Common Single Points of Failure in IT Systems and How You Can Avoid Them
Single points of failure (SPOF) are areas of your network vulnerable to hackers, power outages, or even just hardware or software failure. When one of these components fails, the result is massive outages for your business. Most small businesses build a network based on a strict budget. Redundancy is how you avoid SPOFs, but it’s an expensive addition to the network. However, losing your business performance due to an outage is even more expensive. Here are common SPOF and what you can do to avoid them.
Hardware is the most frustrating SPOF, because it usually fails unexpectedly. Each component on the network should be redundant. If a router fails, you should have a failover router that can take over for it. Network performance might suffer a bit, but your users should still be able to work. The big difference between an outage and slower redundant systems is that an outage can brutally hurt revenue.
Other redundant hardware includes servers, switches, power supplies, and any other critical component. For instance, the authentication server should be duplicated. If users can’t authenticate from a server crash, the secondary failover server takes over.
Power supplies are often overlooked. Any cabling or power sent to your hardware should have a backup. Power outages can happen to any number of components, and they usually result with multiple system failures since one outlet is used across multiple hardware components.
Another common SPOF is your ISP. What if you lose Internet for a day due to an ISP outage? Would your company be able to function? Even having two cable Internet accounts won’t help you if your ISP fails. The best way to avoid this type of failure is to have a main cable connection and a secondary DSL Internet connection.
You can have other SPOFs from providers. If your VoIP service is using a third party, it too can be the cause of failure. Always have a backup or at least a way to fail over to another system should a critical one fail.
Infrastructure-as-a-Service (IaaS) is common for small businesses, because they can gain access to high-end hardware without the cost. However, if you rely on the cloud, you put yourself at risk of an outage should the cloud provider fail. Your provider should have a failover route should they suffer from an outage.
Cloud providers are also at risk of cyber threats such as denial-of-service (DoS) attacks. These attacks can crash resources and slow performance to unsustainable levels. Whether you keep failover systems in-house or in the cloud, always have a way to perform daily business tasks without the provider.
People are one of IT’s biggest threats. Whether it’s a vendor, an employee, or even an outside attacker, people are responsible for breaches more often than hardware or software. The two biggest threats to businesses are social engineering and disgruntled employees.
Social engineering is a broad term. Hackers use social engineering as a way of gaining access to systems with the victim’s credentials. For instance, the hacker calls one of the customer service representatives and says he’s from the IT department. He then tricks the rep into giving up her user name and password. This then gives the hacker access using the rep’s credentials. With them, the hacker won’t alert IT of any malicious attacks on the system since he can legitimately log in without any type of suspicious activity.
Phishing is also common with social engineering. The hacker sends malicious files with email messages and gains access to the employee’s computer. This is becoming more common in data breaches. Hackers even target executives to gain access with high-level permissions.
Disgruntled employees are a problem for data theft and espionage. Disgruntled employees steal data and send the information to competitors. It’s also becoming much more common with small businesses.
Before you can figure out your SPOF, you must do an audit on your system. Audit your network for all of the aforementioned SPOF possibilities. Once you find them, it’s time to implement redundancy. This can be costly, but it will greatly reduce the chance that just one outage will cost you thousands of lost revenue dollars.