Nobody knows what is running
The stack has grown organically and no current map of it exists.
Response
Maintain a current host, service, domain, account, and dependency inventory.
DNS or registrar access lives in one account
A single lapsed login could take the domain — and everything on it — with it.
Response
Document ownership, use recoverable access, and review renewal and administrative paths.
The deployment process exists only in shell history
Shipping a change depends on one person remembering the right commands.
Response
Create a repeatable, documented, reviewable path with rollback.
One host carries everything
A single box quietly became load-bearing without anyone deciding it should.
Response
Make the dependency explicit, understand the blast radius, and decide whether redundancy or a rebuild plan is justified.
Backups have never been restored
Backups run, but no one has confirmed they'd actually come back.
Response
Test representative restores and document recovery order and ownership.
Monitoring only says “down”
Alerts tell you something broke, but not enough to decide what to do.
Response
Add service, resource, dependency, and certificate signals that support an actual decision.
Alerts have no owner
Notifications fire into a channel everyone has muted.
Response
Define who receives them, what qualifies as urgent, and what action follows.
Certificates or domains expire silently
The first sign of an expiry is the outage it causes.
Response
Track expiry, automate renewal where appropriate, and alert before failure.
Storage fills without warning
Capacity creeps up until a disk hits 100% and takes services with it.
Response
Monitor capacity and growth, set thresholds, and know what can be removed or expanded safely.
Updates happen only during emergencies
Patching is a reaction to incidents instead of a routine.
Response
Create a regular patch and upgrade routine with tested rollback or rebuild options.
Remote access grew organically
Tunnels, VPNs, and port forwards accumulated faster than anyone removed them.
Response
Inventory remote-access paths, credentials, and exposed services; remove what no longer has a purpose.
Only one person can recover the system
Recovery depends entirely on one person's memory being available.
Response
Create diagrams, runbooks, access records, and a tested handoff path.