Upload
others
View
6
Download
0
Embed Size (px)
Citation preview
Tech Note
Yardi Cloud Services Business Continuity Plan The Yardi Cloud is a global network of environments colocated in top‐tier data centers that share a standardized
architecture. For each software environment, Yardi designates a production (primary) site and provides disaster recovery infrastructure at a secondary site. This document outlines Yardi’s business continuity plan in the event of
an incident affecting a client’s primary data center.
The Yardi Cloud Services team has implemented a resilient computing infrastructure to maintain high availability
and security for the hosted Yardi applications by leveraging redundancy for fault tolerance, leading hosting providers, and SSAE 18 Service Organization Controls (SOC). Our business continuity plan covers availability
strategies at the primary and secondary data centers. As part of our semiannual SSAE 18 SOC 1 Type II
examinations, Yardi validates the design and processes surrounding the Cloud architecture.
The strategies described here apply to production instances of Yardi applications deployed in the Yardi Cloud. Yardi
recommends client organizations develop their own business continuity and disaster recovery plans for backing up and recovering non‐Yardi software and data. Clients are responsible for establishing long‐term Yardi data archiving
procedures in line with specific business objectives.
High‐Availability Strategy
Yardi’s high‐availability strategy ensures business continuity for clients in the event of an incident that affects the Yardi environment but does not render the entire data center unavailable. All data centers in the Yardi Cloud
leverage multiple layers of redundancy for service support:
Power. Redundant power feeds and redundant power distribution support the data center and the racks housing the Yardi infrastructure components. Each location has emergency standby power with a redundant battery backup and generator as well as redundant cooling components.
Network. The Yardi Cloud network design includes redundant circuits, switches, firewalls, and load balancers. All locations are configured with redundant internet providers and dynamic switching.
Storage. Client data resides in redundant storage configurations to protect against disk or array failure.
Application Servers. Yardi deploys applications in the Yardi Cloud on virtualized, load‐balanced, and clustered servers.
File Servers. Yardi deploys file servers in the Yardi Cloud on virtualized, clustered servers. Yardi replicates
data in real time to a local standby cluster. Database Servers. Yardi deploys Yardi databases on virtualized, clustered servers and replicates the data
in real time to a local standby cluster. Yardi produces transaction logs of the database at 30‐minute
intervals and retains them for four days to support point‐in‐time data recovery. Backups. Yardi retains full, daily backups of the production database on an sFTP share for 14 days. Clients
should designate a user in their organization to access this storage securely. Yardi recommends all clients
download and store their data in a secured location to provide for longer retention periods.
TECH NOTE
Disaster Recovery Strategy
The Yardi Cloud Services group has developed a recovery strategy to restore service if Yardi declares a major
disaster. A disaster is an unplanned event that results in a complete and extended loss of access to the primary
data center. Using our high‐speed regional mesh network, Yardi pairs regional data centers to replicate client data
continually from the production data center to servers at the secondary center:
Application Servers. Yardi replicates application data in real time to standby passive clusters.
File Server. Yardi replicates file server data in real time to a standby passive cluster.
Database Server. Yardi replicates production databases in real time to a standby passive cluster.
In the event of a disaster, Yardi will recover the client environment in the designated secondary data center.
Because each secondary data center is also a production data center, all of the infrastructure components
described in the previous section are in place. Clients using the Yardi Private Cloud hosting model will have a
dedicated vLAN deployed at the secondary data center.
If a disaster is declared, Yardi will restore business processing as follows:
Recovery Time Objective (RTO) is Yardi’s objective for the maximum time after a disaster is declared before the secondary site becomes operational. The standard RTO is eight hours from the declaration of a
disaster.
Recovery Point Objective (RPO) is Yardi’s objective for the maximum time during which data could be lost
in the event of a disaster. The RPO is two hours from the occurrence of a disaster, excluding any loads
that may be underway when the disaster occurs.
After declaring a disaster, Yardi Cloud Services will approach disaster recovery in three phases as shown below.
The RTO and RPO described above apply only to licensed Yardi applications. The restoration of third‐party
applications, customizations, interfaces, and supplementary systems will begin after the core recovery phase.
• Licensed Yardi programs • Production file server • Production database
Core Recovery (0 ‐ 8 Hours)
• VPN tunnels (Yardi Private Cloud only) • Third‐party authentication services and single sign on • Third‐party applications, customizations, and interfaces • Transaction log shipping
Supplemental Recovery
(0 ‐ 10 Days)
• Root Cause Analysis (RCA) • Restoration of primary data center or establishment of new
disaster recovery location
Reconstitution (10 ‐ 90 Days)
2
TECH NOTE
During a disaster, Yardi will provide regular status updates via email to each affected client’s designated single
point of contact (SPOC) or via the secure Yardi Client Central support website:
Initial communication will be limited to the disaster declaration statement and available details regarding
the nature of the disaster. As client environments become available, communication will include the URLs for the new site and
instructions on resetting user passwords.
After initial restoration of client environments, Yardi will provide regular updates on the recovery of
supplemental systems and reconstitution efforts.
Disaster Recovery Testing
Yardi Cloud Services continually monitors its disaster recovery processes to ensure that all data is replicated properly. Yardi conducts annual disaster recovery tests at each data center. Additionally, we encourage our clients to work with Yardi to conduct annual disaster recovery tests on their environment so that they are familiar with
the process.
Copyright Notice: This document is protected by copyright, trademark, and other intellectual property laws. Use of this
document is subject to the terms and conditions of an authorized Yardi Systems, Inc. software license or other agreement
including, but not limited to, restrictions on its use, copying, disclosure, distribution, and decompilation. No part of this
document may be disclosed or reproduced in any form by any means without the prior written authorization of Yardi Systems,
Inc. This document contains proprietary information about software processes, algorithms, and data models which are
confidential and constitute trade secrets. This document is intended solely for the specific purpose for which it was made
available and not for any other purpose. Yardi® and Yardi Voyager® are registered trademarks of Yardi Systems, Inc.
Rev. 08/09/2019
3