network data backup policy

8/14/2019 Network Data Backup Policy

1/19

WHAT COULD BE ANEFFECTIVE NETWORK

DATA BACK-UP POLICY?


2/19

PRESENTED BY:

SANDE DAVIDReg.No:07/U/8577/ITD/GV

Kyambogo University

Kampala, Uganda

2


3/19

Introduction

A back-up refers to making copies of data so that theseadditional copies may be used to restore the originalafter a data lose event. These copies of the original filemust be on another location/site usually offline.

Back-ups are used primarily for two purposes1.To restore a computer to an operational state followinga disaster (called disaster recovery).

2.To restore small numbers of files after they have beenaccidentally deleted or corrupted.

3


4/19

Introduction contd

Archive - The saving of old or unused filesonto magnetic tape or other offline massstorage media for the purpose of releasingon-line storage room.

There are 4 types of back-upsI. Full + Differential back-upII.Full + incremental back-up

III.Unstructured back-upIV.Mirror and reverse incremental back-up

4


5/19

Scope This back-up policy include all the staff of any

organization and third parties who may be connectedto the organization's IT resources.

All users are responsible for arranging adequate databackup procedures for the data held on IT systemsassigned to them

The disaster recovery procedures in this policy apply toall Network Managers, System Administrators, andApplication Administrators who are responsible forsystems or for a collection of data held either remotelyon a server or on the hard disk of a computer.

5


6/19

Responsibility for Databackup.

Only critical systems are routinelybacked up by Information SystemsServices and the other relevant IT

managers and Systems administrators inthe current model. The responsibility forbacking up data held on the workstationsof individuals regardless of whether theyare owned privately or by theorganization falls entirely to the User.

6


7/19

Responsibility contd

If you are responsible for a collection of data heldeither remotely on a server or on the hard disk of acomputer, you should consult your departmentalsystem administrator or Information Systems

Services about local back-up procedures. If you donot use the facilities provided by InformationSystems Services or those of your department youshould put in place your own procedures.

7

t t


8/19

est ract ce ac upProcedures

All backups must conform to the following bestpractice procedures:

1. All data, operating systems and utility files

must be adequately and systematically backedup (Ensure this includes all patches, fixes andupdates.

2. Records of what is backed up and to where

must be maintained.

8


9/19

Procedures contd

3. Records of software licensing should bebacked up.

4. At least three generations of back-up data

must be retained at any one time.5. Copies of the back-up media, together with

the back-up record, should be stored safelyin a remote location, at a sufficient

distance away to escape any damage froma disaster at the main site.

9


10/19

Procedures contd

6. Regular tests of restoringdata/software from the backup copiesshould be undertaken, to ensure that

they can be relied upon for use in anemergency.

7.The initial backup for each client

(agency server) is a full backup.

10


11/19

Procedures contd

8. Daily incremental backups are performed after theinitial full backup. Only data files that have changedsince the previous backup will be backed up.

9. The most recent backup version of a data file on the

server is stored in an active state.

10.Older versions of data file backups will be stored inan inactive state on the server.

11


12/19

Procedures contd

11.Archives of data files are performedonce a month (dates can vary to avoidscheduling conflicts) on all servers and

retained for a year.12.If a file or directory is modified or open

during the backup cycle, it is not

backed up.

12


13/19

Legal Requirements

Users when formulating a backupstrategy should take the following legalimplications into consideration:

1.Where data held is personal data within

the meaning of the Data Protection Act,there is a legal requirement to ensurethat such back-ups are adequate for the

purpose of protecting that data.

13


14/19

Legal requirements contd

2. Depending on legal or other requirements, e.g.Financial Regulations, it may be necessary to retainessential business data for a number of years andfor some archive copies to be permanently retained.

3. Depending on legal or other requirements, e.g. DataProtection Act, Software Licensing, it may benecessary to destroy all backup copies of data aftera certain period or at the end of a contract.

14

t


15/19

saster ecovery

A disaster recovery plan can be definedas the on-going process of planningdeveloping and implementing disaster

recovery management procedures andprocesses to ensure the efficient andeffective resumption of vital

Organizations functions in the event ofan unscheduled interruption.

15


16/19

Best Practice DisasterRecovery Procedures

All disaster recovery plans must containthe following key elements:

Critical Application Assessment

Backup Procedures Recovery Procedures

Implementation Procedures

Test Procedures Plan Maintenance

16


17/19

Conclusion

An effective back-up policy usually concernsitself with both aspects of Disaster recovery aswell as Data recovery as the two areinherently bound together.

The policy outlines the scope of the policy, thebasic procedures, the legal requirements, anddetails of how the procedures are enforced in

order to have a fully functional and effectiveback-up policy.

17


18/19

References

1. Surfed internet on 12/11/2009 at 2.30pm

URL:http://oti.fsu.edu/oti_pdf/Information%20Technology%20Disaster%20Recovery%20and%20Data%20Backup%20Policy.pdf

2. Surfed internet on 12/11/2009 at 2.30pm

URL:http://www.worcester.ac.uk/ils/documents/ILS_backup_policy.pdf

18


19/19

19

References contd

3. Surfed internet on 12/11/2009 at2.30pm

URL: http://www.hawaii.edu/askus/501

4. Information Security Supporting Policy

19008 Disaster Recovery and DataBackup Policy, Trinity College Dublin.

Author: IT Security Officer

Last Revision Date: 29/05/2003

network data backup policy

Documents