When we head to client sites, we listen for the key words Active Directory. This part of IT infrastructure can be a blessing for every day functionality. It can also fall apart dramatically during an incident. Before we get to the implications of what might happen if it goes down, let’s give a general explanation of what it is.

Active Directory

Active Directory (AD) is the place on the network where all of the user permissions are stored. For those end users out there who are not overly tech savvy, think of it like this. Every day you come to the office, boot up your computer, and enter a user name and password. When it opens to your home screen, you can see your email and your desktop, and the files you need to do your job.

Now think about how many people work at your company. Every person that comes to work has their own user name and password, so that when they log on to their computer they see their emails and desktops and files. In order to make sure that each person sees their emails and no one else’s, all of those user names and passwords need to be kept somewhere. AD is often where they are kept. And it automatically checks to make sure that the user name and password match, and the information the user (that’s you) sees is their own. Put in the wrong info, and it won’t let you in.

When AD Goes Wrong

Like all of your other files, AD needs to be housed somewhere. Often this place is on a physical server at your office building, in a data center, or hosted in the cloud. It doesn’t matter were your AD server is; if your computer can’t access it, you can’t log in for work. This limits your work from home (or work from alternate sites) recovery strategy. Your AD server truly is a single point of failure from the technology side. It is standard, best practice not to tie your Business Continuity Plan into your single point of failure.

The Solution

The solution is redundancy. Ensure that there are multiple ADs stored in different locations for users to login to. Both must be kept up to date at all times. And it should be easy to route users from one to the other if the primary AD fails.

A Note About Other Functions

There are other functions out there that help businesses streamline their work flow, like Single Sign On (SSO). During “business as usual” SSO allows you to enter your user name and password once and you can access all of the applications and programs you need. Unfortunately, SSO relies on AD to authenticate users, so all of the pitfalls of AD discussed above apply for SSO. This means its redundancy must also be reviewed critically. We recommend being very cautious when relying on SSO for accessing your Business Continuity Plan. Both AD and SSO become a “single point of failure”. BCP strives for redundancy. Potential points of failure should be avoided if they prevent you from getting to your plan when it’s not “business as usual”.

So long as you keep your redundant solutions up to date, your business should be able to enjoy the benefits of AD without the pitfalls. But for Business Continuity purposes, it is always best to keep these separate.


About KingsBridge

KingsBridgeBCP offers businesses of all sizes BCP Software Solutions and industry know how based on best practices.  We help build, exercise, and maintain Business Continuity Plans. Our services and software packages are customized to meet the wide range of our customers’ needs, ensuring we deliver the best value in every project. To learn more click here or check out our Services.