Business continuity and disaster recovery

We have a detailed Business Continuity and Disaster Recovery (BCDR) plan in place to maintain business operation during unforeseen circumstances. The plan identifies critical information systems and outlines procedures related to operations, staffing, materials, transport, security, and facilities.

The BCDR plan would be triggered in case of a large-scale event, such as a natural disaster, act of terrorism, or an organizational issue (e.g., embezzlement scandal, staff walkout).

We carry out business continuity risk assessments annually. These assessments identify and prioritize risks against business objectives and criteria, including necessary resources, impacts of disruptions, allowable outage times, and recovery priorities.

We know that redundancy is a critical and essential part of doing business and have designed our data systems and infrastructure for resiliency and high availability. We wrap advanced monitoring around our products and can proactively respond to changes on demand. Redox recovery point objective (RPO) is 60 minutes; recovery time objective (RTO) is 24 hours.

Redox is fully hosted in AWS and has failover configuration in multiple availability zones. Each of the failovers is a replica of the master and uses the same security and configuration, so if an outage occurs in one zone, we can failover with minimal interruption to traffic.

We do active/standby for our databases. For example, if there is one active data copy in AZ-A, that data is replicated to the standby instance in AZ-B. If AZ-A (or an instance in AZ-A) were to fail, AZ-B would start up with its replicated copy of the data within 30 seconds.

In addition, we perform daily full backups of our databases, which are stored in buckets within AWS and replicated to at least three AWS regions.