Articles on: Security

Backup strategy

Our backup strategy is :
Every deployment database is snapshoted using the mechanism provided by the cloud provider the client is deployed to. Theses snapshots allows Cloud-IAM to do fast recovering on demand or in case of unrecoverable misconfiguration.
Every deployment database is backuped up using complete dump for cold storage. Theses backups are encrypted and stored in another location using an highly available storage in Europeen Union (99.999999999% of durability). Theses backups are used for deployment migration and disaster recovery.

Each database are backed up at least daily, and frequency can be discussed on demand to go up to hourly.

The backup retention are :
7 days for snapshots.
1 month for cold backups.

Disaster recovery:
Cloud-IAM deployment are by default deployed in a choosen cloud provider region in every of its availability zones in order to provide the most Highly Available setup possible in case of infrastructure and network failure.
However, in case of disaster recovery, Cloud-IAM on-call team is able to recreate from scratch any deployment using its cold backup.
Depending on the gravity of the incident, Cloud-IAM on-call team will recreate the deployment :
- in the same region if possible
- in another region of the same cloud provider
- in another cloud provider only with direct approval of the customer
The whole process can take up to 2 hours (RTO) and a data loss can be up to the last backup performed, so up to 24 hours (RPO) maximum.

For all the duration of the incident, Cloud-IAM on-call team will communicate every action to the impacted customers through emails. Public communication will be done through the social network and Cloud-IAM status page in case of impact on its public API.

Updated on: 26/04/2023

Was this article helpful?

Share your feedback


Thank you!