Guest SecurityNoob Posted August 7, 2018 Share Posted August 7, 2018 Hello PasswordState Community. I was just wondering what steps other users undertake when your PasswordState happens to be down. What response plan do you have and what measurements have you taken? Regards Link to comment Share on other sites More sharing options...
Sarge Posted August 8, 2018 Share Posted August 8, 2018 15 hours ago, Guest SecurityNoob said: What response plan do you have and what measurements have you taken? It hasn't happened for us yet; but our current implementation was tested to have zero dependencies on anything else (besides the obvious like networking); additionally everything we need to restore Passwordstate has been documented, plus we have a restore kit securely stored offsite which contains copies of the documentation and Passwordstate passwords. We test restores monthly. Our recovery plan for Passwordstate is about 10 pages long. We're about to move to an Active/Active design, backed by a 4 node AAG across DCs which will host Passwordstate which will just improve our uptime. I just need to finalize the design with the other teams, but unfortunately its not my priority right now. 15 hours ago, Guest SecurityNoob said: I was just wondering what steps other users undertake when your PasswordState happens to be down. Ultimately for us it would depend on why it was down. Generally speaking if we can't get it back up within 15 minutes we will be initiating a restore operation as its easier and faster for us. We don't predict Passwordstate being down for more than 30 minutes even if we had to restore. Which is critical, because it holds data for our backup software which we'd need to initiate restores in the event of a total failure of the DC. Link to comment Share on other sites More sharing options...
parrishk Posted August 8, 2018 Share Posted August 8, 2018 Good morning, We have a similar approach to Sarge. Regular backups are key. If the server were to go down we could have a fully functional replacement up in a very short amount of time. In a catastrophic failure (to the infrastructure) we have full copies of the database in an offsite location along with the "emergency password" if needed. Both of these should be separated.... Luckily, we haven't had to actually go through the process but it is in place if needed. Kyle Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.