Skip to main content

Backup and Recovery in NoCode-X.com: Zero-Data Principle and Competitive Advantages

The Backup and Recovery system in NoCode-X.com is designed to provide unparalleled assurance on the recoverability of data and the availability of customer services. By leveraging Infrastructure as Code (IaC), out-of-band backups, and the zero-data principle, NoCode-X.com ensures that customer information is protected, recoverable, and adheres to the highest industry standards.

Concepts

1. Zero-Data Principle

The zero-data principle ensures that in the event of a disaster or cybersecurity incident, all data and services can be fully recovered without any loss. This is achieved through:

  • Infrastructure as Code (IaC): The entire NoCode-X ecosystem can be redeployed from IaC, ensuring that the platform can be restored to any point in time with the corresponding version of NoCode-X.
  • Information Backups: Backups are taken twice daily and stored out-of-band, ensuring they are isolated from the runtime environment and protected from malicious attacks.

2. Backup Frequency and Retention

  • Backups are taken twice daily at:
    • Midnight (00:00:00 CET).
    • Noon (12:00:00 CET).
  • This results in a Recovery Point Objective (RPO) of 12 hours.
  • Backups are retained out-of-band, meaning they are stored in a separate environment inaccessible from the runtime ecosystem, ensuring protection against ransomware and other high-impact events.

3. Backup Security

  • The backup system has no authenticated attack vector accessible from within the runtime environment, including end-users and developers.
    • This by-design security measure ensures that even if the runtime ecosystem is compromised, the backups remain secure and inaccessible to attackers.

4. Self-Hosted Configurations

  • For self-hosted deployments, backup frequencies and configurations can be customized by the customer using Helm charts.
    • Customers can align backup schedules with their business requirements.
    • It is recommended to store backups in a cloud volume with:
      • Cloud Service Provider Encryption configured with Customer Managed Keys (CMK).
      • A paper copy of the CMK stored securely to ensure full recovery in adherence to zero-data loss principles.

5. Architectural Design for Service Mesh Ecosystems

  • Consistent backups in a service mesh ecosystem are a significant architectural challenge. NoCode-X.com achieves this through:
    • A design-first approach that incorporates backup requirements into the platform's architecture.
    • Ensuring that backups are consistent across the entire ecosystem, including APIs, templates, and runtime data.

Recovery Assurance

1. Standard Recovery

  • Backups are tested frequently to ensure reliability.
  • Recovery is supported for any point in time within the backup retention period.
  • The IaC ensures that the platform can be restored to the exact version required for the data recovery.

2. Alternative Recovery

  • In worst-case scenarios, an alternative restore can be initiated. This involves:
    • Deploying the NoCode-X ecosystem using IaC on an alternative runtime.
    • Restoring data onto this alternative runtime for fine-grained extraction.
    • This process can be executed by Co-Dex.eu or the customer, on a time and materials basis.

Advantages of NoCode-X Compared to Other Platforms

NoCode-X.com stands out from other no-code and low-code platforms due to its strong design principles and comprehensive backup and recovery capabilities:

1. Zero-Data Principle

  • Unlike many other platforms, NoCode-X.com ensures that all data and services can be fully recovered without any loss, thanks to its IaC and out-of-band backups.

2. Out-of-Band Backups

  • Many no-code/low-code platforms store backups within the same environment as the runtime system, making them vulnerable to ransomware and other attacks. NoCode-X.com’s out-of-band backups eliminate this risk.

3. Customizable Backup Configurations

  • Self-hosted customers can configure backup frequencies and storage locations to meet their specific business needs, a flexibility not commonly offered by other platforms.

4. Comprehensive Testing

  • Backups are tested frequently, and the IaC ensures compatibility with both the most recent and historical versions of the platform. This level of testing and assurance is rare in the no-code/low-code industry.

5. Service Mesh Ecosystem

  • NoCode-X.com’s architecture is designed to handle the complexities of a service mesh ecosystem, ensuring consistent backups across APIs, templates, and runtime data.

6. Security by Design

  • The backup system is isolated from the runtime environment, eliminating attack vectors from within the ecosystem. This by-design security measure is a significant advantage over other platforms.

Compliance with Industry Standards

ISO 27001:2022

  • Clause 8.1 (Operational Planning and Control): Ensures that backup and recovery processes are planned, implemented, and maintained.
  • Annex A.8.13 (Information Backup): Requires that backups of information, software, and system images are taken and tested regularly.
  • Annex A.8.29 (Information Security During Disruption): Ensures that information security is maintained during disruptions.

NIST-53 CSF

  • PR.IP-4 (Backups): Backups of critical data are conducted, maintained, and tested.
  • RC.RP-1 (Recovery Planning): Recovery plans are executed during or after a cybersecurity incident.
  • RC.IM-1 (Lessons Learned): Recovery plans incorporate lessons learned from incidents.

Cyber Fundamentals Essentials

  • PR.IP-4 (Backups): Backups are conducted and stored on systems separate from the original data.
  • RC.RP-1 (Recovery Planning): Recovery processes ensure restoration of systems or assets affected by cybersecurity incidents.
  • RC.IM-1 (Lessons Learned): Recovery strategies are updated based on lessons learned.

Benefits of NoCode-X.com’s Backup and Recovery System

  1. High Availability: Twice-daily backups ensure a maximum RPO of 12 hours, providing business owners with confidence in data recoverability.
  2. Security by Design: The backup system is isolated from the runtime environment, eliminating attack vectors from within the ecosystem.
  3. Flexibility for Self-Hosting: Customers can configure backup frequencies and storage locations to meet their specific business needs.
  4. Comprehensive Testing: Frequent recovery tests ensure that backups are reliable and compatible with the platform's most recent and historical versions.
  5. Zero-Data Loss Principles: Adherence to best practices, such as storing backups in cloud volumes with CMK encryption, ensures data integrity and recoverability.
  6. Competitive Edge: NoCode-X.com’s backup and recovery capabilities far exceed those of other no-code/low-code platforms, making it a leader in the industry.

Summary

The Backup and Recovery system in NoCode-X.com is a cornerstone of its commitment to data security and service availability. By leveraging Infrastructure as Code, out-of-band backups, and the zero-data principle, NoCode-X.com provides unparalleled assurance to its customers. Whether hosted by Co-Dex.eu or self-hosted, the platform ensures compliance with ISO 27001:2022, NIST-53 CSF, and Cyber Fundamentals Essentials, making it a leader in the no-code/low-code industry for backup and recovery capabilities.