Golonex

Security Operations

EDR · MDR · XDR Email Security SOC Monitoring & SIEM Continuous VAPT Security Awareness Training

IT & Governance

Configuration Management Backup & DR / BCP IT & Security Governance IS Audit Readiness Compliance Readiness

Advisory & AI

Fractional Leadership AI Automation Solutions Lab Staff Augmentation Hire with us Our Work Industries About Contact Blog Golonex Press ↗ Golonex Tools ↗ ◆ Golonex Ready Book a Call →
Backup & DR / BCP

When ransomware or outages hit, you recover fast.

Immutable backups, tested disaster recovery, and a written business continuity plan — managed by named Golonex engineers with defined RPO and RTO commitments.

Three Layers of Resilience

Backup. Recovery. Continuity.

Each layer is independently valuable — together they ensure your business can survive and recover from any incident.

🔒

Immutable Backup

Air-gapped, write-once backups that ransomware cannot encrypt or delete. Multiple retention tiers — hourly, daily, weekly, monthly. Integrity-verified on every cycle.

Disaster Recovery

Documented failover runbooks, tested recovery procedures, and a cloud or co-location DR environment that can be activated within your agreed RTO. Monthly restore tests — not just backup verification. Secondary DR site geographically separated from the primary.

📋

Business Continuity Planning

Written BCP document covering all critical systems, tabletop exercises, live DR drills with documented test results, and annual review. BCP summary report formatted for MD/CEO sign-off and Board presentation.

What We Manage

End-to-end ownership — deployment through incident response.

We do not hand you a backup product and leave. Golonex engineers own the configuration, test cycles, and incident response.

  • Backup agent deployment, scheduling, and policy management
  • Backup integrity verification and restore testing (monthly minimum)
  • Secondary DR site setup — geographically separated from primary data centre (RBI requirement for banks: minimum 50km separation)
  • Cloud or co-location DR environment maintenance (AWS, Azure, GCP, or co-lo)
  • BCP document drafting — covering CBS, payment systems, customer channels, and critical IT infrastructure
  • Defined RTO and RPO per system — documented, agreed, and contractually backed
  • Annual DR drill execution with documented test report (required by RBI for banks)
  • BCP test report formatted for MD/CEO sign-off and Board submission
  • Incident response — when you need to restore, we execute the runbook
Commitments

Defined targets, not marketing promises.

Every managed DR engagement is scoped with explicit RPO and RTO targets that Golonex is accountable for delivering.

< 4 hr

Typical RTO target for managed DR engagements

3-2-1

Backup rule enforced — 3 copies, 2 media types, 1 offsite

Annual

DR drill with documented test report — RBI requirement for banks

For Banks & Regulated Entities

RBI BCP and DR requirements — covered.

RBI mandates specific BCP and DR standards for banks and co-operative banks. Golonex aligns every managed engagement to these requirements — so your IS Audit evidence pack answers every question.

RBI Requirement How Golonex Satisfies It
Written BCP covering all critical systems Golonex drafts the BCP document — CBS, payment systems, internet banking, and all critical IT — reviewed and updated annually
Secondary DR site — minimum 50km from primary DR site selection, setup, and ongoing maintenance — geographically separated from primary data centre
Defined RTO and RPO per critical system Explicit RTO/RPO targets agreed per system, documented in the DR architecture, and tested in annual drills
Annual DR drill with documented results Full DR drill executed and documented annually — test report includes scenario, results, gaps, and next actions
BCP test report signed by MD/CEO Golonex produces a Board-ready BCP summary report formatted for MD/CEO approval and Board filing
FAQ

Frequently asked questions

How often are backups actually tested — verified versus restored? +

Backup integrity is verified on every cycle — we confirm the job completed and the data is readable. Full restore tests — where we actually recover data to a target environment and verify it works — happen monthly at minimum. We document both, so your IS auditor has evidence of working backups, not just backup jobs that ran.

What RTO target can we expect for managed DR? +

Typical managed DR engagements target under 4 hours RTO for critical systems. The actual target is agreed per system during scoping — your core banking platform may need a tighter SLA than back-office systems. Every RTO target is documented, tested in the annual DR drill, and contractually committed — not stated in a proposal and absent from the agreement.

Do you support cloud, on-premise, or hybrid environments? +

All three. We manage backup across AWS, Azure, GCP, co-location data centres, and on-premise infrastructure — and we architect multi-destination backup (3 copies, 2 media types, 1 offsite) regardless of your current mix. Secondary DR sites are geographically separated from primary, meeting the RBI minimum 50km separation requirement for Indian banks.

Is this relevant for RBI-regulated banks and urban co-operative banks? +

Yes — this is one of the clearest RBI mandates. Banks and urban co-operative banks (UCBs) must maintain a secondary DR site, conduct annual DR drills with documented results, and produce a Board-approved BCP document covering CBS, payment systems, and customer channels. Golonex manages all of it, including the Board-ready BCP summary report formatted for MD/CEO sign-off.

What's the difference between backup, disaster recovery, and BCP? +

Backup ensures your data survives an incident. Disaster recovery ensures your systems can be restored to working order within your agreed RTO. Business continuity planning covers the broader question — how the organisation operates during and after the incident, which systems are critical, what the recovery sequence looks like, and who is responsible for each step. We deliver all three as a single managed engagement.

Get Protected

Start with a backup and DR assessment

Share your current infrastructure and recovery requirements. We will assess your exposure and propose a protection architecture within one business day.