Availability is a complete different concern from Confidentiality and Integrity. It focuses on the data’s availability when a user needs it. Its aim is easy to understand but the measures to achieve availability could be very costly.

Since the September 11th attack, organizations tend to pay more effort and investment in maintaining the continuation of the business operation after unexpected incidents. It is now commonly named as Business Continuity Planning (BCP). BCP is not only about the Availability of the information system (what we used to name it as Diaster Recovery Planning) but also the ability to keep the whole business operation run without interruption.

In information system management, to achieve Availability requires an organization to impose security measures like redundant IT infrastructure, proper information backup, data protection policy and many Internet security defenses particularly to fight against the Denial of Service (DOS) Attack and Distributed Denial of Service (DDOS)Attack, etc.

The measures of redundant infrastructure could be particularly costly if it involves the setup of a ‘warm site’ -  the site with complete duplicated IT installations ready to be put into operation once the main site is in jeopardy.Technorati Tags: ,