Business Continuity and Resilience Plan (BCP)

This document describes the Business Continuity Plan (BCP) of Obscreen and complements the Information Security Policy, the Systems Security and Integrity Policy, the Customer Data Encryption Policy, the Risk Analysis, the Incident Management Plan, the DPO Designation, the CISO Designation, the Privacy Policy, the Terms of Service, and the Subprocessors page.

1. Introduction

The Business Continuity Plan (BCP) of Obscreen is designed to ensure the resilience of the company in the face of major incidents that could disrupt its operations. As a publisher of digital signage software and operator of the Obscreen Cloud platform, it is essential to maintain the availability of our services for our customers, including license verification, software updates, content delivery, and the supporting websites and APIs.

For self-hosted deployments, business continuity of the customer's own infrastructure is the sole responsibility of the customer, in accordance with the Terms of Service. This BCP focuses on the services operated by Obscreen.

2. Objectives of the BCP

• Ensure the continuity of essential services for our customers in the event of an incident.
• Reduce the operational, financial, and reputational impacts related to interruptions.
• Establish clear procedures for the rapid recovery of activities.
• Guarantee data security and regulatory compliance during crisis situations.

3. Scope

The BCP applies to:

• All critical functions of Obscreen.
• The technological infrastructure operated by Obscreen, including its compute environments and PostgreSQL databases hosted on Hetzner (Germany), object storage on Cloudflare R2 (WEUR), database backups on AWS S3 in Paris (eu-west-3), email delivery via AWS SES, and an optional AWS CloudFront frontend cache.
• The public-facing services: obscreen.io, lic.obscreen.io, motd.obscreen.io, updates.obscreen.io, support.obscreen.io, docs.obscreen.io, and the Obscreen Cloud Studio control plane. (plus all .com derived domains)
• The human resources, including key personnel and contractors.
• The operational processes related to delivering services to customers.

4. Business Impact Analysis (BIA)

4.a Identification of Critical Activities

1. License Issuance and Verification (lic.obscreen.io)
   • Impact: Inability for paying customers to activate or verify their licenses, blocking the use of paid features.
   • Maximum Tolerable Downtime (MTD): 4 hours.
2. Obscreen Cloud Studio
   • Impact: Customers using the Cloud-hosted Studio cannot manage their playlists, schedules, or fleets.
   • MTD: 24 hours.
3. User and Account Database
   • Impact: Loss of access to customer information; impossibility to manage accounts.
   • MTD: 48 hours.
4. Update and Status Services (updates.obscreen.io, motd.obscreen.io)
   • Impact: Self-hosted players cannot fetch updates or status messages; existing installations continue to operate but cannot be improved or warned about issues.
   • MTD: 24 hours.
5. Customer Communication and Support (support.obscreen.io, email)
   • Impact: Inability to inform customers about updates or incidents.
   • MTD: 4 hours.
6. Payment Processing (Stripe integration)
   • Impact: Inability to process new purchases or renewals.
   • MTD: 24 hours.

4.b Potential Impacts

• Operational: Service interruption, customer dissatisfaction.
• Financial: Loss of revenue, contractual penalties.
• Reputational: Loss of customer and partner trust.
• Legal: Non-compliance with regulatory obligations.

5. Risk Scenarios

1. Systemic Failure
   • Failure of the Kubernetes cluster, of a critical managed database, or of the license issuance service.
   • Likelihood: Low.
   • Impact: High.
2. Cyberattack
   • Ransomware, DDoS, intrusion, supply-chain attack on the build or distribution pipeline.
   • Likelihood: Low.
   • Impact: High.
3. Natural Disaster
   • Fire, flood affecting a primary data center region.
   • Likelihood: Low.
   • Impact: High.
4. Pandemic or Major Personnel Unavailability
   • Unavailability of key personnel.
   • Likelihood: Low.
   • Impact: Medium.
5. Subprocessor Failure
   • Unavailability of a critical subprocessor (Hetzner, Cloudflare, Stripe, AWS, or others listed on the Subprocessors page).
   • Likelihood: Low.
   • Impact: High.

6. Continuity Strategies

6.a Technological Redundancy

• Multi-Cloud and Multi-Region Architecture: Critical services rely on multiple regions and, where possible, on more than one cloud provider, to absorb a regional outage or a single-provider failure.
• Regular Backups: Automated, encrypted daily backups of critical databases and storage, as described in the Systems Security and Integrity Policy.
• Disaster Recovery Environment: A standby environment is maintained, ready to be activated in case of major failure, with synchronized application images, configurations, and identical security policies.
• CDN and Edge Resilience: Public content (documentation, downloads, public site) is served through Cloudflare to absorb DDoS attacks and to maintain availability during partial origin outages.

6.b Recovery Plans

1. Systemic Failure
   • Immediate Action: Activate the disaster-recovery cluster and redirect traffic via DNS or load-balancer reconfiguration.
   • Owner: DevOps team, supervised by the CISO.
   • Recovery Time Objective (RTO): 4 hours.
2. Cyberattack
   • Immediate Action: Isolate affected systems, revoke compromised credentials and license keys when applicable, activate clean backups.
   • Owner: CISO and security responders.
   • RTO: 4 hours.
3. Natural Disaster
   • Immediate Action: Failover to a secondary region; switch personnel to remote operations.
   • Owner: Founder / Management.
   • RTO: 24 hours.
4. Subprocessor Failure
   • Immediate Action: Activate the alternative provider or region; communicate transparently with affected customers about the limited functionality.
   • Owner: DevOps team.
   • RTO: 4 to 24 hours depending on the subprocessor.

6.c Human Resources Continuity

• Remote Work: Personnel are equipped to work remotely with secure access (VPN, MFA, encrypted laptops).
• Documentation: Procedures and runbooks are documented so that non-essential personnel or external contractors can assume critical roles when necessary.
• External Support: Trusted external contractors may be engaged on short notice for critical operations during a major incident.

7. Communication Plan

7.a Internal

• Immediate Notification: The CISO informs Management and the relevant teams as soon as an incident is detected.
• Regular Updates: Continuous communication on the status of the situation and the actions in progress.

7.b External

• Customers: Affected customers are informed within 48 hours, and earlier when reasonably possible. Self-hosted customers are informed when an Obscreen-managed service (license, updates, status) is involved.
• Partners and Subprocessors: Communication in accordance with the contractual clauses with each subprocessor.
• Regulatory Authorities: When personal data is involved, the CNIL is notified within 72 hours, in accordance with Article 33 of the GDPR.
• Media and Public: Press communications are prepared in case of a major reputational impact.

7.c Communication Channels

• Secure Email
• Encrypted Instant Messaging
• Phone Calls
• Status Updates: Public communications on obscreen.io and on the support channels.

8. Roles and Responsibilities

• Management (Founder)
  • Strategic decision-making.
  • Communication with key stakeholders.
• Jessym Reziga (Founder, CISO, and DPO)
  • Overall coordination of the BCP.
  • Technical and security supervision of the recovery process.
  • Regulatory notifications when applicable (CNIL, affected data subjects).
• DevOps Team
  • Implementation of technical recovery plans.
  • Monitoring of systems and infrastructure.
• Security Responders
  • Management of security incidents.
  • Post-incident analysis.
• Communication Lead
  • Preparation of messages for customers and the public.
  • Management of media relations.

9. Operational Procedures

9.a Activation of the BCP

1. Incident Detection
   • Continuous monitoring of systems (see Incident Management Plan).
   • Immediate reporting by employees, contractors, or customers.
2. Impact Assessment
   • Assessment team led by the CISO.
   • Determination of the severity level (see classification in the Incident Management Plan).
3. Activation Decision
   • The CISO recommends BCP activation to Management.
   • Formal approval of the activation.

9.b Implementation of Actions

• Technical
  • Failover to backup systems.
  • Restoration of data from backups.
• Operational
  • Process redesign if necessary.
  • Mobilization of key personnel and external contractors.
• Communication
  • Sending of internal and external notifications.
  • Update of public information on the website and status channels if necessary.

9.c Restoration of Normal Operations

• System Validation
  • Tests to ensure that systems are functioning correctly.
  • Verification of data integrity.
• Debriefing
  • Post-incident meeting to analyze the performance of the BCP.
  • Identification of possible improvements.

10. BCP Testing and Maintenance

• Regular Tests
  • Annual incident simulation exercises.
  • Annual tests of failover to backup systems.
• Updates
  • Annual review of the BCP.
  • Update in case of organizational or technological changes.
• Training
  • Training sessions for personnel on their roles in the BCP.
  • Awareness of emergency procedures.

11. Related Documents

The BCP is supported by, and consistent with, the following Obscreen documents:

• Information Security Policy
• Systems Security and Integrity Policy
• Customer Data Encryption Policy
• Risk Analysis
• Incident Management Plan
• DPO Designation
• CISO Designation
• Privacy Policy
• Terms of Service
• Subprocessors

Internal operational runbooks (such as application rollback procedures, technical incident handling) are maintained separately and are not included in this public document.

12. Contact

For any question regarding this Business Continuity Plan, or to report a security incident or vulnerability, please contact us at [email protected].