If your organization is operating online, whether it be via an externally-hosted website, a SaaS application or an Internet-exposed internal server, it’s likely the risk of downtime has been discussed and you’ve put plans in place to minimise the impact. But if you’re just starting out or have recently reverted to online methods because of the current climate you may not realise the risks associated with downtime.
Internet-facing systems such as websites can experience a number of issues, including:
Unless you’re on your website or web service all the time, you may not be the best person to detect if it’s working or not. Simple tools are available to perform a basic “ping” to check that the website is there, but often it’s not an all or nothing issue; it may only be your potential customers who realise that your checkout is not working properly because of a failed update. If you’re lucky, one of them will contact you to make you aware, but this could take days and for a busy ecommerce website, that’s a lot of lost revenue.
What you really need is a way to automatically simulate the kinds of actions that your customers do all the time, such as looking at products, selecting a currency and going through the checkout process. And to do this many times a day from as many locations as possible so that you’re the first to know if there’s a problem.
That’s where our partners at UpTrends come in. We at Certikit use them ourselves and we have no hesitation is suggesting you take a look at them too. Their innovative software can monitor your website, APIs and servers from over 200 locations around the world, checking that key features are working and providing you with alerts to keep you informed and ready to act quickly if required. You can find out more information about their service on our website.
The ISO27001 Information Security Management standard is a risk-based approach and helps identify potential issues and solutions within your business. If one of the risks identified is downtime, then you’ll be guided through how to analyse the threat level and implement solutions to lower the risk. As well as monitoring, risk treatments can often include back-ups, software update management and incorporating third-party applications to help.
As part of your risk treatment, a scheduled maintenance programme can also contribute towards ensuring that everything is being done to prevent downtime. This can include:
1) Server testing and back-ups – If your server or website does go down, it’s important to get it back online quickly. Regular checks and testing of back-ups are key to returning to business as usual.
2) Regular updates – Maintain the security of your web servers by performing regular updates and patches in a managed way. Automating security updates where possible saves time and ensures they are being completed.
3) Monitoring – Monitoring your servers can help establish if there are any red flags before the impact is seen by your customers. As we mentioned, this is where our partners at Uptrends can help. They offer a complete website monitoring solution for organizations of all sizes.
Many businesses rely strongly on their website to interact with customers and make sales, and if it’s down then it can be a big problem. But knowing it’s not working as it should can be a challenge and if you’re not on the ball issues can last for days, where your customers are aware but you’re not. Taking basic precautions such as effective monitoring, backups and update management can help to address the risk and keep your organization’s reputation intact.