Click here to load reader
Upload
hasan-jaffal
View
4.315
Download
0
Embed Size (px)
DESCRIPTION
Create a policy to establish a backup strategy to address different type of services disruptions. Thestrategy should show the safest way to minimize the loss.
Citation preview
1
Data Backup and Restore Policy
1. Purpose
Any IT company has critical and secure data to be stored in a safe place, and restored in case of disruptions, so it needs a policy to establish a backup strategy to address different type of services disruptions: minimal backup frequencies, recovery points objectives, and establishes the roles of each one of the stuff.
2. Scope
Create a policy to establish a backup strategy to address different type of services disruptions. The strategy should show the safest way to minimize the loss.
3. Analyze
Electronic backups are a business requirement to enable the recovery of data and applications in the case of events such as natural disasters, system disk drive failures, espionage, data entry errors, or system operations errors.
3.1. Definitions
• Back up: To back up data is to copy them to another medium so that, if the active data are lost, they can be recovered in a recent if not completely current version. Backup is primarily intended for disaster recovery, and the assumption is that in most cases the backed‐up data will not be read.
• Archive: To archive data is to move them to another medium for long term storage. Archive is intended for the storage of data that do not need to be kept immediately accessible, but which may possibly be needed at some point in the future.
• Offsite Storage: Based on data criticality, offsite storage should be in a geographically different location from the company that does not share the same disaster threat event. Based on an assessment of the data backed up, removing the backup media from the building and storing it in another secured location may be appropriate.
3.2. Reasons for backup and archive
The primary reason for backing up data is to keep copies in case of disaster, for example catastrophic software failure that destroys data, hardware failure of a computer making data inaccessible, or environmental damage to computers such as fire.
Backups of the data on central servers are created in case of a disaster affecting the servers or databases held on them. They are not intended for recovering individual files or emails belonging to particular users. The backups are structured in the most efficient way for recovering complete systems or databases. This makes them unsuitable and cumbersome for recovering individual items. Individual users need to make their own backups to protect their own data from loss.
Archive, as explained above, is the storage on slower and less accessible media of data that are not
2
needed to be immediately accessible.
Data may be archived (via the backup mechanism) to help subsequently not in recovery but in monitoring, as part of the management of the service. Typically this will be logging data.
3.3. Data description
The data of ArabiaGIS changes in each moment, and to provide a reliable service data should be stored in a safe and secure place when a change occurs, but this is not possible so the policy should work on minimizing the loss.
ArabiaGIS has 2 types of data:
• Company Data: It’s divided into two sections: o Static Data: the projects, databases, reports and documents that aren’t changing a lot,
or don’t change at all. o Dynamic Data: the projects, documents, databases and reports that are in the
production phase, these documents are changed daily.
• The Hosted Sites And Databases
3.4. Storage media
Regardless of the repository model that is used, the data has to be stored on some data storage medium somewhere.
• Magnetic tape o Has long been the most commonly used o Has better capacity/price ratio when compared to hard disk, but recently the ratios for
tape and hard disk have become a lot closer. o Tape is a sequential access medium, so even though access times may be poor o The rate of continuously writing or reading data can actually be very fast.
• Hard disk o The capacity/price ratio of hard disk has been rapidly improving for many years. o The main advantages of hard disk storage are low access times, availability, capacity and
ease of use. o External disks can be connected via local interfaces like SCSI, USB, FireWire, or eSATA, or
via longer distance technologies like Ethernet, iSCSI, or Fibre Channel. o Some disk‐based backup systems, such as Virtual Tape Libraries, support data de‐
duplication which can dramatically reduce the amount of disk storage capacity consumed by daily and weekly backup data.
• Optical disc o A recordable CD can be used as a backup device.
3
o One advantage of CDs is that they can be restored on any machine with a CD‐ROM drive.
o Recordable CD's are relatively cheap. o Another common format is recordable DVD. o Low Capacity
• Solid state storage o Also known as flash memory, thumb drives, USB flash drives, CompactFlash,
SmartMedia, Memory Stick, and Secure Digital cards, etc. o Relatively costly for their low capacity, but offer excellent portability and ease‐of‐use.
• Remote backup service o Backing up via the internet to a remote location o Can protect against some worst‐case scenarios such as fire, flood, earthquake which
would destroy any backups in the immediate vicinity along with everything else. o A drawback to a remote backup service is that an internet connection is usually
substantially slower than the speed of local data storage devices, so this can be a problem for people with large amounts of data.
o It also has the risk associated with putting control of personal or sensitive data in the hands of a third party.
3.5. Data centralization
Data centralization is the most effective and common way to integrate data on a central location. Data centralization leads to data consistency, better information sharing, and saves a lot of time too.
Benefits of Data Centralization
• Data centralization software merges all data at a central location and thus provides a consistent, secure data storage location.
• Data management processes become streamlined.
• Data centralization software can allow and restrict data access of users as per the need.
• Easy data sharing and quick data access.
• Data centralization software ensures data integrity.
• Data management happens effectively.
• Improve user’s productivity and accelerated remote file access system.
• Enable centralization time sensitive real time data.
• Always keeps the database up to date.
3.6. Manipulation of data
It is frequently useful to manipulate the data being backed up to optimize the backup process. These manipulations can improve backup speed; restore speed, data security, and media usage.
4
• Compression: Various schemes can be employed to shrink the size of the source data to be stored so that uses less storage space.
• Encryption: High capacity removable storage media such as backup tapes present a data security risk if they are lost or stolen. Encrypting the data on these media can mitigate this problem, but presents new problems. First, encryption is a CPU intensive process that can slow down backup speeds. Second, once data has been encrypted, it cannot be effectively compressed and the data compression function of many tape drives is ineffective. For this reason and since redundant data makes cryptanalytic attacks easier, many encryption implementations compress the data before encrypting it. Third, the security of the encrypted backups is only as effective as the security of the key management policy.
3.7. Policy Approach
• The frequency and extent of backups must be in accordance with the importance of the information and the acceptable risk as determined by the data owner.
• The Company Data Resources backup and recovery process for each system must be documented and periodically reviewed.
• The vendor(s) providing offsite backup storage must be cleared to handle the highest level of information stored.
• Backup media must be protected in accordance with the highest sensitivity level of information stored.
• A process must be implemented to verify the success of the electronic information backup.
• Backups must be periodically tested to ensure that they are recoverable.
• Signature cards held by the offsite backup storage vendor(s) for access to backup media must be reviewed annually or when an authorized individual leaves.
• Procedures between the company and the offsite backup storage vendor(s) must be reviewed at least annually.
• Backup must have at a minimum the following identifying criteria that can be readily identified by labels system:
System name Creation Date
5
Local Server
Offsite StorageExternal HD
ArabiaGIS Desktops
Daily Backup
Weekly Backup
Access Via SourceSafe
Monthly Backup