Brandkit utilises a number of first class cloud infrastructure vendors to ensure data is safely stored and recoverable, in the event of hardware failure, data corruption or a large scale service interruption.
Primary vendors are:
- Amazon AWS for the underlying cloud infrastructure and file storage (S3).
- Heroku for system management and deployment services and primary Postgres database
- Bonsai for Elastic Search.
Github for application code
We have 3 main areas of concern in a recovery scenario.
- Your Uploaded Files
- Your Account Data - Database
- Brandkit Application Code
Your Uploaded Files
When you upload files these are stored in Amazon's AWS S3 cloud storage infrastructure. We don't keep a copy anywhere else. S3 also stores your data across multiple geographically distant Availability Zones by default.
S3 provides 11 9’s of durability (99.999999999% uptime). See https://docs.aws.amazon.com/AmazonS3/latest/dev/crr.htm so is very safe.
However your compliance requirements might dictate that you store data at even greater distances. Cross-region replication allows you to replicate data on, say different continents, to satisfy these requirements.
Brandkit offers optional Cross Regional Replication (CRR) of storage to Enterprise Accounts. (You can also choose a specific Primary Storage Region if you have an Enterprise Plan AND select a custom storage region before your account is opened).
When configured your uploaded files are automatically copied to another AWS s3 storage region. For example the primary storage region could be the US with CRR to Dublin or Tokyo or Sydney, or Vice Versa. Note that there are additional storage and traffic costs when using CRR.
Contact your Brandkit Account Manager if you want to setup Cross Regional Replication. Please Note that CRR is a paid Enterprise Account option.
FTP Access to S3
We also have direct FTP access to files stored in S3.
If for some reason there is an unacceptable delay in standing up a new instance of Brandkit in a disaster scenario, this will enable Brandkit personnel to access, download and transfer a customer's uploaded original files, directly from S3 using standard the SFTP protocol.
Your Account Data - Database
When you upload fields, we automatically generate a certain amount of asset metadata and then your Account Admins and User will add additional metadata (information) about the uploaded files.
When Users Register and take actions in the your account we generate Usage Data.
When we customise your Brand Portal with written copy, css and images we store this as Portal Data and store static images in S3.
All this metadata and Data is stored in a Heroku Postgres database.
Heroku Postgres uses physical backups for continuous protection by persisting binary copies of the database cluster files, also known as base backups, and write ahead log (WAL) files to external, reliable storage.
Base backups are taken while the database is fully available and make a verbatim copy of Postgres’ data files. This includes dead tuples, bloat, indexes and all structural characteristics of the currently running database. On Heroku Postgres, a base backup capture is rate limited to about 10 MB/s and imposes a minimal load on the running database. Committed transactions are recorded as WAL files, which are able to be replayed on top of the base backups, providing a method of completely reconstructing the state of a database. Base backups and WAL files are pushed to AWS’ S3 object store through an application called WAL-E as soon as they are made available by Postgres.
All databases managed by Heroku Postgres provide continuous protection by persisting base backups and WAL files to S3. Also, fork and follower databases are implemented by fetching persistent base backups and WAL files and replaying them on a fresh Postgres installation. Storing these physical backups in a highly available object store also enables us to recover entire databases in the event of hardware failure, data corruption or a large scale service interruption.
We use Bonsai to maintain an Elastic Search Index which makes the searching of Assets fast and easy. This Search index is generated from our Postgres Database.
This is a robust and trusted vendor , but even in the event of total loss - we can regenerate the entire Elastic Search index from scratch in a few hours.
Bonsai takes regular, automatic backups of all paid clusters, and stores them in an encrypted S3 bucket in the same region as the cluster. These snapshots are taken at the start of every hour and are retained for two weeks.
The Brandkit Application code itself, is stored in a cloud Github repository (Github is now owned by Microsoft) as well as locally. It is then deployed to production via Heroku.
In the event of a complete failure we can stand up a new system by deploying a fresh copy of the application to new servers within hours.
This Deployment process is automated and robust - we are deploying new code on a daily basis in the exact same deployment process.
If the outage is caused by our application code, we can identify, fix and deploy new code typically within minutes.
Learn about Github Security measures here: https://github.com/security
Please contact firstname.lastname@example.org if you have additional questions.