Data Availability¶
Reliable, uninterrupted access to the vault is critical for business continuity. If a password management solution goes down, it affects all business operations. There should be provisions for data backup to handle unexpected situations like a server crash or physical damage to machines in addition to continuous availability. While the backup and high availability provisions are offered to handle these scenarios, it is important to ensure security around these measures.
The high availability architecture ensures security in all aspects. As the configuration involves running the Securden server and the database on different servers, the database has been configured to accept connections only from specific IP addresses - typically, the servers configured as ‘high availability servers’ alone. Besides, the database is enforced to accept only SSL connections. The database is guarded not to accept other connections.
To ensure security, the backup copy remains fully encrypted. The encryption key is separated from the backup copy. Typically, the live version and the backup share the same encryption key. While trying to restore data from the backup, the encryption key is needed. Without that, the restoration will not happen.