Jitbit Business Continuity Plan (BCP)

What Is This Business Continuity Plan?

This Business Continuity Plan (BCP) describes the procedures and strategies Jitbit follows to keep our SaaS Helpdesk and related services running during unexpected disruptions. Whether the threat is a natural disaster, a cloud-provider outage, or a cybersecurity incident, this plan ensures we can restore critical operations quickly, protect customer data, and maintain transparent communication throughout.

Scope: This BCP covers every component that supports the Jitbit Helpdesk service, including IT infrastructure, data management, internal and external communications, and disaster recovery. It applies to disruptions of any origin — natural, technological, or human-induced.

Objectives:

Restore all critical Jitbit Helpdesk services within defined recovery time objectives
Maintain clear, real-time communication with customers and employees during any disruption
Protect customer data, company assets, and brand reputation from lasting damage

Plan Owner: Max Al Farakh, CTO, holds overall responsibility for this BCP, including coordinating recovery efforts and communicating with stakeholders. This is a living document, reviewed and updated regularly to reflect changes in our infrastructure, business environment, and threat landscape.

Core Service: Jitbit Helpdesk

Jitbit's primary service is the Jitbit Helpdesk, a cloud-based support ticketing system used by thousands of customer support teams worldwide. Because the helpdesk is the product our customers depend on to manage, track, and resolve support tickets, its continuity is our top recovery priority during any incident.

Every procedure in this business continuity plan is designed around a single goal: getting the Jitbit Helpdesk back to full operation as fast as possible so your support workflow is never interrupted for long.

Critical Business Functions

The following functions are essential to delivering the Jitbit Helpdesk service. In the event of a disruption, they are prioritized for recovery in this order:

Hosting and Infrastructure — The availability and performance of the Jitbit Helpdesk depend on web servers, database servers, mail servers, and supporting cloud infrastructure. Keeping these systems operational is the foundation of service continuity.
Data Management and Security — Protecting customer data through regular backups, encryption at rest and in transit, and access controls is non-negotiable. Our backup policy details the specific measures we use.
Customer Support and Communication — Timely responses to support tickets and proactive status updates are critical during any incident. Customers can always check our status page for real-time information.
Software Development and Updates — Continuous development, bug fixes, and feature releases keep the helpdesk platform reliable and competitive.
Billing and Subscription Management — Processing payments and managing subscriptions ensures business operations continue without financial disruption.

IT Infrastructure Overview

Jitbit's helpdesk platform runs on a multi-layer infrastructure designed for resilience. The critical systems include:

Web Servers — Serve the Jitbit Helpdesk application, handling user requests and delivering the interface to customers worldwide.
Database Servers — Store all helpdesk data, including tickets, customer records, attachments, and user activity logs. Databases receive differential backups every few hours with hourly transaction log backups.
Mail Servers — Process inbound and outbound emails tied to support tickets and customer notifications.
Supporting Servers — Handle backups, monitoring, security scanning, and auxiliary services that keep the platform stable.
Cloud Hosting: Amazon AWS — All production infrastructure runs on Amazon AWS (us-east-1, North Virginia) with additional capacity in us-west-1 (California). AWS provides the scalability, physical security, and redundancy our service requires. Learn more about our hosting setup.

Every component is continuously monitored. Regular maintenance, automated alerts, and security hardening ensure stability. In the event of a disruption, restoring these systems is the first step toward resuming normal operations.

Backup and Data Protection

Jitbit maintains a comprehensive, multi-layered backup strategy to protect against data loss:

Database backups — Differential backups run every few hours; transaction logs are backed up hourly, enabling point-in-time recovery. Full database backups run weekly.
Server image backups — Complete disk images of application servers are saved to separate machines daily.
Offsite storage — All backups are stored on Amazon S3, physically separate from the production servers. Because our infrastructure uses network-attached storage, data resides on separate physical machines from the compute instances.
Cloud redundancy — Cloud-based backup solutions provide additional redundancy and enable rapid restoration of both data and entire server environments.
Regular restoration testing — Backup systems and procedures are tested periodically to verify data can be recovered effectively.

For the full details, see our SaaS Helpdesk Backup Policy.

Remote-First Workforce: Built-In Resilience

Jitbit is a fully remote company with no physical office. This is not just a policy — it is a structural advantage for business continuity. Because every team member already works from a distributed location, disruptions that would shut down a traditional office (natural disasters, power outages, public health emergencies) have minimal impact on our operations.

Our remote work continuity measures include:

Fully equipped remote setups — Every employee has a laptop, secure VPN access to company systems, and collaboration tools (email, video conferencing, internal chat).
Location flexibility — If an employee's primary location is compromised, they can work from any safe alternative — a home office, coworking space, or another city entirely.
Distributed team — Team members are spread across multiple time zones and geographies, so a localized event is unlikely to affect the entire workforce simultaneously.

Communication Plan During Disruptions

Transparent, timely communication is central to our business continuity plan. Here is how Jitbit communicates during an incident:

Internal Communication:

Primary channel: Internal team chat for real-time coordination and status updates.
Fallback channels: If chat is unavailable, the team switches to instant messaging platforms and direct phone calls.
Coordination lead: The CTO leads all internal communication efforts during an active incident.

External Communication (Customer-Facing):

Status page: Real-time incident updates are posted to statuspage.jitbit.com, which is hosted externally for independence from our main infrastructure.
Social media: Updates are also shared via the company's Twitter account for broader reach.

Communication Sequence:

Immediate notification — Acknowledge the disruption, describe the known impact, and outline the steps being taken.
Ongoing updates — Provide regular progress reports until the issue is resolved.
Post-recovery summary — Confirm service restoration and share a brief incident report with relevant details.

Recovery Time Objectives (RTOs)

Jitbit defines maximum acceptable downtime targets for each critical system. These Recovery Time Objectives guide our prioritization during any incident:

System / Service	Recovery Time Objective
Web Servers	4 hours
Mail Servers	4 hours
Other Supporting Servers	4 hours
Jitbit Helpdesk Service (full platform)	8 hours
Database Server	8 hours
Customer Support and Communication	8 hours

These targets are based on the criticality of each component and the potential impact of downtime on customers. Our recovery strategies, backup solutions, and AWS infrastructure are all designed to meet or exceed these objectives. For our uptime commitments, see the Jitbit SLA Policy.

Supplier Dependencies

Jitbit's primary infrastructure dependency is Amazon AWS (us-east-1), which hosts our web servers, database servers, and all cloud resources. To mitigate the risk of a provider-level outage, we maintain:

Service Level Agreements (SLAs) with AWS that guarantee response times and resolution commitments for service disruptions.
Backup hosting contingency — A secondary hosting provider is available for rapid migration if AWS experiences a prolonged outage.
Continuous monitoring — Automated monitoring tracks AWS service health around the clock, enabling our team to detect and respond to issues before they affect customers.

Response and Recovery Procedures

When a disruption occurs, Jitbit follows a structured incident response process:

Step 1 — Detection and Assessment:

Automated monitoring systems detect anomalies and alert the on-call team.
The team assesses severity and impact to determine whether to activate the full BCP.

Step 2 — BCP Activation and Communication:

For significant incidents, the Business Continuity Plan is activated and the response team is assembled.
The communication plan is executed immediately — internal teams and customers are notified.

Step 3 — Containment and Recovery:

IT infrastructure recovery: Restore backups for affected servers, coordinate with AWS to resolve infrastructure issues, and run validation tests before resuming production traffic.
Helpdesk service recovery: Prioritize restoring the Jitbit Helpdesk platform so customers regain access to their tickets and support workflows.
Communication recovery: Re-establish all customer communication channels, including email processing and status page updates.

Step 4 — Post-Recovery Review:

Conduct a thorough incident review covering root cause, response effectiveness, and recovery timeline.
Document lessons learned and update this BCP with any improvements identified.

Training and Testing

A business continuity plan is only as good as the team's ability to execute it. Jitbit invests in both training and regular testing:

Training:

BCP awareness: All employees receive an overview of the plan, including their specific roles during an incident.
Role-specific training: The CTO and IT team members receive in-depth training on their recovery responsibilities.
Communication drills: Employees involved in incident communication practice using both primary and fallback channels.
Ongoing updates: Training is refreshed whenever the BCP changes, new threats emerge, or lessons are learned from real incidents.

Testing:

Tabletop exercises: Simulated scenarios test the team's decision-making and coordination without affecting production systems.
Technical drills: Backup restoration tests, server failover procedures, and DNS switchover drills verify that recovery mechanisms work as expected.
Full-scale simulations: Periodic end-to-end tests simulate a major disruption to evaluate the complete BCP under realistic conditions.
After-action reviews: Every test concludes with a review to assess performance, gather feedback, and identify improvements.

Plan Maintenance and Review

This business continuity plan is reviewed and updated through a structured process:

Annual review cycle: The BCP is reviewed at least once per year, with additional reviews triggered by significant changes to infrastructure, personnel, or the threat landscape.
Change management integration: Any change to critical systems, processes, or team structure is evaluated for its impact on the BCP, and the plan is updated accordingly.
Post-incident improvements: After every real incident or disruption, lessons learned are incorporated into the plan.
Training and test alignment: When the BCP is updated, training programs and test scenarios are revised to match.
Version control and notification: All updates are documented, and relevant stakeholders are informed of changes.

By maintaining this review cadence, Jitbit ensures the business continuity plan evolves alongside our infrastructure and remains ready for any scenario.