PostgresQL
The majority of Banno Platform services use the relational database PostgresQL. The configuration, access policies and deployment is written into code stored in a git repository in the GitHub Banno org. Any time a configuration change, policy update or deployment state needs updated changes are submitted through a code commit and review that requires two approvals before changes can be merged and management approval before the changes can be deployed. System monitoring leverages a system logging module that accepts application logs and generates notifications based on varying levels of criticality to send notifications to the appropriate endpoints; PagerDuty, Slack channels, log aggregation systems and graphing tools that help visualize performance based on metrics. Additionally we ship syslog to the corporate log aggregation systems for additional analysis. Our systems are configured for streaming replication to an alternate site, weekly full backups and nightly incremental backups. Should an interruption to our primary location occur the Banno sites and services can be transitioned to the alternate site to restore service function. Banno applications use Hashicorp Vault hosted in our data centers to secure, store and control application and user level access to our databases. Management performs a quarterly review of database access and provides these reviews to internal audit. Data backups and WAL archives are stored encrypted at rest in Azure cloud storage.
Mongo
The Banno Content service uses MongoDB. The configuration, access and deployment policies are managed in the same manner. The MongoDB databases use streaming replication to an alternate site like PostgreSQL and any errors follow the same alert mechanisms as described for Postgres. MongoDB authentication also uses Hashicorp Vault for applications to get credentials.
Cosmos
These datastores act as a caching layer for account transaction data. The backup for this data is provided by Microsoft and would rely on region and zone resiliency built into the Cosmos service platform. Currently configured to backup every 4 hours with geo-replicated storage.
Kafka
A set of internal services also use Apache Kafka as a datastore. Apache Kafka is not a relational database, but a stream-processing platform. A few internal systems use it as the system of record. Kafka is currently backed up hourly, but work is being done to move it to a streaming replication DR stance.