Zendesk's Business Continuity and Disaster Recovery Program ensures resiliency, recoverability and contingency from significant business disruption, such as local or regional events like a natural disaster, fire, power outage, acts of malice, and technical or infrastructure disruption. Business Continuity and Disaster Recovery focuses on ensuring Zendesk's critical business functions and technologies will continue to operate despite a significant disruption that might otherwise have caused an interruption, or will be recovered to an operational state within a reasonably short period.
Resilience and Risk Mitigation
Business resilience is the ability an organization has to quickly adapt to disruptions while maintaining continuous business operations and safeguarding people, assets, and overall brand equity. One of the most important factors in maintaining business resilience is a proactive, comprehensive, and methodical approach to risk (both internal and external to our customers).
- We have developed a risk framework and strategy that accounts for the evaluation of our facilities, technology, applications, data, processes and overall organization to ensure our risk mitigation strategy operates at multiple levels with broad coverage.
- On an annual basis we conduct risk assessments and business impact analysis (BIA) to understand and mitigate risk.
Redundancy and Recoverability
Our server clustering and network redundancies eliminate single points of failure, ensuring high service availability.
- Zendesk uses a fully redundant, distributed, and automated environment consisting of geographically separate data centers running multiple, self-sustaining instances of the Zendesk application. As a precaution, we have additional space and power to add capacity to our data centers should one data center become unrecoverable in a disaster.
- We use multiple Internet service providers, connected through diverse paths entering the facilities at physically secure, separate locations. This redundant mesh-edge network design delivers robust networking through a number of paths.
- Our database data is stored on efficient flash memory devices with multiple servers per database cluster.
- Any hardware component failures are handled quickly and easily with automated builds and deploys.
- Our strict backup regime helps protect your data should we experience a major incident. Key source data for standard Zendesk accounts is backed up daily, which includes both local and off-site storage.
Enhanced Disaster Recovery
In addition to all the business continuity and disaster recovery efforts made for all Zendesk customers, some may prefer an additional level redundancy and recoverability, which is where our Enhanced Disaster Recovery feature, part of the Advanced Security Enterprise Add-on, comes in.
At Zendesk all customers are assigned to a specific POD in one of our data centers. Customers with the Enhanced DR feature are also assigned a secondary (warm) POD which contains a real-time replication of their data and dedicated redundant capacity. The primary and secondary PODs are located in two separate geographically diverse data centers. In the event of a significant disaster, this allows Zendesk to failover from the primary POD to the secondary POD more seamlessly. To break this down a little further, here are some additional details:
- In addition to our standard data backup practices, the extra layer of real-time replication in a secondary location lessens the chance of any data loss as the result of a significant disaster. Because of this real-time replication we are able to maintain a targeted Recovery Point Objective (RPO) of 0 hours from the point of impact.
- The secondary POD has a full application stack and dedicated redundant capacity in place. This combined with the data being readily available allows for a straight forward failover from the primary POD within a short number of hours. For customers with the Enhanced DR feature there is a targeted Recovery Time Objective (RTO) of 4 hours, after a declaration of a disaster.
- We have extensively tested both our US and EU Enhanced DR functionality. These exercises consisted of a full failover from each data center to its secondary site and a rollback to its original state. Each quarter we perform an exercise that touches either our US or EU Enhanced DR. The scenarios for these exercises vary and include different elements of our business continuity and disaster recovery plans.
- Our business continuity and disaster recovery plan and associated technical runbooks are detailed and have been vetted through each DR exercise.
Contact Zendesk Security to learn more.