[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 995
  • Last Modified:

Legal Considerations for Fault Tolerance

Are there any legal considerations that I must consider when detrmining what is the level of fault tolerance that I will need when developing the fault tolerance redundancy?
0
gbsepter
Asked:
gbsepter
  • 2
1 Solution
 
maninblac1Commented:
It depends what you mean by legal.  You'll have to be more specific, are you assuring your client legally that their data is protected?  Which no level of fault tolerance provides, raid 5 allows 1 disk to go out, however that doesn't mean you couldn't lose 2 drives at the same time in a lightening strike.  In that case the legal considerations are for you to handle.  If you assure your client legally they are protected and you lose the data you are liable, not the protection itself.  That is if i understand your question correctly.
0
 
gbsepterAuthor Commented:
I quess I am looking more for the way to recognize the role that regulators play prescribing …. assessment criteria and, most importantly, explicitly or implicitly deciding on “fault tolerance” or “residual risk tolerance” criteria. The level of granularity regulators impose on public companies, both big and small, as mandatory requirements has a direct impact on the cost of compliance.
0
 
maninblac1Commented:
I think i see what you're saying, the cost of compliance for most "fault tolerant" solutions is minimal.  At least minimal in terms of material costs.  The risks of employing the solutions almost always are outweighed by their gains.

For example, a fault tolerant solution, let's assume Raid 5 will perform faster than the non fault tolerant solution of doing nothing.
Therefore it is ideal to select this solution because it provides significant gains with minimal impact and risk.

But if you're trying to decide on policy, well you're now stretching into a touchy area.  Ideally it would be nice if all computers in the world were fault tolerant, however the solutions come with lesser known drawbacks that make them useless in certain environments.

Let's use a desktop for example, if i set up a home PC (using intel raid) with a mirror (raid 1) the controller on that chip sets a special flag on the drive, the flag is a protection flag so that if the drive is removed from the computer it becomes significantly harder to access the data from an outside source.  In this respect, the drive is now locked down to the machine, no other machine will read it without lots of effort.  This may not be ideal if you wanted to move that drive around from machine to machine or server to server.

In essence, many drives get locked down to their controllers (or their models), this makes it a real pain if you're trying to move on to new hardware while keeping the drives intact.

Therefore that kind of solution is not ideal.  If you made it a policy to enforce that type of solution, it could** cause more troubles than it solves.  *note could*

More importantly in a policy of this type isn't the actual solution implemented but the disaster recovery proccess.  Regardless of a firm's level of fault tolerance, 1, 2, 10 backups if they don't have a solution to recover from disaster the backup's are worthless.

Point, a raid 5 can lose one drive and the computer can continue running, between the time a drive is lost and a new one is placed in if anything happens, the data is gone. So what would be more important is a statement something like this, upon a fault it will be successfully recovered and resolved in X days or something like that.  And the clearer the steps that need to be taken are, the higher the reliability is and the lower the liability is.

Mandatory requirements can be dangerous if the mandate doesn't adequatly address the whole regulated area.  Does that make sense, or was i completely off?
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now