Minimal Data Backup Policy
Reference: Supersedes: Purpose: CNS-P-BACKUP CNS existing backup policies. The purpose of this policy is to define the need for performing periodic computer system backups to ensure that mission critical administrative applications, data and archives (ADM-APPS) and AUBnet applications, users' data and archives (AUBnet-APPS) are adequately preserved and protected against data loss and destruction. Computing and Networking Services (CNS). Nabil Bukhalid, Director of CNS George Tomey, VP for Administration on: July 10, 2001 on: Pending Revision: B
Source: Approved by: Applicability: Background:
This policy applies to all units operating ADM-APPS and AUBnet-APPS and is strongly recommended for all computer users. Data can be destroyed by system malfunction or accidental or intentional means. Adequate backups will allow data to be readily recovered as necessary. The ongoing availability of university data is critical to the operation of the institution. In order to minimize any potential loss or corruption of this data, units responsible for providing and operating administrative applications need to ensure that data is adequately backed up by establishing and following an appropriate system backup procedure. THREAT SCENARIO:the following typical threat is assumed for a data backup policy as part of minimal baseline protection: Demagnetization of magnetic data media due to ageing or unsuitable environmental conditions (temperature, air moisture) Interference of magnetic data media by extraneous magnetic fields Destruction of data media by force majeure, e.g. fire or water Inadvertent deletion or overwriting of files Technical failure of storage device (head crash) Faulty data media Uncontrolled changes in stored data (loss of integrity) Deliberate deletion of files with computer-viruses etc
Each unit responsible for providing and operating a mission critical application must document and perform System Specific Data Backup (if established) or at least Minimal Data Backup on a periodic basis. Computer systems that create or update mission critical university data on a daily basis need to be backed up on a daily basis to minimize the exposure to loss of mission critical data. The unit responsible for providing and operating such systems must conduct a systematic and detailed investigation of all the influencing factors leading to the compilation of a comprehensive System Specific Data Backup Policy. System specific backup policies policy must at least fulfill the requirements of the Minimal Data Backup Policy. MINIMAL DATA BACKUP POLICY: The minimal data backup policy stipulates the following: Software: All software, whether purchased or created personally, is to be protected by at least one full backup. System data: System data are to be backed up with at least one generation per month. Application data:All application data are to be protected by means of weekly full backup using the three-generation principle. Protocol data: All protocol data are to be protected by means of a full weekly backup using the three-generation principle. Storage: All backup media must be stored in a safe and secure location extraneous to the location of the backed up systems. All weekly backup media must be stored in a fireproof safe. All software full backup and monthly backup media must be stored in an off-site backup archive storage location.
RETENTION: It may be useful to establish a hierarchy of backup cycles. For instance, a five-generation full daily backup cycle might involve retaining five sets of backups (one week, MTWTF). Then the fifth daily backup is retained for one month, as part of a weekly backup cycle and stored in a local safe. Finally, the fourth weekly backup might be retained for one year as part of a monthly backup cycle and stored in the off-site backup archive storage location. End of fiscal year and yearly archive data backup should be generated in multiple copies and each copy stored in a distinct archive storage location. In this way, the risk of catastrophic loss is minimized at a reasonable media cost.
MEDIA STORAGE: For safety backup media should be stored in a fireproof and protected location. In the case of magnetic media they should be in a case or vault that is shielded from electro-magnetic radiation. For maximum safety the archive media should be stored at a site that is remote from where the tapes are used. PERSON-IN-CHARGE: Each data backup process should have at least one primary person-in-charge and one substitute. Data backup is a critical security measure thus the relevant persons-in-charge should be committed in writing to adherence to the specific data backup (if established) or minimal data back up policies and procedures. TRAINING: All persons-in-charge of data backup should receive adequate training on the data backup process, data restoration process, media rotation, retention and storage. Regular refresher, motivation campaigns and adherence checking on data backup must be conducted. DOCUMENTATION: DOCUMENTATION: Documentation is necessary for orderly and efficient data backup and restoration. The person-in-charge of data backup should fully document the following items for each generated data backup: Date of data backup Type of data backup (incremental, full) Number of generations Responsibility for data backup Extent of data backup (files/directories) Data media on which the operational data are stored Data media on which the backup data are stored Data backup hardware and software (with version number) Data backup parameters (type of data backup etc.) Storage location of backup copies RESTORATION OF DATA: The restoration of data using data backups must be tested at irregular intervals, at least after every modification to the data backup procedure. It must at least once be proven that complete data restoration is possible (e.g. all data contained in a server must be installed on an alternative server using substitute reading equipment to the data backup writing equipment). This ensures reliable testing as to whether: Data restoration is possible The data backup procedure is practicable There is sufficient documentation of the data backup, thus allowing a substitute to carry out the data restoration if
necessary The time required for the data restoration meets the availability requirements SYSTEM SPECIFIC DATA BACKUP POLICY: The procedure to develop a system specific data backup policy and procedures is determined by a large number of factors, including the system hardware, OS, application details, volume of data, frequency of modification of the data, and requirements concerning availability. There are numerous technical possibilities of data backup. However, their selection is always determined by the aforementioned factors. For this reason, the decisive parameters of the application need to be determined first and documented clearly. Subsequently, a suitable procedure must be developed and documented. Finally, the unit management must implement the procedure. In order to ensure that the data-backup system functions correctly, the data backup policy must involve the restorability of data by means of practical exercises. The results should be listed as part of the data backup policy, and updated according to requirement. An example of a system specific data backup policy is shown in the following table of contents: Table of contents - System Specific Data Backup Policy 1. Influential factors Specifying the data to be backed up Data availability requirements Effort required for data reconstruction without data backup Data volumes Modification volumes Modification times Deadlines Confidentiality requirements Integrity requirements Knowledge and data-processing competence of users 2. Data backup a. Specifications for each backup type Type of data backup Frequency and times of data backup Number of generations Data backup medium Responsibility for data backup Storage location for backup copies Requirements concerning the data backup archive Reconstruction times for the existing data backup
3. 4. 5. 6. 7. Consequence of Non-Compliance:
system b. Determining procedures of data restoration by type c. Basic requirements for the data backup archive refresh cycles for data backup inventory listing erasing data backups destroying useless data media d. identify operational reading device document data backup policy and procedures Secure needed approvals Training and testing Implement backup policy Keep data backup policy current and document updates
Non-compliance with this policy could severely impact the operation of the institution by exposing the University to permanent loss of university data leading to loss of financial records, students' records, patients' records, research material and/or university and research funds. It may also expose the individual or the University to legal action. ADMINISTRATIVE APPLICATIONS, DATA & ARCHIVES: is the collection of data elements which are relevant to the operations, plans, or management of more than one AUB unit or are reported on or used in "official" administrative university reports. AUBnet APPLICATIONS, USERS' DATA & ARCHIVES: is the collection of users' data elements in temporary transition via AUBnet services and/or users' data elements and log files archived for read-only purpose on AUBnet servers. SYSTEM BACKUP: a documented procedure for copying applications software and data files that reside on computer disks to a portable medium (such as tape or diskette) or to a medium that is physically remote from the originating system. THREE GENERATION: There are media and storage costs associated with backups. Backup Sets do not need to be kept forever and the media is reusable. A popular media rotation plan is called Generation. Using this plan media is kept for three backup cycles. Backups are made on media called son. During each backup cycle, the generations increment; son sets become father sets, father sets become grandfather sets. The grandfather sets are rotated, reused and become son sets. BACKUP TYPES:
Full Backup: A Full Backup creates a copy of every file on a storage device. This is absolutely the most complete, comprehensive, and fool-proof type of backup . It is also the most costly in terms of effort, time and dollar output. Partial Backup: A Partial Backup creates a copy of selected files on a storage device. The user selects which files to backup and which to skip. This can be almost as comprehensive as a full backup since there are many files that have absolutely no long-term value. Files with no long-term value include temporary files and cache files; and can take up many megabytes of disk space. Incremental Backup: An Incremental Backup creates a copy of files that have changed (modified, added to, or created) since the last backup was performed. This method can be used in conjunction with full and partial backups to maximize protection and minimize cost. Differential Backup: A Differential Backup creates a copy of files that have changed (modified, added to, or created) since a specific date and time. This method is also used on conjunction with full and partial backups to maximize protection and minimize cost Streaming Backup: A Streaming Backup differs from the other types and works only in conjunction with other backup types. It does not copy files. It copies keystrokes, mouse actions, other inputs, and inter-process communications that have taken place since the most recent file backup. The reverse of a streaming backup is called Playback. Playback will perform simulations of inputs to software in order to restore files to a valid condition that is more recent than can be accomplished by restoring files. This method is rarely used in personal computers. It is almost always used in large data centers, where there is a tremendous throughput of data. Additional Information: Determining the factors influencing data backup (Addendum-1) Data backup systems (Addendum-2) Data backup disclaimer
| Home | | AUBnet Services | AUB's general disclaimer and copyright Contact webmaster Last updated on Nov. 24, 2001 -NSZ-