"What keeps you up at night?" Ask that question to anyone working in an IT department, and you're likely to hear a common answer: outages and downtime.
Any time systems are offline, there is potential for business interruption and risk. And when your PKI – the infrastructure that encrypts, signs, and authenticates the people, systems, and things in your organization – is down, the risk grows higher. In the event of a failure, the time it takes to make a management decision to cut over to the backup system, you're likely to get downtime. And if that backup system does not sync properly, it complicates deployments and recovery time is increased even further.
So what's the solution? High availability.
What does "high availability" mean?
Gartner defines "availability" as "the assurance that an enterprise's IT infrastructure has suitable recoverability and protection from system failures, natural disasters or malicious attacks." And "high availability" (HA) is assurance of the highest possible availability.
There are two types of downtime: planned and unplanned. Planned downtime – when an upgrade or patch is being applied for example – gets scheduled in advance, and the maintenance window is communicated. Even though that activity and timing is planned, much effort goes into limiting the amount of downtime.
Unplanned downtime, of course, is unforeseen. The panic sets in either while you wait for the system to cut over to the backup, or while trying to diagnose and resolve the unexpected error. Events that can cause unplanned downtime include:
How can you achieve high availability?
The key to high availability with your PKI is with clusters. For organizations who see high availability as an absolute requirement, best practices mean clusters of both your CA and hardware security modules (HSMs). High availability designs are meant to automatically detect and react to a failure. With an HA upgrade for your CA, the system will continue to be fully operational with the remaining cluster components in the event of an unexpected failure with your system or planned maintenance window – that's high availability.
With Entrust Datacard’s latest release of Security Manager, the world's leading public key infrastructure (PKI), organizations are able to achieve high availability with their CA. It is our next-generation PKI platform, tailored to meet the demanding needs of encryption everywhere strategies, and supporting the modern demands required of CAs, including: high availability, significantly increased throughput and horizontal scalability.
For more information on high availability – and what else to look for in a PKI provider – check out these resources: