If you’re in need of proof that the always instant everything nature of the internet has made people impatient, consider how you’re feeling at this exact moment. When is this article going to get to the point? I was promised a guide, where is the guide? You’re probably thinking that this is not the guide. – Relax, this is the guide. The tips are coming. Promise.
The internet has definitely upped the impatience of most people. Whatever they’re trying to access, they want to access it immediately. And if it’s your users trying to access your website or online services, and they can’t? It’s hard not to think worst-case scenario: decreased consumer confidence, decreased revenue, and worse if the outage is caused by a DDoS attack.
Every popular site has had its own set of server issues and even though it’s, in most cases, are growing pains, there are also people that just want to hurt your business by malicious actions. Unplanned downtime is going to happen whether you like it or not.
Here are a few steps you can take to prepare for and survive your website’s unplanned downtime.
Step 1 – Be aware of what can cause unplanned downtime
We’re going to leave aside disaster scenarios since the process picking up the pieces after an earthquake or fire can’t be covered in a brief guide. So two of the downtime causes you need to be cognizant of are component failures, such as file corruption, hardware failure, software defects and programming errors, or operator error, which basically accounts for any of the things that go wrong when someone who isn’t qualified to be in charge of IT operations has somehow ended up in charge.
Another cause of unplanned downtime, and perhaps the most worrisome cause, is malicious attacks. DDoS attacks, or distributed denial of service attacks, are a major cause of unplanned outages. Do you remember the Sony attacks? Ring a bell? Not only do DDoS attacks cause outages that result in user frustration and loss of consumer trust, they can also cause damage to hardware and software, and theft of customer data, financial information and intellectual property.
Step 2 – Have a response plan in place
Now that you’re aware of the main causes of unplanned downtime, you can begin the process of preparing for these scenarios. This will involve performing a thorough risk assessment, determining where you’re vulnerable and identifying other risk factors, such as the nature of your industry (e.g. Dependent on constant up-time, highly competitive, etc.) A major part of your response plan is identifying your response team. In the event of an incident, who will be responding, and what are their specific duties? What steps will they need to take to rectify the problem? Knowing this ahead of time helps minimize confusion and minimize response time.
Preparing a response plan for a DDoS attack is a process that involves some specific considerations. According to anti-DDoS services provider Incapsula, your DDoS response plan has to take into consideration methods of detection, time to mitigation, user classification and possibly a web application firewall.
Step 3 – Keep your users informed
The instinct to pretend nothing’s happening and hope no one notices is understandable. But it’s also incorrect. When your website or online service goes down or noticeably slows down, you’re probably going to have to acknowledge it in order to keep the trust of your users. Determine how slow your website can get or how long you can go with an outage before you have to put up a message about it.
You don’t have to give out specifics on what’s happening while you’re dealing with the issue. Simply acknowledge that the site is slower than usual due to high traffic volume, or acknowledge that you are experiencing an unplanned outage, and state that you are working to fix the issue and will provide updates as needed.
As you’ve probably assumed, once the incident is over with, you’re also going to have to apologize for the inconvenience and show users that you have a thorough understanding of what occurred and have taken or are taking steps to keep it from happening again.
Step 4 – Learn from it
Look, the best defense is a good offense. You would be better off if you invested in security solutions like professional DDoS mitigation before ever experiencing an attack or unplanned downtime. However, for various reasons, some businesses or websites just feel as though they aren’t in a position where they can or should do so. And that’s fine.
However, once an incident has occurred, you have to keep it from happening again because the consumer or user trust that remains after one unplanned outage will erode sharply with a second. If that means replacing hardware or software, you do it. Same for training or replacing employees that aren’t up to par. And it’s especially important to get anti-DDoS protection in place if you’ve been targeted with a DDoS attack – 74% of organizations that are targeted with a DDoS attack are targeted more than once.
The bottom line
The two essentials for dealing with unplanned downtime or outages are 1) not panicking (because you are prepared), and 2) essentially being as impatient as your users and getting to your response plan as quickly as possible. Remember: to err is human, to fix it quickly is divine.
How To Survive Unplanned Downtime