Availability

(OBJ 1.2)

Ensure that information, systems, and resources are accessible and operational when needed by authorized users
All about making sure that services, data, and systems are available when they are supposed to be.
When you're considering which system which system or service provider to use you're often going to hear them refer to their availability status by a number of 9s that they can provide.
- 99% (2 Nines)
  - 3.5 Days of downtime per year
- 99.9% (3 Nines)
  - Equates to 99.9% uptime which means 8,760 hours (356 days) are available and can only be down for a maximum of 8.76 hours
- 99.999% (5 Nines)
  - System guarantees a downtime of no more than 5.26 minutes in a year
  - This is considered to be the Gold Standard.

As cybersecurity professionals, we value availability since it can help us with the following

Ensuring Business Continuity
- Your business might be facing significant losses for every minute your system is down
  - Think of an e-commerce site or a Hospital!
  - Cost on average 2 million dollars for hour
Maintaining Customer Trust
- If users cannot access their accounts, their trust in your company is going to go down
- Cause costumers to look for alternative solutions and purchase products or services from your competitors, causing you to lose revenue.
Upholding an Organization's Reputation
- Repeated downtime events cause you to lose revenue and reputation of the organization.

To overcome the challenges associated with maintaining availability, the best strategy is to use redundancy in your systems and network designs

Redundancy is the duplication of critical components or functions of a system with the intention of enhancing its reliability.
- Think of it as having a spare tire in your car
Availability and redundancy go hand-in-hand

There are various types of redundancy you need to consider when designing your systems and networks

Server Redundancy
- Involves using multiple servers in a load balanced or failover configuration so that if one is overloaded or fails, the other servers can take over the load to continue supporting your end users
Data Redundancy
- Involves storing data in multiple places
- If one storage site fails, the data can still be accessed from another location
- Use on-premise backup systems
Network Redundancy
- Ensures that if one network path fails, the data can travel through another route
Power Redundancy
- Involves using backup power sources, like generators and UPS systems to ensure that an organization's systems remain operational during disruption or outages within a local service area