oklido
Help CenterSign In

Backup & Recovery

This document describes oklido's backup strategy and disaster recovery capabilities.

Backup Strategy

Overview

MetricTarget
RPO (Recovery Point Objective)1 hour
RTO (Recovery Time Objective)4 hours
Backup frequencyContinuous + Daily
Backup retention30 days

What We Back Up

DataMethodFrequency
DatabaseAutomated snapshotsDaily + point-in-time
DocumentsS3 replicationReal-time
ConfigurationVersion controlOn change
SecretsAWS Secrets ManagerEncrypted backup

Database Backups

Automated Snapshots

  • Frequency: Daily at 03:00 UTC
  • Retention: 30 days
  • Type: Full snapshot
  • Encryption: AES-256

Point-in-Time Recovery

  • Granularity: Up to 5 minutes
  • Retention: 7 days
  • Use case: Precise recovery to specific time

Testing

  • Monthly restore tests
  • Verified data integrity
  • Documented recovery times

Document Backups

S3 Storage

Documents are stored with multiple protections:

  • Versioning: All versions retained
  • Replication: Cross-region (within UK)
  • Durability: 99.999999999% (11 nines)

Recovery

ScenarioMethodTime
Accidental deletionRestore from versionMinutes
CorruptionRestore from replicaMinutes
Region failureFailover to backup regionHours

Disaster Recovery

DR Tiers

ScenarioImpactRecovery
Single service failurePartialAutomatic failover
Availability zone failurePartialAutomatic failover
Region failureFullManual failover to DR

DR Procedures

  1. Monitoring detects failure
  2. Automated response for tier 1-2
  3. Manual activation for tier 3
  4. Validation of recovery
  5. Communication to customers

DR Testing

  • Quarterly failover tests
  • Annual full DR exercise
  • Documented results and improvements

Business Continuity

Service Dependencies

ServiceRedundancy
Web applicationMulti-AZ
API serversMulti-AZ
DatabaseMulti-AZ
StorageMulti-region
DNSGlobal anycast

Failover Capabilities

  • Automatic health checks
  • Load balancer failover
  • Database replica promotion
  • DNS failover

Recovery Procedures

Database Recovery

  1. Identify recovery point
  2. Create new instance from backup
  3. Verify data integrity
  4. Update connection strings
  5. Resume service

Document Recovery

  1. Identify affected documents
  2. Restore from S3 versioning
  3. Verify file integrity
  4. Update metadata if needed

Full Service Recovery

  1. Deploy infrastructure from code
  2. Restore database from backup
  3. Verify document access
  4. Run integration tests
  5. Resume service
  6. Monitor for issues

Customer Data Recovery

What You Can Recover

DataSelf-ServiceSupport
Deleted documents (30 days)YesYes
Older deleted documentsNoNo
Previous versionsNoContact support
Account dataYesYes

How to Request Recovery

  1. Deleted documents: Check your Deleted folder
  2. Older data: Contact support@oklido.com
  3. Enterprise: Dedicated support channel

Security

Backup Security

  • Encrypted at rest (AES-256)
  • Encrypted in transit (TLS 1.3)
  • Access controlled (IAM)
  • Audit logged
  • Separate from production

Recovery Security

  • Verified before restore
  • Integrity checks
  • Access logs maintained
  • No public access

Compliance

Our backup and recovery meets:

  • Cyber Essentials Plus requirements
  • GDPR data protection requirements
  • Business continuity best practices

Questions

For backup and recovery questions: