A single point of failure (SPOF) is any hardware or software component that could potentially render the entire system unusable should the component fail. Redundancy is the key to avoid SPOFs, but startups or small businesses often don’t build their system based on possible failure. Redundancy is expensive, but it’s even more costly when an SPOF isn’t pinpointed and the system crashes. Here are some common SPOFs to watch out for.
Hardware
Hardware tends to be the most critical SPOF. Hardware could be any component that routes network traffic, powers the system, or provides authentication. For instance, when a router fails, there should be another router that can be used for redundancy. Network traffic might be much slower, but users should still be able to communicate, authenticate on the network, and send and receive email messages.
Outsourced Providers
Many small businesses use cloud services or collocated services for their infrastructure. Your ISP could also be a SPOF. What happens when your Internet connection fails? Can you fail over to a redundant provider? Some businesses use cable and DSL. The cable company is the primary ISP vendor, but if it fails they can fail over to DSL. This can also happen with VoIP services for telephone messaging or cloud providers that host infrastructure services.
People are the Biggest Risk
People can be the biggest risk and a single point of failure – and most companies don’t realize it. Whether it’s a simple input mistake or malicious intent, people are one of the highest risks for the organization. They are an especially high risk for small organizations where one person is responsible for several systems. Small businesses are guilty of privilege creep, which happens when a person continues to accumulate more privileges as they change positions. Users should only have permissions on a need-to-know basis. Each time they change positions, the organization should revisit permissions and revoke any of them that aren’t necessary.
[cta id=’18654′]
Some Tips to Audit Your System
Every company should have an IT audit at some point. Whether it’s for security, keeping track of system components, or determining a single point of failure, the system should be audited annually.
For SPOF audits, first establish stakeholders. Who are the people responsible for the system, the organization and the data.
Next, create a document of the system and communication structure. Determine who you will contact should a critical failure happen. Document the numbers to all ISPs, email providers, cloud service providers, and vendors for infrastructure hardware. This document will save you enormous amounts of time and help you expedite bringing the system back up.
Finally, identify any SPOFs and consider what you can do to mitigate the risk. Backup power supplies could help with power outages. Failover servers can help with authentication servers, and redundant routers can ensure that network traffic is always live.
If any of your redundant systems crash, always replace them quickly. Don’t let them sit unusable for too long, or they become useless to the system’s integrity. It’s much more costly to ensure redundant systems, but much more secure for your network performance and infrastructure.
Leave a Comment