Business Continuity Management
VulDB is proud to provide a very robust and highly reliable service for more than 25 years. This is possible due to a professional Business Continuity Management (BCM).
Basic Principles
We provide the highest Tier 7 Preparedness according to the IBM eight tier model which is defined as:
Tier 7 - Highly automated, business-integrated solution: Tier 7 solutions include all the major components being used for a Tier 6 solution with the additional integration of automation. This allows a Tier 7 solution to ensure consistency of data above that of which is granted by Tier 6 solutions. Additionally, recovery of the applications is automated, allowing for restoration of systems and applications much faster and more reliably than would be possible through manual Disaster Recovery procedures.We provide high-availability with georedundancy for our core services. Data centers are ISO 27001 certified, payment providers are PCI DSS certified, and the service is fully GDPR and CCPA compliant.
- ISO 27001 Certification
- PCI Service Provider Level 1 Certification
- GDPR EU and CCPA USA Compliancy
- RFC 9116 Compliancy
A full backup of all data happens once per day and is stored in two separate locations. A full restore is tested once per year and possible in under 120 minutes.
ID | Threat | Resilience | Guidelines | Preparedness |
---|---|---|---|---|
1 | Epidemic/Pandemic | Health requirements (e.g. testing, social distancing, hand sanitizing, masks, vaccination, paid isolation during illness), remote working encouraged, adequate teams, staff rotation, cooperation with civil defence authorities (e.g. Federal Civil Defence Office), proven during COVID-19 | ISO 27001 | High |
2 | Fire | Distributed smoke detectors, fire suppression systems in data centers, georedundant data centers, data synced in real-time, off-site backups, trained employees, recurring audits by authorities (e.g. fire police) | ISO 27001 | High |
3 | Flood | Low risk locations, georedundant data centers, some of them in 1st floor or above, data synced in real-time, cooperation with civil defence authorities (e.g. police, Federal Civil Defence Office) | ISO 27001 | High |
4 | Earthquake | Low risk locations, georedundant data centers, data synced in real-time, cooperation with civil defence authorities (e.g. police, Federal Civil Defence Office) | ISO 27001 | High |
5 | Hurricane/Storm | Low risk locations, georedundant data centers, data synced in real-time, cooperation with civil defence authorities (e.g. police, Federal Civil Defence Office) | ISO 27001 | High |
6 | Power Outage | Interruption-free power supply, emergency power unit, georedundant data centers, data synced in real-time, minimized dependency on international energy suppliers | ISO 27001 | High |
7 | Water Outage | Low importance, georedundant data centers, data synced in real-time, remote working possible | ISO 27001 | High |
8 | IT Outage | Georedundant data centers, data synced in real-time, off-site backups, high-availability, emergency caches available, recurring security testing, public bug bounty program | ISO 27001, RFC 9116 | High |
9 | Telecomms Outage | Redundant internet access, georedundant data centers | ISO 27001 | High |
10 | Misconfiguration | Configuration guidelines, dev and test environments, reviews required before production, immediate fallback possible, recurring security testing, public bug bounty program | ISO 27001, PCI DSS, RFC 9116 | High |
11 | Data Corruption | Best practice security measures, georedundant data centers, data synced in real-time, off-site backups, data validation, cryptographic signatures, commit history, monitoring, alerting, recurring security testing, public bug bounty program | ISO 27001, RFC 9116 | High |
12 | Cyber Attack | Best practice security measures, data classification, privacy policy, secure development lifecycle, hardening, network access control, firewalling, malware detection, IDS, IPS, DLP, logging, monitoring, alerting, off-site backups, high-availability, recurring security testing, public bug bounty program | ISO 27001, PCI DSS, RFC 9116 | High |
13 | Sabotage | Screening of employees internally and by authorities, no subcontractors allowed for critical tasks, best practice security measures, data classification, data integrity validation, commit history, monitoring, alerting, off-site backups, high-availability | ISO 27001 | High |
14 | Theft | Physical access limitation, video surveillance, logging, monitoring, alerting, data classification, privacy policy, encryption | ISO 27001, PCI DSS | High |
15 | Terrorism/Piracy | Location in highly stable countries (e.g. Switzerland), best practice security measures, georedundant data centers, data synced in real-time, off-site backups | ISO 27001 | High |
16 | War/Civil Disorder | Location in highly stable countries (e.g. Switzerland), geopolitical monitoring to anticipate problems, no dependencies on location, georedundant data centers | ISO 27001 | High |
17 | Single Point Dependency | Prevented at all cost, dependencies minimized, redundancy and alternatives as requirement | ISO 27001 | High |
18 | Random Failure of Mission-Critical Systems | High availability, hot-standby, georedundant data centers, data synced in real-time, off-site backups | ISO 27001 | High |
19 | Supplier Failure | Reduced dependencies (e.g. internal development of core services), standardized services, alternative suppliers available immediately | ISO 27001, PCI DSS | High |
Monitoring and Alerting
Availability of network interfaces, services, and data integrity is monitored in real-time by two different monitoring frameworks. Data integrity is monitored by two other systems.
Disruptions and other problems are reported immediately to the responsible team via email, push notification, or text message. These alerts include details about the affected component and the suspected root cause. They do also contain the recommended steps to reproduce and mitigate the problem.
Team leads are instructed and trained to maintain the expected level of availability. High-availability based on redundancy and hot-standby makes it very easy to act quickly without knowing the root cause of a problem immediately. Analysis happens after reinstating service availability.
Minimized Dependencies
Our processes are highly simplified and independent from each other to guarantee the maximum of flexibility and efficiency.
Technology dependency is reduced to an absolute minimum. We use well-known components and products for the service. Core components are developed inhouse to aim for ideal performance, reliability, and flexibility.
We have also tested alternative products and solutions (e.g. other web server implementations and database engines) to switch to them quickly if this becomes necessary (e.g. because a product is end-of-life all of a sudden).
Internal systems are not required to provide our customer service. We use internal systems for development, testing, sales, accounting, etc. Their availability does not and cannot influence the customer experience of the service as they are deployed on a separate environment without direct connectivity nor dependency on the productive server environment.
Our suppliers provide standard services (e.g. web hosting and payment processing). There are many similar competing suppliers which would be available immediately if the situation requires such a change. All our robust interfaces are prepared for redundant implementations and quick switching.
Extended Analysis
We have different teams which are responsible to establish and maintain their products and guarantee the expected level of availability. The teams are well staffed, which guarantees steady reliability in cases of fluctuation, illness or other events with negative impact.
- Hardware team
- Network team
- Operating system team
- Application team
- Database team
- Data team
We do regular testing of availability and BCM mechanisms to verify the expected goals.
Human Resources
We have different teams which are responsible to handle their processes. These teams consist of a team lead and at least one additional co-team lead. Core tasks are handled by a sub-board consisting of at least three people. All task assignments are are shared between two or more people to guarantee coverage during events like days off, illness, or others.
Recovery Time Objective
The Recovery Time Objective (RTO) of the web service is set to 72 hours. Commercial customers might define other targets aligned with their expected Service Level Agreement (SLA).
Actualizaciones: 2024-08-23 por VulDB Documentation Team