Yes, Tanda stores data at rest using the AES-256 encryption standard. More can be read here.

Yes. All communications with Tanda are encrypted during transport, the supported protocols, options & ciphers are below. The protocol and cipher selected are the best possible the clients browser will support. Encryption terminates at the loadbalancer, however Tanda is currently under taking a project to ensure there is end to end encryption in transit.
​

Protocols: Protocol-TLSv1.2

Options: Server Order Preference

Ciphers: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES128-SHA256, ECDHE-RSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, ECDHE-ECDSA-AES256-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA
​ 

Yes. Tanda creates an encrypted back up every night to protect against data loss, to maintain a strong Disaster Resilience posture we take a backup of all data once every 24 hours. We classify these backups as Cold data, and they are retained for 7 days only.
​
Tanda is also able to restore in a granular 5 minute incremental format referred to as the point-in-time backups. We retain 35 days of point-in-time backups meaning we can guarantee in the face of system wide data corruption we can revert to a period 5 minutes prior to the corruption event.
​

Tanda has an RPO of up to 24 hours in case of a major incident (such as the data base being deleted), and up to 5 minutes in the event of a minor incident (such as data corruption)
​

Tanda has an RTO of 8 hours. 

Tanda tests DR continuously, at least weekly.
​