Backup & Restore Policy
1. Purpose
Ensure critical data is backed up securely and can be restored within defined RPO/RTO.
2. Scope
Applies to production databases, configuration repositories and essential SaaS data.
3. Backup Schedule
| System | Method | Frequency | Retention |
| Amazon RDS MySQL (prod) | Point-in-time + nightly snapshot | Continuous + 24 h | 30 days |
| Object Storage (Amazon S3) | Versioning & replication to eu-west-1 (Ireland) | Real-time | 90 days |
| GitHub Repos | Geo-replicated mirrors | Hourly | 1 year |
| Jira & Confluence | Vendor managed export | Daily | 30 days |
4. Storage & Encryption
Backups stored in a separate AWS account with IAM separation; encrypted at rest with CMK (KMS).
5. Testing
- Bi-monthly (every 2 months) restore tests for primary DB.
- Random file-level restore drills bi-monthly.
- Results documented in Jira.
6. Roles
SRE Lead owns backup infrastructure; engineers on-call perform restores.
7. Incident Handling
Backup failures create Better Stack alerts; investigate within 4 h.
8. Disposal
Expired backups deleted via lifecycle policies; crypto-shredding for object versions.
Version 1.0 — effective 2025-07-01