DCTR-07

Are your primary and secondary data centers geographically diverse?

Explanation

This question is asking whether your organization maintains primary and secondary data centers that are located in different geographic regions. Geographic diversity in data centers is a critical aspect of disaster recovery and business continuity planning. What this means: Having geographically diverse data centers means your backup/secondary data center is located far enough away from your primary data center that both are unlikely to be affected by the same natural disaster, power outage, or regional disruption. Why it's being asked: This question assesses your organization's resilience against regional disasters or outages. If both your primary and secondary data centers are in the same geographic area (e.g., same city or region), they could both be impacted by the same event such as a hurricane, earthquake, flood, regional power outage, or telecommunications failure. Geographic diversity helps ensure that if one data center goes offline due to a regional event, the other can continue operations. How to best answer it: Be specific about the locations of your data centers and the approximate distance between them. If they are in different regions, states, or countries, mention this explicitly. If you use cloud providers, specify the regions where your primary and backup environments are hosted. If you don't have geographically diverse data centers, explain your alternative disaster recovery strategies or plans to implement geographic diversity in the future.

Example Responses

Example Response 1

Yes, our primary and secondary data centers are geographically diverse Our primary data center is located in Northern Virginia (US East), while our secondary data center is located in Oregon (US West), approximately 2,400 miles apart This geographic separation ensures that regional disasters affecting one location will not impact both data centers simultaneously We conduct regular failover testing between these locations to verify our ability to maintain operations in the event of a regional outage.

Example Response 2

Yes, we maintain geographic diversity in our data center strategy Our primary data center is hosted in AWS's eu-west-1 region (Ireland), and our secondary data center is in AWS's ap-southeast-1 region (Singapore) This cross-continental separation provides maximum protection against regional disasters Our architecture is designed for automatic failover with RPO (Recovery Point Objective) of 15 minutes and RTO (Recovery Time Objective) of 1 hour between these geographically diverse locations.

Example Response 3

No, currently our primary and secondary data centers are not geographically diverse Both are located within the Dallas metropolitan area, approximately 15 miles apart While this arrangement provides protection against facility-specific issues, we recognize the vulnerability to regional disasters To mitigate this risk, we maintain encrypted backups in a third-party cloud storage solution (AWS S3) in a different geographic region, and we have a documented disaster recovery plan that includes procedures for rebuilding our infrastructure in a different region if both local data centers are compromised We are currently evaluating options to establish a truly geographically diverse secondary data center by Q3 of next year.

Context

Tab
Infrastructure
Category
Datacenter

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron