Availability and resilience. Data on Xxxxxxxxxx.Xxx server systems is backed up incrementally at least daily and "fully" weekly. The backup media are encrypted and moved to a physically separate location. The import of backups is tested regularly. The IT systems have an uninterruptible power supply. The server room has a fire alarm system and a CO2 extinguishing system. All server systems are subject to monitoring, which immediately triggers messages to an administrator in the event of malfunctions. There is a contingency plan in place at Xxxxxxxxxx.Xxx, which includes a restart plan.
Availability and resilience. Capacity to be restored The Contractor shall warrant the ability to rapidly restore the availability of and access to personal data in the event of a physical or technical incident by taking the following measures: ● regular execution of backups ● performance of a regular check of the condition and identification of data carriers for data backups ● separate storage of the backup data media/back-up stocks ● regular, prompt updating of servers and workstations (patch management)
Availability and resilience. 6.1 The Booking Service must be sufficiently robust and resilient to meet the required hours of operation, with no single points of failure and designed to minimise data loss in line with Schedule 21.
Availability and resilience. Data on doo's server systems are regularly backed up comprehensively according to a detailed backup policy. The import of backups is tested regularly. The IT systems have an uninterruptible power supply. The server room is equipped with a fire alarm system and a CO2 extinguishing system. All server systems are subject to monitoring, which immediately triggers messages to an administrator in case of malfunctions. There is also an emergency plan at doo, which includes a restart plan. In addition, the measures implemented with regard to the servers at the technical service provider AWS are documented in detail here: xxxxx://xxx.xxxxxx.xxx/de/security/
Availability and resilience. The processing of personal data must occur on data processing systems that undergo regular, documented patch management. No systems may be connected in the network that are outside the maintenance cycles of the manufacturers (esp. no Windows XP, Windows Server 2003, etc.). Security- related patches must be installed within 72 hours after being announced. The continuous availability of personal data must be ensured by means of redundant storage media and data backups in accordance with the state of the art. Data centers and server rooms must correspond to the state of the art (temperature regulation, protection against fire, water penetration, etc.). The servers must have an uninterruptible power supply (UPS) that ensures a controlled shutdown without data loss. The company has implemented the requirements in the following manner: Regular documented patch management for the server Installation of security-critical patches within 72 hours Data storage on storage systems Spatially separated redundant data storage Uninterruptable power source Redundant air conditioning of the servers Early fire detection
Availability and resilience. 4.1. High Availability Architecture - Load balanced, high-performance, redundant and monitored 24/7.
Availability and resilience. 1. Availability control The Processor procures that the technical infrastructure provides high availability and reliability. With regard to this, the Processor takes the following measures for protecting Personal Data against accidental destruction or loss: • Interruption-free power supplies avoid unplanned system crash in the event of short-term power failures. In addition, emergency generators are used to take over the power supply in the case of longer power failures. • High-speed and robust optic fiber networks connect data centers with other large hubs and Internet users. • In addition, high availability is addressed through monitoring measures and the resulting rapid response to incidents. • Geographically dispersed operations centers are in operation around the clock. • Intelligent back-up failover capabilities cater for availability. • Data is permanently held in two locations. Back-up site locations can be selected. This allows that flawless replicas can be created.
Availability and resilience. It must be ensured that personal data is protected against accidental destruction or loss. ● Controller data is subject to regular data backups ● Use of redundant systems ● Use of uninterruptible power supply.
Availability and resilience. To ensure availability, protection programs (virus scanners, firewalls, encryption programs, SPAM filters) are used and a written concept of their use (virus protection concept, etc.) has been created. • In addition, contractual restrictions apply to employees of subcontractors and other service providers who are involved in the performance of the contract concerning the handling of Customer’s personal data. • Availability levels are specified in Netigates Terms of Service. • If the Customer’s account is hosted on xxx.xxxx.xx, the processing takes place exclusively in the Federal Republic of Germany (see Sub-processors, Section 7). Access for Netigate AB from Sweden is possible as part of the development and maintenance of the applications and systems.
Availability and resilience. Availability Control Data Backup and Restore The application databases are run in parallel in two different data centers in Germany at any time (redundancy concept). Data entered by clients is thus stored in two different data centers. Accordingly, even in case of a hazard at one data center, the data is not affected but would continue to be served from the other data center, without interruption. Furthermore, as an additional security measure, our Hosting Provider takes automated daily database backups and stores them in encrypted form. These backups enable the technical team to restore at a certain image point. Uninterruptibl e Power Supply Our Hosting Provider’s data centers abide by the 24/7 principle of the power supply for sustainable protection from failure. Redundant climate xxxxxxxx (secured via UPS and diesel generators) ensure that no system failures occur even in case of malfunctions. Reporting Procedures Our Hosting Provider maintains regulated procedures and processes for security patches ("patch days") and reported vulnerabilities, and additionally arranges escalations in case of system-relevant security reports from the respective CERT. Data Breach Incident Management The Hosting Provider provides isolation control, different environments (production, testing) are run on separate instances with redundancy. In case of an incident, daily backups can be restored within a few hours and a team is on standby ready to support the data restore and ensure services are reinstated swiftly. The Hosting Provider as well as TolaData company have defined and documented incident response plans with detailed procedures, including a list of possible mitigation actions and clear assignment of roles. Any incident or data breach must be reported immediately to management and the Data Protection Officer. The Data Protection Officer will report the incident to the relevant supervisory authority within 72 hours; affected customers or individuals will be informed immediately by TolaData. An incident management plan is in place: Preparation and response measures are documented, including a list of necessary steps and a clear assignment of roles in the event of a data breach. Anti-virus All TolaData machines have antivirus installed. Our Hosting Provider also uses antivirus software to ensure that the TolaData application is not compromised where it is hosted. Malware The antivirus software installed on all machines protects against malware. Our Hosting Provider also...
