Mr. Kilo-Watt: A Potentially Traitorous Partner in Your IT Operations
February 12, 2008 - By Justin E. Gehrke
By Justin E. Gehrke, CISSP, MCSA, Security+, A+
Anyone who has lived in or spent an extended amount of time in Puerto Rico knows that electric power outages, brown-outs, and surges are all too common. If your Business Network relies on intranet or internet connectivity to send and receive email, process orders, manage databases, or run Point of Sales (POS) computers, even a short outage can prove costly.
The unplanned shutdown of computer equipment when a failure occurs results in the immediate loss of any unsaved data or processes. Once the power returns, the resulting power surge may damage sensitive components within workstations and servers. While many businesses plan for a portion of the problem by installing a generator, the necessity for Uninterruptable Power Supplies (UPS) is often overlooked. Basic Surge Protectors, purchased at your local office supply or computer store, only prevents damage from a mild surge or brown-out. They do not, though, prevent the computer or server from shutting off abruptly. UPS devices are designed to absorb the surge and ensure the machine’s operation continues unaffected. If the power returns quickly, the need for generator power is negated. If the outage persists, you or your managers have time (Thanks to the UPS!) to restablish generator-based operations and allow your IT infrastructure components to revert to regular power. How much protection do you need? How many devices can be safely supported? What is your average power consumption? These questions and more must be answered only after formula-based analysis of your company’s Maximum Tolerable Down-Time. This process is part of a larger one that examines all aspects of your IT-related operations in order to develop a sound Continuity of Operations Plan (COOP) and Disaster Recovery Plan (DRP). With regard to UPS selection or the the planning process, as a whole, the cost of preventive measures should be based on the probability of the occurence of the threat (e.g. extended power outage, flooding, network intrusion, etc.). While online searches may provide you with the basic knowledge of what is required, your planning and implementation process should ultimately include the consulting services of a Certified Information Systems Security Professional (CISSP). The cost incurred for these industry-recognized and specially-trained professionals will be far less than than the cost of improper planning to your company’s bottom line.
Justin E. Gehrke is the founder of Geek Shui Living and an admitted obsessive-techno-compulsive who loves all things Geek. As a right and left-brained, packet-based being, he is available for independent consulting in the areas of IT and Network Security planning and testing, as well as web development and creative design. Send packets to him at GeekusGrandeus@geekshuiliving.com
