108736053-Data-Backup-Policy

advertisement

Data Backup Policy

A. SUBJECT

The objective of the data backup policy is establish a set of rules for the data backup, storage and restoration of electronic information.

B. RELEVANCE

This policy is designed to protect the information of the organization and assure that the information is protected against any loss due disaster, intentional destruction or equipment failures and can be recovering successfully.

This policy is applied to all personnel, equipments and information that the company belongs and manages.

This policy is going to be executed on the datacenter in the company main office in Lima

Peru, through Backup Exec Software from Norton System.

Week 1

The frequency and extension of the backup should be in accordance with the importance of the information and the acceptable risk as be determined by the owner of the data, the backup will be doing as GFS sequence (Grandfather/Father/Son) which consist in do a full backup each weekend and differential o incremental backup per day of the week as follows:

Monday Tuesday Wednesday Thursday Friday

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

FULL

DATA/DATABASE:

2:00PM

Media - Lacie 2

Week 2

Monday Tuesday Wednesday Thursday Friday

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

Week 3

Monday Tuesday Wednesday Thursday Friday

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

FULL

DATA/DATABASE:

2:00PM

Media - Lacie 2

Week 4

Monday Tuesday Wednesday Thursday Friday

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

DATA - Diferential:

8:30pm

Media - lacie 2

C. RESPONSABILITIES

The helpdesk staff starts the process of the backup at the end of each day of work, as well they send the tape to the external custody staff.

The Network Administrator, guarantees that the connection should be optimal in order this process could be executed and there’s no issue in this process. If any problem arises, he is the responsible to fix it.

The System Administrator, sign up the exit / entrance of each tape and supervises that this process is been executed as parameters described in this policy and procedures.

The IT Manager needs to be ensuring that the policies established by company are fulfilment and approve the requests for restore data.

D. FULFIMENT

1) Process Review.

The backup process and recovery for each system must be documented and revised periodically by a committee of revision composed by System

Administrator, Network Administrator and IT Manager.

2) Tape Backup Storage.

When the backup is retired from tape is being storage on a secure way on a close space by lock with fire proof different from datacenter inside the building whom just only IT Personnel can have access.

Each Saturday, the tape backup are taken outside the building and be stored in a secure place with a close space by lock with fire proof, far away from the building through a service contracted for this purpose.

At the same time, the previous tapes (2 weeks old) should be delivering to IT from external custody staff in order to reuse the tapes. A backup key/ combination of the building secure site are being stored on the external place outside (in external custody place).

In every moment should have: a) Two or more (depending of the tape backup rotation) FULL backup tapes (at least 4 day old) inside de secure place inside the building. b) Two or more (depending of the tape backup rotation) FULL backup tapes (at least

15 day old or more) outside secure place inside the building.

3) Execution of Backup . The backup should be executed following the GFS sequence describe lines above on the time indicated. Additionally the execution should guaranties that the information backup is ciphered.

4) Encryption of Backup . All data backup should be encrypted. Only an IT System

Admin and IT Manager should have the tools / keys / passwords to authorize data restoration. Additionally a copy of this should be in hands of a General Manager or an

Information Officer for custody.

5) Registry of Backup Fulfillment . A register of the daily backups (Annex 2) is issue in order to maintain a record of the backup execution, their condition, which tape backup is in use and their cleaning. These records should be stored and updated on the datacenter and each time that a tape is delivered to external custody staff a copy is sent to IT Manager Office.

6) Tape Backup Labeling . Tape backups and other media related like CD’s magnetic media, external discs, should be follow as minimal the following identification criteria in order that can be easily identified by codebar system or tag system. a) Date of putting into service of the tape. b) Name of the System / Folder Backup c) Date of backup creation d) Sensibility Classification of the backup (Based in the regulation of retention of electronic registries ) e) Name of the external data custody company. f) Information of Ausenco’s internal contact

7) Physical Maintenance of the Backup System . The regular maintenance of the backup system is carried out to ensure that the systems and components are in good conditions to work. The cleaning tape backups should been cleaned each month o with more frequency if the tape backup unit is expose to daylight bright.

8) Lifecycle of the Backup Tapes . The date of putting into service of each the tape should be recorded onto the tape. The daily backups that have more than 6 months of use should be discarded and replaced by new ones. For the tapes out of this criteria should be replaced under System Admin judgment.

Before tape backup retirement, IT should ensure that: a) The media doesn’t contents any active backup records. b) The content of the media couldn’t be read o recovered by third parties.

Finally, the tape backup should be destroyed physically.

9) Scope of Files and System for Backup . The systems to be backup includes bu t aren’t limited to: a) File Server b) Email Server c) Web Server d) Database Server e) Domain Controller Server f) Test Server for Databases g) Test Server for Web

10) Backup Verification.

At the moment of executing backup, all the works should been verified automatically in order to ensure the successful copy of themselves. Within six months it should be execute a restoration test in order to verify the integrity and availability of the information.

11) Backup Audit.

IT should keep records that demonstrate the reviewing of the events and test of restoration in order to demonstrate the fulfillment of the current policies for audit purposes. Aleatory tests should be conducted each 3 months in order to verify that backup has been performed successfully.

12) Handling Backup Failures . In case that a backup copy have a failure, the responsible of control of backup have to do this immediately: a) Write/Copy any message or information on monitor screen. b) Put in contact with the tape backup provider or tape backup unit in order to let them know about the error. c) Report the error to the IT Manager. d) Register the failure on the event backup record and any action taken as a result of it. e) Clean the tape backup with the recommended by manufacturer cleaning tool. f) Check tape backup age. Destroy the tape and replace if it is near to the end of service date.

13) Backup Restorations . On normal conditions, backup restorations are given under : a) Accidental Erased b) Data Corruption c) Restoring Historical Data d) Data for Test Server

The users that request a file restoration needs to present a form or put a request in

Service Centre Help desk. The user should include information about date of creation of the archive, file name, last update and/or time and date of the deletion.

HelpDesk needs to keep a record of these requests of restoration for management & audit purposes and needs to be approved by IT Manager.

On a major system failure event, all data stored should be back online in next 3 days after the equipment has been replaced and put in operative conditions.

If the event isn’t be a major failure but has a huge impact inside the organization, the data stored should been put online the next day of the equipment has been replaced and put in operative conditions.

14) Penalities. A violation of this policy could result in a disciplinary action that could be reach to retire the employee responsible, resolute contracts with third parties and other that the company consider necessary.

E. ADDITIONAL INFORMATION

1) Definitions a) Backup , is the process of store data on a magnetic media or other massive media with the purpose of avoid data loss in case of disaster due equipment fail or destruction. b) Backup Policy , an organization’s procedures and rules for ensuring that adequate amounts and types of backups are made, including suitably frequent testing of the process for restoring the original production system from the backup copies. c) Backup Images , this file is the result of a backup process that stored onto the backup tape. d) Tape Backup Unit , this unit is that records the information into the tapes for storage purposes. e) Tape Backup, is the magnetic media used in the process of save backup images. f) Daily Backup, incremental backup of files that have changed today g) Incremental Backup , An incremental style repository aims to make it more feasible to store backups from more points in time by organizing the data into increments of change between points in time. This eliminates the need to store duplicate copies of unchanged data, as would be the case with a portion of the data of subsequent full backups. Typically, a full backup (of all files) is made which serves as the reference point for and incremental backup set. After that, any number of incremental backups is made. Restoring the whole system to a certain point in time would require locating the last full backup taken previous to the data loss plus each and all of the incremental backups that cover the period of time between the full backup and the point in time to which the system is supposed to be restored.

Additionally, some backup systems can reorganize the repository to synthesize full backups from a series of incremental. h) Differential Backup , a cumulative backup of all changes made since the last full backup. The advantage to this is the quicker recovery time, requiring only a full backup and the latest differential backup to restore the system. The disadvantage is that for each day elapsed since the last full backup; more data needs to be backed up, especially if a majority of the data has been changed. i) Full Backup , a backup of all (selected) files on the system. In contrast to a drive image, this does not included the file allocation tables, partition structure and boot sectors. j) File, Archive, is a group of structured data that is stored on any media and can be used by software apps.

k) Restore Backup , is the process of reestablish data stored on magnetic media o tapes to their original locations and can be access and used again. l) Cipher, Encryption or coding , Process through the data can’t be read unless you have a key/ password that allows the reverse process. m) External Custody , external party that offers the service of custody for physical information (tape backup) according on a SLA.

2) Contact Information a) External Custody

Iron Mountain.

Management, Store and Custody of Information.

Address:

Phone:

Contact:

Email:

Website: b) Servers, Tape Backup Unit, TapeBackup

DELL Peru SAC

Equipments on Gold Enterprise Support, 24 hrs/ 7days including holydays.

Address:

Phone:

Contact:

Email:

Website: c) IT Staff

Ausenco PERU – IT Dept.

Takes care of the daily operations of backup / recovery and delivery / reception with external custody.

(1) Helpdesk, Andres Arellano // Ext 2056 – Cel: 9999-99999

(2) Service Centre, Stuart Graham // Ext 2056 – Cel: 9999-99999

(3) Networks & Servers, Aldo Sandoval// Ext 2056 – Cel: 9999-99999

(4) IT Manager, Omar Carrillo// Ext 2056 – Cel: 9999-99999

Address: Calle Esquilache 371, Piso 6.

Phone: 207-3850

Contact: Omar Carrillo

Email: omar.carrillo@ausenco.com

Website: www.ausenco.com

d) Electrical and Network cabling

ML Telecom SAC

Service of electrical/network cabling installation and repair.

Address:

Phone:

Contact:

Email:

Website:

ANNEX 1

Backup Procedure

1) Purpose

The purpose of this document is outline in detail the process of backup, backup system used and media that participants in backup process as well the people that intervenes in this process.

2) Location

The backup process should been executed inside Ausenco Datacenter at Esquilache Building, from here also the External Custody Companies should deliver / receive any tape backup.

3) What is Stored and Backup

The following locations under Ausenco Peru network are identified as been covered by backup process:

Source Servers

\\LIMFILE01

Local

Drive

D:

Local Path

\Ausenco

\\LIMFILE01

\\LIMFILE01

\\LIMFILE01

D:

D:

External

Harddisk

\\STORAGE01 E:

D: \AusencoPSI

\Ausenco

Vector

\TEMP_SG

Library

\

Subfolder

\CORP

\E&S

\HSEC

\MINERALS

\PROCESS

INSFRASTRUCTURE

\PROJ

\PROJ-INACTIVE

\SHARED

\USERS

\

\AS

\JOB1

\

\

\

ACCOUNTING

AS

AUSMIN

BS

CONTROL DOC

COST & PLANNING

IT

PERUMS

PROGRAMAPMIA

SCANNER

SECRETARIA

\\STORAGE01 F:

PSIPERU E:

\

\DATA

TEMP

TRANSLATION

PARA CONFIRMAR

ADMIN

CAD

GERENCIA

PROJECTS

AD

BD

COMMON

GER ADM Y FIN

GERENCIA

ITRESOURCES

JOBS

LIBRARY

PR

PROCUREMENT

QUALITY PROCEDURES

STDS

\\PJPDMS01

\\PJPDMS02

C:

D:

\

\

An updated copy of this can be located on s:\corp\it\operations\backup as

Backup_Scope.xls

4) How much backup occupied

5) How the copies is been backup

6) Setup of the Backup System a) Server b) Network Agents c) Tape Backup d) Groups

e) Pools f) Schedules

7) How to do a backup

8) How to do a restoration a) Previous notes b) Restore a backup from Backup Exec c) Restore a backup from NT Backup

9) Daily Work a) How to swap tape backup b) How to labeling tape backup c) How to proceed if unfinished tape backup d) How to restart with unfinished tape backup e) Other general issues f) Fullfiment of Backup daily record.

10) Known Issues a) Backup server doesn’t starts b) Backups aren’t finalized

Annex 2

Daily Record for Backups

We use the format IT-PE-234234.xls stored at s:\corp\it\operations\backup

The following fields should be fulfilled

1) Week Beginning

2) Day

3) Drive Cleanned

4) Tape inserted by

5) Date

6) Tape #

7) Tape Removed by

Should be 42 w depending of the date of execution

Day name

Indicate if a drive cleaning was performed

Who was responsible for insert the tape that day

On dd/mm/yy format

Information of the tape used.

Who was responsible for remove the tape that day

8) Location of the tape Which building was located the tape

9) Backup Status(COMPLETED/FAILED) Indicates if the process was successful or not

10) Action taken where backup failed Which actions were taken if backup fails.

Download