Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Management

Backup Policy

advertisement 
Backup Policy
Table of Contents
A. Introduction
1.
2.
3.
4.
5.
6.
High-Level Considerations
Backup Media
Occasional Restoring from Backup
Accountability
Backup Labels and Logs
Process
B. Central Server Backup Policy
1.
2.
3.
4.
Preamble
Backup Schedule
Backup Retention Policy
Backup Inventory
C. Personal Computer Backup Policy
1.
2.
3.
4.
Preamble
Backup Types
Backup Retention Policy
Sample Personal Computer Backup Plan
Info-Tech Research Group
Page 1
2002
A. Introduction
1. High-Level Considerations
In an age when security is becoming more and more important, it is essential for an
organization to document their policy with regard to backing up their computer data.
However, once the policy is written, it also needs to be implemented and consistently
monitored to ensure compliance.
Every organization, department and user needs to personalize the backup plan.
Otherwise, it is very likely not to be consistently executed.
An effective backup strategy must take into consideration the importance and timesensitivity of the data. As a start, answers to the following questions will help in the
planning of your strategy, for each computer:







What files / directories / computers have been identified as “mission critical”?
(What files / directories / computers do not need to be backed up?)
How quickly do you need to resume operations after a complete loss of this
computer?
How quickly do you need to resume operations after a partial loss?
How many extra copies of the backups must you have to feel “safe”?
How long do you need to keep each backup?
Who will monitor user compliance with regard to this policy?
What resources is your organization willing to commit in order to guarantee
consistent compliance?
2. Backup Media
Depending on the nature of the files being backed up, any of the following media may be
used: 3.5” floppy diskette, ZIP drive, CD, DVD, tape, external hard drive, a third party
provider of an online backup service, or the company’s central server designated for this
purpose.
3. Occasional Restoring from Backup
There are quite a few ways in which a file that seems to have backed up correctly may
not be restorable. The procedure for restoring should be clear, and at least one file from a
physical location near the end of the medium should be restored from time to time. The
only way to be 100% positive that a particular backup is restorable, is to have restored
from it.
4. Accountability
The requirements for backup will vary depending on many factors. It is the responsibility
for each computer user to write and implement his/her own backup strategy. It should
indicate:
Info-Tech Research Group
Page 2
2002




The frequency of backups
The type of backup created (full or incremental)
The backup software / medium used
The location of off-site backup copies
 The nature of logs kept
5. Backup Labels and Logs
Each backup label should have at a minimum, the date and type of backup. Other
information on the label could include file and/or directory names, the person who did the
backup, and a “keep until” date.
Depending on the nature of the data, a log should be kept of every backup, including
date, time, type, person who did the backup, and any other information that is relevant.
This log should be available for review by management from time to time.
6. Process
A personalized plan should be written by every computer user, at every level of the
organization, in consultation with that individual’s supervisor. The process might include
steps such as:




List critical files.
Discuss sound file management practices, including copying the latest version of
all critical files into a central folder.
Identify the appropriate means and frequency of backing up.
Name the individual who is responsible to review backup logs and ensure
compliance with this policy.
Info-Tech Research Group
Page 3
2002
B. Sample Central Server Backup Policy
1. Preamble: The backups performed by the System Administrator are absolutely
critical as an “insurance policy” against natural disaster, virus attack, theft or equipment
failure. Statistics are very sobering: Most companies who for whatever reason lose all
their data and don’t have a backup, will fail within two years.
2. Backup Schedule
Desktop and server backup routines run each night (Sun.-Fri.) at 11pm. All desktop
systems that are missed in the regular nightly backup will be backed-up starting at Noon
the following day (Mon.-Sat.).
3. Backup Retention Policy
Tapes are kept for seven days before they are over-written, with the exception of the
Sunday tapes. One Sunday tape set from each month will be kept indefinitely, while the
others will be kept for three months.
4. Backup Inventory
Below you will find a list of all desktop computers and directories being backed up
automatically on a nightly basis. To confirm that your files are being properly backed
up each night please check this list for your computer.
Note:
You do NOT need to remain logged into your system overnight for the backup to run
successfully. However, if your computer is shut down or disconnected from the network
while the backup runs (if you have a laptop which you take home, for example) your
system will not be backed up.
Info-Tech Research Group
Page 4
2002
C. Personal Computer Backup Policy
1. Preamble: Each individual who uses a computing device not backed up by the
System Administrator is responsible to create and faithfully implement a backup plan,
based on the nature of the information on that device. While some variation can be
expected, a minimum level of backing up should be mandated at the department or
company level, for every computer user.
2. Backup Types
A full backup must be created at least once per month, and more frequently depending on
the nature of the data files. An incremental backup (saving only the files that have
changed since the last backup) may be used for other backups.
3. Backup Retention
At least three different backup copies should be available at all times, one of which
should be physically stored in a different location from the others. The “off-site” backup
should never be older than one month.
A different medium (e.g. diskette, tape, CD, hard drive folder) should be used for every
day of the week. Additionally, depending on the nature of the data, one medium (CD,
hard drive folder, etc.) should be designated as a monthly backup and kept for at least
three months. It is also recommended to keep a year-end backup, indefinitely.
4. Sample home notebook computer backup plan:





Daily backup of critical files A, B, C and D via zip drive. The latest version of
each of these files is copied to a central folder, “Backed_Up”, which is saved to a
different medium each day.
The Monday backup is placed in my briefcase and taken to work on Tuesday.
Every Tuesday evening I bring home the previous week’s backup.
The Weekly backup of local directories and files is done using the online backup
service.
A Full backup, using the online service, is completed monthly.
A log of each backup is written in my daytimer
Info-Tech Research Group
Page 5
2002
Related documents
Jones` Backup System For Negative Sanctions in Response to
Jones` Backup System For Negative Sanctions in Response to
Stephanie Sales
Stephanie Sales
Definition Test
Definition Test
Data Storage, Backup, and Security Checklist
Data Storage, Backup, and Security Checklist
Module 4 Lesson Plan
Module 4 Lesson Plan
2. Types of Database Failures
2. Types of Database Failures
Service Request Form
Service Request Form
Download
advertisement