ZenGRC Backup and Recovery Policy 10-31-2019
Scope
This policy applies to all data stored on customer production systems. The policy covers specifics such as the type of data to be backed up, frequency, storage, and retention of the backups, and restoration procedures.
Backup Storage: Security
The company has set the following guidelines for backup storage:
- Backups are stored encrypted at rest using industry standard AES-256 encryption in Amazon S3.
- Access to backups is limited to technical operations with mandatory 2-factor authentication.
Backup Storage: Disaster Recovery
- All servers containing customer data are backed up continuously (7 days a week) with a point in time window of up to 7 days.
- All backups are stored in AWS S3.
Designed to provide 99.999999999 percent durability and 99.99 percent availability of objects over a given year.
Designed to sustain the concurrent loss of data in two facilities.
- All backups are stored in AWS S3.
- Full snapshots of all ZenGRC databases are taken every 4 hours.
- Database servers are replicated across AWS Availability Zones for High Availability.
- Snapshots are archived for a minimum of 1 year.
© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com