Understanding business continuity and disaster recovery for Security and Compliance Center
Disaster recoveryThe ability of IT services to recover from rare but major incidents and non-transient, wide-scale failures, such as service disruption that affects an entire geographical area. The impact of such an incident exceeds the ability of the high availability design to handle it. See also high availability, recovery time objective, recovery point objective. involves a set of policies, tools, and procedures for returning a system, an application, or an entire data center to full operation after a catastrophic interruption. It includes procedures for copying and storing an installed system's essential data in a secure location, and for recovering that data to restore normalcy of operation.
In case of failure, a failover design is established to keep your resources running without needing you to act. See How IBM Cloud ensures high availability and disaster recovery to learn more about the high availability and disaster recovery standards in IBM Cloud. You can also learn more about Service Level Agreements.
Responsibilities
To find out more about responsibility ownership for using IBM Cloud products between IBM and customer, see Shared responsibilities for IBM Cloud products.
Disaster recovery strategy
IBM Cloud® Security and Compliance Center is a highly available, regional service that runs in the Dallas (us-south), Frankfurt (eu-de), Madrid (eu-es), and Toronto (ca-tor) regions. In each
supported region, Security and Compliance Center exists in multiple availability zones with no single point of failure. The configuration data that is associated with your instance of Security and Compliance Center is backed up across regions.
Results that are generated by scheduled scans are saved in the Cloud Object Storage instance that was provided when Security and Compliance Center was provisioned and configured in your account.
Because Security and Compliance Center is a regional service, cross-regional failover and cross-regional disaster recovery are not automatic. If all of the availability zones in a region fail, Security and Compliance Center becomes unavailable in that location. Depending on the configuration of your Cloud Object Storage instance, when the region is available again data and traffic is automatically restored without any required action.
For more information about configuring Cloud Object Storage, including how to make sure the Cloud Object Storage buckets are highly available, see Getting started with IBM Cloud Object Storage.
IBM Cloud has business continuityThe capability of a business to withstand outages and to operate mission-critical services normally and without interruption in accordance with predefined service-level agreements. plans in place to provide for the recovery of services within hours if a disaster occurs. You are responsible for your data backup and associated recovery of your content.
Security and Compliance Center provides mechanisms to protect your data and restore service functions. Business continuity plans are in place to achieve targeted recovery point objectiveIn disaster recovery planning, the point at which data is restored to in the event of a disaster. (RPO) and recovery time objectiveThe maximum duration of time within which an application should be restored after any type of disaster. (RTO) for the service. The following table outlines the targets for Security and Compliance Center.
| Disaster recovery objective | Target value |
|---|---|
| RPO | 12 hours |
| RTO | 4 hours |
If you require continuous scans while the primary region is unavailable, you can provision a new instance of Security and Compliance Center by using a new Cloud Object Storage bucket. However, you cannot access previous scan result data until the regional service is restored.