Disaster Recovery
Recovery Objectives
| Service Category | RTO | RPO | Priority |
|---|---|---|---|
| Critical production systems | < 4 hours | < 1 hour | 1 – Immediate recovery |
| Customer-facing services | < 8 hours | < 4 hours | 2 – High priority |
| Internal systems | < 24 hours | < 24 hours | 3 – Normal |
| Archive / documentation | < 72 hours | < 1 week | 4 – Low |
Recovery Procedures
Scenario: Single System Failure
- Identify root cause (hardware, software, configuration)
- Activate failover (if available)
- Restore system from backup or rebuild
- Apply configuration from Git repository
- Verify integrity before returning to production
- Enhance monitoring for 24 hours
Scenario: Ransomware
- Immediately: Isolate all affected systems from the network
- Determine scope of encryption
- Verify backup integrity (identify clean backups)
- Restore systems from verified backups
- Rotate all credentials
- Close attack vector before bringing systems back online
NO RANSOM PAYMENTS
The BAUER GROUP does not pay ransom under any circumstances. Payment finances criminal organizations and provides no guarantee of data recovery.
Scenario: Data Center Outage
- Activate crisis team
- Failover to secondary site (if available)
- Prioritized recovery by service category
- Activate customer communication
- Ensure provisional operations
- Complete recovery after primary site availability
Failover Systems
| System | Failover Type | Switchover Time |
|---|---|---|
| DNS | Automatic (Anycast / health check) | < 5 minutes |
| Web applications | Manual (backup deployment) | < 1 hour |
| Databases | Replication (for critical systems) | < 15 minutes |
| Secondary MX record | Automatic |
DR Test Schedule
| Test | Interval | Scope |
|---|---|---|
| Tabletop exercise | Semi-annually | Walk through a scenario without actual system changes |
| Restore test | Quarterly | Actual restoration of individual systems |
| Full DR simulation | Annually | Complete failover scenario with time measurement |