WEBVTT

00:00.420 --> 00:07.110
Keeping data secure on our individual systems is absolutely critical and it's probably the cornerstone

00:07.110 --> 00:12.900
of all I.T. security there is but let's make sure we understand what we're talking about when we talk

00:12.900 --> 00:14.470
about securing data.

00:14.650 --> 00:21.420
Now in this case what I'm avoiding is permissions based issues I'm not talking about how do we secure

00:21.420 --> 00:26.040
data to keep somebody from editing a file or something like that.

00:26.130 --> 00:29.610
What I'm talking about is just within the system itself.

00:29.700 --> 00:31.680
How do I keep all the data happy.

00:31.680 --> 00:37.530
So what we're really talking about here is number one data integrity of some form or another making

00:37.530 --> 00:43.490
sure that if a hard drive dies or if a power supply dies or something like that I still have that data.

00:43.500 --> 00:44.870
We're also talking about speed.

00:44.880 --> 00:46.840
So we want quick access.

00:46.920 --> 00:51.210
So generically when we're talking about these types of things what we're talking about is what I'm going

00:51.210 --> 00:58.200
to call high availability so we'll save a keeping out the hackers and keep it out the malware for other

00:58.200 --> 00:58.770
episodes.

00:58.770 --> 01:00.760
What we're talking about is the puer system.

01:00.840 --> 01:05.560
What can we do to keep that data happy so let's think about high availability.

01:05.640 --> 01:08.160
So probably the best place to start is RAID.

01:08.190 --> 01:12.330
RAID is a great way to secure data depending on the raid level you use.

01:12.330 --> 01:14.460
You can provide good integrity.

01:14.460 --> 01:20.010
You can provide good speed and the nice part is is Raid 9 times out of 10 is one of the cheapest ways

01:20.010 --> 01:27.060
you can go raid is a fantastic tool but raid is only good for the drives or the storage within a system.

01:27.060 --> 01:31.200
So if you lose a hard drive rate is a great way to take care of these types of issues.

01:31.200 --> 01:39.300
However what happens if I lose a power supply what happens if the entire server explodes.

01:39.300 --> 01:41.360
Now I've got a really big problem.

01:41.370 --> 01:47.550
So what we're talking about securing data we need to stop thinking about just the drive storage and

01:47.550 --> 01:49.740
start thinking about the systems as a whole.

01:49.820 --> 01:55.140
And probably the best most core way we do that is something called clustering clustering is a simple

01:55.140 --> 01:55.870
concept.

01:55.980 --> 01:59.640
So here I have a single computer that might have Raiden it might not.

01:59.720 --> 02:06.480
Dono clustering simply means instead of having one computer doing the job you have two computers or

02:06.480 --> 02:11.810
more doing the exact same job sharing the same database sharing whatever it might be.

02:11.880 --> 02:17.490
The nice part about clustering is that if one of these systems dies the other one can automatically

02:17.490 --> 02:18.400
kick in.

02:18.420 --> 02:24.060
The downside to clustering is that they constantly have to keep each other updated clustering is absolutely

02:24.060 --> 02:29.670
fantastic in fact you can see some pretty interesting setups where two servers that are acting as clustering

02:29.670 --> 02:34.320
servers will literally have their own dedicated little network between them because they have to update

02:34.320 --> 02:35.720
each other so much.

02:35.720 --> 02:42.210
However number one clustering is really expensive to literally not just recreate a couple of extra drives

02:42.210 --> 02:47.360
but to recreate an entire system can add to the price of securing data dramatically.

02:47.370 --> 02:54.270
The downside to clustering also is that you really usually have one primary cluster machine and that

02:54.270 --> 02:57.090
way he's always doing all the work.

02:57.090 --> 03:04.110
You'll have other machines that act more like a backup system so we could really use these systems a

03:04.110 --> 03:05.470
little bit more efficiently.

03:05.490 --> 03:08.280
And when you do that you get load balancing.

03:08.280 --> 03:10.080
Here are my two clustered servers.

03:10.170 --> 03:14.440
Now normally with clustering one is the primary and one is kind of like the backup.

03:14.460 --> 03:19.950
However with load balancing all you're doing is you're distributing the workload across all of these

03:19.950 --> 03:21.330
clustered servers.

03:21.330 --> 03:25.480
That way no one machine is totally overwhelmed.

03:25.680 --> 03:31.070
Clustering and load balancing are absolutely powerful tools but they do tend to be a little pricey.

03:31.080 --> 03:36.950
So one of the things we also like to do for securing data is to simply virtualize the servers.

03:37.050 --> 03:43.730
In that case if a server were to die in one fashion or another we can simply bring it back from a snapshot.

03:43.830 --> 03:49.620
Now just because a server is virtualise don't think that you don't still have the ability to do raid

03:49.620 --> 03:53.870
with virtualise drives or to do clustering with virtual servers.

03:53.970 --> 04:16.530
But really when it comes to the ultimate in securing your data virtualizing this stuff really pays off.