Resilience and Recovery
We strive to provide a robust and resilient data environment for all our clients, employees and associates. As such, we have many controls in place to ensure that should something go wrong, we are in an excellent position to recover quickly with minimal disruption to you.
We keep minimal data within our office, leveraging the cloud for many of our internal services. Should there be a catastrophic disruption at our offices, all teams are equipped to be able to perform their functions remotely with minimal disruption to our clients.
Data that is kept within our offices is regularly backed up and is stored off-site in an encrypted format.
Hosting and Data Centres
Regular backups are performed in our data centre environments. At a high level, our backup schedule is as follows:
- Twice Daily within the Environment
- Daily aggregate backup offsite
The backups within the environment allow us to recover quickly from any incident, and should there be a catastrophic event, offsite backups may be used to recover.
Geographic redundancy of backups is achieved by using service providers that support the transfer of backups to separate data centres.
Our operations teams actively monitor our servers using modern tools and pro-active methods. Should servers be seen to be underperforming or exhibiting symptoms of a fault, our teams will be notified immediately in order to act. We also monitor and audit access to servers, change control, and patch management within the environment.
In conjunction with monitoring our servers, we monitor our applications and services offered to you too. Proactive monitoring allows us to address bugs, monitor service usage and maintain performance of the platform.
Upgrades and Maintenance Windows
We maintain a Continuous Integration environment, as such, updates to the environment are performed in a controlled manner with no disruption to our customers.
Patch management on our servers takes place outside of business hours to ensure minimal disruption to you, while maintaining protection against attacks and vulnerabilities from an operating system point of view.
In the case of a complete disaster, we have the following Recovery Point Objective (RPO) and Recovery Time Objective (RTO) in place.
- Recovery Time Objective (RTO) – 48 hours
- Recovery Point Objective (RPO) – 12 hours
We have set Disaster Recovery plans in place should the unexpected occur. All services make use of high-availability, redundant and replicated services.