This is the public portion of our Business Continuity and Disaster Recovery plan as regards to dbFront. We wanted to assure our clients that we have a plan in the event of an unexpected disaster and, more importantly, that their infrastructure and dbFront install has NO dependencies on our continued operation.
“Carry as little as possible but choose that little with care” – Earl Shaffer
We intentionally designed dbFront as a COTS application instead of a SAAS service. We wanted our clients to remain in complete and total control of their environments, their data, and their security.
Not only is this a significant security benefit for our clients, but it also represents a significant benefit for us. We don't need to be concerned about client data or worry about client downtime in the event that we ourselves face an outage. All client-installed copies of dbFront will continue to function as per usual.
This is easily tested by creating a fully isolated install of dbFront. At most, you will see a notification that dbFront could not check for new versions.
As a result, our clients don't need to be concerned if we have an outage.
The core service we provide is the development and distribution of the application named dbFront. It's our goal to make it as solid, secure, simple and functional as possible.
This greatly simplifies Disaster Recovery scenarios due to non-malicious failures.
Secure & Isolated
“Anything that one man can make, another can break”
Criminal or malicious intent is much harder to deal with. Our solution is a mixture of defence-in-depth and isolation. Defence-in-depth so that a single attack can't breach the entire system, and isolation so that a successful attack in one area does not automatically result in a breach in other areas.
As part of our Secure Development Policy, we have constructed dbFront with multiple layers of security. We have also provided our clients with instructions on how they can set up a distributed environment and test the web server using a penetration testing tool to ensure that it is correctly configured.
Although there are public installs of dbFront, most installs are hidden and isolated within distinct and separate networks. As an extra measure, security-conscious corporations often add the requirement of VPN access.
To further simplify our website and environment, we use external payment vendors and client-chosen resellers. This means that we can absolve ourselves of the need to hold and manage payment information or PII that might be tempting to threat actors.
For the same reasons, we also use an external Issue Tracking tool.
Having reduced our footprint and recovery requirements to the smallest possible, we then designed our backup and recovery strategy.
The items to recover in sequence order are:
- Several public, cloud-hosted, easily recoverable, mostly read-only websites.
- A demo/testing environment running as easily recoverable virtual machines.
- The source code and the virtualized infrastructure needed to compile, test and deliver.
- Our development environment.
All of these systems are regularly backed up to multiple destinations, including but not limited to:
- Two distinct cloud storage vendors,
- our change management system,
- and write-once storage.