Professional Documents
Culture Documents
Classification
Revision
2.1 DESCRIPTION
KDS primary site is hosted in a datacenter at Courbevoie near Paris, France. Without being certified by the
Uptime Institute, this primary site complies with requirements that would place it between Tier III and Tier
IV.
The secondary site is located in a datacenter at Marcoussis, France. The secondary site will be called “DR
site” in this document.
The DR site only supports all customers who are entitle for an Executive Support service. This means that in
case of a major outage at the primary site, only KDS customers with an Executive Support contracts are able
to use the DR site. The data of other customers are not lost, but these customers won’t be able to access
the DR site.
When activated, the DR site acts as a replacement of the primary site: in this case, the primary site is totally
disabled. In particular:
• It is not possible to have some customers using the DR site, while other customers still using the
primary site;
• It is not possible to have some features available on the DR site while other features are still
available on the primary site.
2.2 OBJECTIVES
Both RPO (Recovery Point Objective) and RTO (Recovery Time Objective) are important elements of our
recovery plan so that our clients are the least possible impacted in case of a disaster.
• KDS will open the DR site for a specific client, but it will be reachable with a different URL;
• Everything done in the DR site during the test period will be definitely lost.
During the tests, the primary site will continue to run normally.
Consequently, KDS strongly recommends to avoid the use of DR site by regular users
As the DR site and the primary site will run in parallel with production data during the tests, some features
will be disabled to keep them from interfering with external systems or with each other. Namely,
Services that are not due to be recovered within one day according KDS Recovery Plan won’t be included in
this test (e.g. Data loading, Profile synchronization, maps, reporting …).
4.1 ORGANIZATION
The DR site tests will be managed by a team consisting of, at least:
• KDS Project Owner, who will act as the coordinator for this test;
• KDS Security Officer;
• Client Project Owner.
4.2 TIMELINE
See figure 2.
KDS and client agree on a date and time for starting the test (t=0). This
moment cannot be earlier than 7 days before the effective start of the test.
t=0 Start. This corresponds to the moment where the primary experiences “virtually”
a major outage.
t+4 hours KDS opens the DR site with data copied from the primary site. KDS guarantees
that the data is not older than t-10 minutes.
t+48 hours KDS closes the DR site. All the data modified on the DR site is definitely lost.
Here are a few tests that can be performed. This list is a suggestion.
• Check that the URL for DR site resolves to an IP address that is different from the primary site. Check
that these IP addresses are located at different geographic places
• Create an expense report on the primary site a few minutes before the start of the test (<t-10
minutes). Verify that this expense report is available on the DR site. This validates that data has been
correctly copied from primary site to DR site
• Create an expense report on the primary site a few minutes after the start of the test. Verify that this
expense report is not present on the DR site. This validates that primary site and DR site are
independent
• Perform the steps defined as “critical” as part of the KDS-client integration. This validates that the
client can use the DR site for its daily operations, namely: ...(to be defined by KDS Project Owner)
KDS – Neo – Disaster Recovery Plan (DRP) – Restricted – 7/7