Skip to main content

Backup and Disaster Recovery Planning

📋Planning Guide

This guide provides architectural information for planning EmpowerID backup and disaster recovery. For SQL Server backup and recovery procedures, refer to Microsoft SQL Server documentation and your organization's database backup policies.

Data Storage Architecture​

EmpowerID houses all data in the Microsoft SQL Identity Warehouse database. This centralized data storage approach simplifies backup planning by consolidating all critical information in a single location.

The Identity Warehouse database contains:

  • Configuration Data - System settings and configuration parameters
  • Application Integration Data - Connected system configurations and integration settings
  • SSO and Federation Configuration Data - Single sign-on and federation partner settings
  • Directory Sync Configuration Rules - Identity synchronization rules and mappings
  • Security Role Data - Role definitions, assignments, and access policies

Backup Requirements​

Database Backup​

The SQL Server Identity Warehouse database is the primary backup requirement. All EmpowerID operational data, configuration, and state information resides in this database.

Your SQL Server backup strategy should include:

  • Regular full database backups
  • Transaction log backups for point-in-time recovery capability
  • Backup retention policies aligned with your recovery objectives

Server Configuration​

No server configuration data outside of the standard installation data is unique between servers. EmpowerID servers are essentially stateless, with all persistent data stored in the database.

File System Data​

The only file system specific information or configuration is any web console branding or theming changes made to the website specifically. If you have customized branding, these files should be backed up separately.

Disaster Recovery Architecture​

High Availability Configuration​

Disaster recovery can be achieved by:

  1. Installing additional servers in a DR site
  2. Configuring SQL Server into a high availability group within the Microsoft SQL configuration
  3. Establishing database replication between primary and DR sites

Architecture Overview:

  • Entry Point: Traffic enters through the load balancer and reverse proxy
  • Application Tiers: Dual web and app servers provide redundancy and load distribution
  • Data Layer: VDS replicates to SQL Always On HA database for disaster recovery
  • Failover: Upon primary failure, DR database promotes to primary and servers reconnect automatically

Architecture Components:

  1. SQL Always On High Availability - A secondary SQL server setup with a copy of the EmpowerID Database configured for SQL Always On High Availability synchronous replication

  2. Active DR Servers - EmpowerID Web, App, VDS, and Reverse Proxy servers are configured into the EmpowerID environment as active systems. SQL connection string is configured with the HA Group name of the EID database. Once configured, the services can be turned off to put the servers in an inactive state

  3. Load Balancer Redundancy - Redundant load balancer configured into the load balancer infrastructure

Failover Behavior:

In the event of a failure of the primary environment, the SQL engine will fail over to the secondary replica and promote the secondary database to be primary.

In the event of a failure of the primary environment, the services are started on the EID servers which automatically connect to the new primary database and update themselves with any updated workflows from the EID database.

Point-in-Time Recovery​

Using SQL Server's point-in-time restore process, the system can be easily restored to any specific minute in time, provided appropriate transaction log backups are maintained.

Data Security Considerations​

Understanding how EmpowerID stores sensitive data is important for compliance and audit purposes.

Password Storage​

All user authentication and authorization data is stored in the database:

  • User passwords are stored in one-way hashed encrypted format and are uniquely salted
  • Service account passwords (stored for purposes of subsequent retrieval and use by agents) are encrypted via server certificate and then the hash is encrypted

Database Encryption​

EmpowerID supports Microsoft's full database encryption (Transparent Data Encryption) if desired. This provides encryption at rest for the entire database.