Hosting locations and disaster recovery
For informational purposes only.
BeyondTrust and your customer data
All customer data is securely isolated within our cloud environment. We leverage role based access controls along with separate virtual machines, databases, and indexes to ensure that data remains protected and separated between organizations. Each customer’s data is kept private and is not shared with other customers.
Customers can choose their primary instance deployment location based on their geographic location and preference; US-based customer data always remains in the United States.
For non-US based customers, a list of sub-processors used to deliver the services can be referenced in Schedule 3 of BeyondTrust’s Data Processing Agreement (DPA).
Microsoft Azure regions
From a hosting perspective within Microsoft Azure, Endpoint Privilege Management for Windows and Mac (EPM for Windows and Mac) can be deployed to the Azure regions listed on the BeyondTrust Cloud Region Availability page.
Note
See BeyondTrust's Data Processing Addendum for more information.
Microsoft Azure paired regions
Based on geographic location, the following are the Azure regional paired data centers available among the hosting locations provided by BeyondTrust:
| Primary Region | Paired Region |
|---|---|
| Australia East | Australia Southeast |
| Brazil South | South Central US |
| Canada Central | Canada East |
| Central India | South India |
| Central US | East US 2 |
| Germany West Central (Frankfurt) | Germany North (Berlin) |
| Northern Europe (Ireland) | West Europe (Netherlands) |
| Qatar Central | No pair available |
| South Africa North | South Africa West |
| Southeast Asia (Singapore) | East Asia (Hong Kong) |
| Switzerland North | Switzerland West |
| UAE North | UAE Central |
| UK South | UK West |
Microsoft Azure regions and availability zones
EPM for Windows and Mac deploys resources to a single availability zone within a region. We leverage availability zones and paired regions to support disaster recovery functions. All locations are geographically dispersed to account for environmental issues that could impact the hosting locations. The following image depicts an Azure Region and how it works with the supporting Availability Zones:
EPM for Windows and Mac utilizes SQL databases and SQL servers, which serve as the primary storage for operational aspects of the solution within the cloud environment. When the instance is created, backups are automatically scheduled and performed for transactional logs (every 5 to 10 minutes), differential backups (every 12 hours), and full backups (every week) to the SQL server. These backups are then stored in a read-access geo-redundant (RA-GRS) storage blob that is replicated to a paired data center within an availability zone within the customer's chosen Azure region. This aides in ensuring that the cloud instance has appropriate mechanisms in place for availability in the event of a disaster.
The first full backup is scheduled immediately after a database is created. Each database has sufficient point-in-time restore coverage and long-term retention backup availability for comprehensive data restoration, if required.
Note
For more information, see Azure Regions.
What is geo-redundant storage?
Geo-redundant storage copies data synchronously three times within a single physical location in the primary region using Locally Redundant Storage. It then copies data asynchronously to a single physical location in a secondary region that is hundreds of miles away from the primary region. The image below depicts a representation of this process:
Data in the secondary region is not directly accessible to users or applications (read access), unless required by disaster recovery. After disaster recovery operations are complete, data will be read and written to the new primary region.
Note
For more information, see Microsoft’s Azure Resources.
BeyondTrust disaster recovery testing & procedures
Formal Business Continuity (BC) and Disaster Recovery (DR) plans have been implemented for the corporate and cloud environment as well as other defined categories related to personnel shortages and environmental disasters. This plan is aligned to ISO 22301, certified, and audited under ISO 27001 and SOC 2 Type II, reviewed by management, tested annually, and approved by BeyondTrust's GRC Committee.
Scenarios have been developed to ensure that our teams have considered various threats and situations when attempting to restore services within the cloud. Such scenarios include the team creating a single tenant instance and intentionally rendering the service inoperable. This allows for various methodologies to be tested, such as redeploying an instance and/or implementing the last known good backup within the service. All DR testing performed by BeyondTrust is conducted through virtualization to avoid impacting our customer's daily operations and the service.
Another component of the DR testing is from Microsoft Azure's perspective. Microsoft Azure is responsible for performing entire availability zone and Azure region restoration and migration. This information is independently validated as part of Microsoft's Compliance Program and reviewed by BeyondTrust as information becomes available. A copy of the hosting provider's SOC 2 Type II report and other compliance related documentation can be retrieved from the Compliance Program linked below.
It is important to note that BeyondTrust cloud operations only carries out the DR functionality in the event of a true failure. Our organization does not perform DR procedures to recover data from accidental customer deletions or errors.
Note
For more information, see Microsoft's Compliance Program.
Recovery time, recovery point objectives, and cloud uptime
BeyondTrust's Security Requirements states in Section 12.1.2 of Business Continuity Management that our organization is required to update and test the BCP annually at a minimum and is also required to mitigate significant changes to information security risk. With that, recovery time and recovery point objectives are situation specific and will vary depending on the nature of the incident.
The Cloud Service Guide states in Section 4. Availability Service Level, subsection (4) that BeyondTrust's availability SLA for the service shall be 99.9% during a calendar month. From an historical standpoint (Q1 2022 to present), BeyondTrust has exceeded this SLA uptime averaging (99.997%) but is unable to commit to anything higher to due to these values reflecting the contractual commitments between BeyondTrust and Microsoft Azure.
Updated 3 days ago