Redundancy for Staff
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> Now as information security professionals,
00:00
many times we focus
00:00
on the technical aspects of redundancy.
00:00
I'm not saying that's not important.
00:00
Of course it's important.
00:00
But if no one's there to run the servers and restore
00:00
the backups and make
00:00
the configurations for
00:00
synchronization and all those things,
00:00
none of it matters.
00:00
We cannot forget redundancy for our staff.
00:00
That's important on a day-to-day basis,
00:00
as well as the in the event
00:00
for disaster recovery as well as business continuity.
00:00
Talk about some of the ways that
00:00
we do get redundancy of staff.
00:00
You can always tell
00:00
when an organization doesn't have good redundancy.
00:00
As a matter of fact, I can tell it in every class,
00:00
I can tell you which students work
00:00
somewhere that isn't redundant in relation to staff.
00:00
Because almost every class I teach,
00:00
there's at least one person that's up and
00:00
down responding to voicemail, to text,
00:00
they're frantically typing out
00:00
responding to emails while I'm teaching,
00:00
and I totally get that.
00:00
It's all about the business.
00:00
But what that tells me is they're not able to
00:00
step out of the organization
00:00
>> for a short period of time,
00:00
>> relatively speaking, without their phone blowing up.
00:00
What that tells me, it's no one else
00:00
is able to successfully
00:00
just step into their place and continue operations.
00:00
What we want to do is we want to
00:00
eliminate that single point of failure.
00:00
If that person is so essential they
00:00
can't go to training class for a week,
00:00
what happens if that person gets ill?
00:00
Or what happens if that person
00:00
suddenly leaves for whatever reason,
00:00
or what happens in the event of a disaster,
00:00
that person's not able to come to
00:00
work or to provide their functions from home?
00:00
We've got to have redundancy of staff.
00:00
Typically the way we get
00:00
redundancy of staff is cross training,
00:00
is we move people into different positions.
00:00
You work as a database admin,
00:00
then I might move you over to
00:00
the security admin team for a period
00:00
or within our division
00:00
may switch you into different roles.
00:00
But that idea of cross training
00:00
so that someone else can step
00:00
in if an individual or
00:00
a specific role isn't covered, that's really important.
00:00
Job rotation goes hand in hand with cross training.
00:00
Job rotation has a couple of
00:00
benefits because with job rotation,
00:00
that can also be a detective control.
00:00
I'm database administrator one,
00:00
and I do that for six months.
00:00
Then they move me to database administrator two.
00:00
Whoever they put as the admin at
00:00
database administrator one,
00:00
will be able to have access to
00:00
that system and they can detect
00:00
anything that I've done that might be
00:00
a mistake or something fraudulent in nature.
00:00
We also want to open up training and education.
00:00
One of the motivating factors,
00:00
one of the factors that keep people
00:00
satisfied in their job is the ability to learn,
00:00
the ability to learn new skills,
00:00
to advance in their career and training and education.
00:00
Allowing people to think
00:00
about moving forward in their careers
00:00
and giving them the tools
00:00
and the knowledge that they need to do so.
00:00
When we talk about redundancy of staff,
00:00
the big pieces are,
00:00
we never know when
00:00
those key players are not going to be available,
00:00
so we have to make sure that we
00:00
consider ways to invoke redundancy.
00:00
The best way for redundancy of staff is to
00:00
use cross training and job rotation,
00:00
so that we can have the skills
00:00
necessary in the event of individual absences.
Up Next
Instructed By
Similar Content
