files are irreplaceable.
The risk: Consider proprietary information, photos, movies, audio recordings, email, database files and more. These cannot simply be recreated, even if the time and employee power was available.
Nearly every individual and organization has a single point of failure. These single points of failure often fall within four categories: Device, utilities, location and data. Whether starting a business, functioning as an individual or running a large organization, there are many things to consider. The more thorough you are when investigating vulnerabilities, the greater the likelihood you will be prepared to address an issue when it happens.
As always, it is important to be prepared as you can only plan for those things you know exist.