10 Keys to NetSuite Reliability: An Overview of DR and Continuity Strategies

At NetSuite, resilience isn’t just a feature. It’s foundational to how our platform is engineered, because we know our customers’ businesses run on data. Here’s a comprehensive view of how NetSuite approaches disaster recovery (DR) and broader business continuity. While details may vary by region, product tier, and contract, these principles reflect how NetSuite is designed and operated as a SaaS platform within Oracle.

1. Overall objectives

   • High availability first, fast recovery second. Our platform is engineered to avoid outages through redundancy and fault tolerance and to recover quickly if a site or component does fail. NetSuite guarantees a 99.7% availability outside of scheduled services windows and has delivered 99.96% availability over recent years.
   • Transparency. NetSuite maintains a publicly available status page (opens in new tab) that continuously displays system uptime, including quantitative availability metrics, as well as up-to-the-minute announcements during disruptions.
   • Data integrity and confidentiality. DR is tightly coupled with security controls, including encryption, access management, and independent auditing, to ensure data accuracy and protection during and after an incident.
   • Adherence to audited controls. Controls and DR activities are subject to third‑party audits, including the SOC 1/2 and ISO 27001 families, to give customers peace of mind.

   

2. Architecture and redundancy

   • Multitier, redundant design. Application servers, integration services, and databases operate in clustered, N+1 configurations. Load balancing and health checks route traffic away from failed nodes.
   • Site/region pairing. Customer accounts are placed in a primary facility with a paired secondary facility, typically in the same general geography, to balance latency, compliance, and recovery. Traffic can be quickly redirected if a facility experiences an incident that affects availability.
   • Segmented failure domains. Power, network, and storage are designed with redundancy and isolation to limit the radius of downtime. We enable component-level failover before site-level failover is considered.

3. Data protection and replication

   • Continuous replication. Production databases are replicated to a secondary site to enable recovery if the primary becomes unavailable, with metrics based on your contract. We cover recovery point and recovery time metrics below.
   • Backup strategy. Regular, encrypted backups are stored separately from primary data storage. Multiple generations are retained to support point‑in‑time recovery scenarios, for example, to address corruption.
   • Encryption. Data is encrypted in transit and at rest. Keys are managed according to strict policies, and backups remain encrypted throughout their lifecycles.
   • Integrity checks. Backups and replicas are validated for recoverability, with periodic restore tests as part of the standard control set.

4. Failover and recovery operations

   • Automated detection and orchestration. Monitoring detects service health degradation and can trigger failover runbooks. Manual oversight is used for safety and verification.
   • Tested playbooks. DR procedures for both partial- and full-site scenarios are documented, rehearsed, and continually refined. Exercises include technical recovery, data validation, and service reintroduction steps.

5. Objectives and commitments

   • Defined RPO/RTO. NetSuite targets the low recovery point and recovery time objectives customers expect for a global ERP provider, with a 12-hour RTO and one-hour RPO standard. Exact metrics and customer‑specific guarantees are provided via service descriptions and contracts; a one-hour RTO and five-minute RPO service is available. Audited reports provide assurance that controls are operating as expected.
   • Uptime and maintenance. NetSuite has a 99.7% uptime per month service-level commitment, and our maintenance windows and release processes are designed to minimize the impact on customers.

6. Security, compliance, and auditing

   • Independent attestations. DR and continuity controls are covered in third‑party assessments, such as SOC 1 Type II, SOC 2 Type II, and ISO 27001/27017/27018. PCI DSS is applicable to relevant payment services.
   • Change and access controls. All changes follow formal change management processes, and least‑privilege access and segregation of duties protect environments during recovery steps.
   • Incident management. NetSuite provides defined severity levels, on‑call response, containment/eradication processes, root‑cause analysis, and customer communications for major incidents.

7. Data residency and sovereignty

   • Regional hosting. Customers are placed in regions aligned with their data residency needs, such as EU hosting for EU data. DR pairings are designed to respect residency and regulatory constraints.
   • Cross‑border controls. Where applicable, standard contractual and technical safeguards are used to comply with cross‑border data transfer requirements.

8. Communication during incidents

   • Status updates. NetSuite provides service status and incident communications, including progress updates and post‑incident summaries for major events, via a dedicated status page. (opens in new tab)
   • Support engagement. Critical incidents are worked 24x7 with severity‑based response targets. Account and support teams coordinate to gauge customer impacts and provide workarounds when applicable, and outage resolution information is updated constantly on the public status page.

9. Continuous improvement

   • Post‑incident reviews. NetSuite performs root‑cause analysis and takes corrective actions after major events, feeding learned improvements into its architecture design and automation and other processes.
   • Capacity and resilience engineering. NetSuite’s dedicated Site Reliability Engineers champion improvements across all infrastructure. Regular infrastructure refresh cycles reduce risk and improve recovery speed.

10. Customer best practices.

    What can NetSuite customers do to help?

    • Configuration/version control. Use SuiteCloud Development Framework (SDF) and source control to version scripts, workflows, and custom objects so they can be redeployed if needed.
    • Data export. For additional assurance, schedule regular exports via SuiteAnalytics Connect, REST/SOAP web services, or CSV to a secure repository that you control and that’s consistent with your compliance policies.
    • Integration resilience. Design integrations with idempotency, retry/backoff, and queueing so they can tolerate transient failovers or DNS changes.
    • Test critical processes. Validate that your business‑critical reports, integrations, and customizations function after upgrades, and consider running regular sandbox DR drills.
    • Contact and notifications. Keep your admin contacts current for incident and maintenance communications, and subscribe to status notifications for your account and region.

NetSuite’s disaster recovery and business continuity strategies are integral to how we serve our customers and protect their data. By combining robust security controls, a resilient architecture, and proven operational best practices, the NetSuite Data Management team works to keep customer data accurate, available, and protected even in the face of disruptions. As a SaaS solution within Oracle, we stay on top of emerging threats and industry requirements 24/7, freeing you to focus on your business with confidence.