Business continuity and disaster recovery

Last updated: Nov 2, 2023

We have a detailed Business Continuity and Disaster Recovery (BCDR) plan in place to maintain business operation during unforeseen circumstances. The plan identifies critical information systems and outlines procedures related to operations, staffing, materials, transport, security, and facilities.

The BCDR plan would be triggered if there's a large-scale event, like a natural disaster, act of terrorism, or an organizational issue (e.g., embezzlement scandal, staff walkout).

We carry out business continuity risk assessments annually. These assessments identify and prioritize risks against business objectives and criteria, including necessary resources, impacts of disruptions, allowable outage times, and recovery priorities.

We know that redundancy is a critical part of doing business and have designed our data systems and infrastructure for resiliency and high availability. We wrap advanced monitoring around our products and can proactively respond to changes on demand. Redox recovery point objective (RPO) is 60 minutes; recovery time objective (RTO) is 24 hours.

Redox has failover configuration in multiple availability zones of our platform hosts. Failovers are replicas of the main, and they use the same security and configuration. So if an outage occurs in one zone, we can failover with minimal traffic interruption.

We do active/standby for our databases. For example, if there is one active data copy in AZ-A, that data is replicated to the standby instance in AZ-B. If AZ-A (or an instance in AZ-A) were to fail, AZ-B would start up with its replicated copy of the data within 30 seconds.

Also, we perform daily full backups of our databases, which are stored in buckets within our platform hosts and replicated to at least three regions.